Offshore Enginer Magazine Subscribe
Search Subscribe

OE17: DNV GL launches cyber security RP

DNV GL has launched a new recommended practise (RP) focusing on cyber security as the increasing digitalization of the industry poses the threat of it becoming more vulnerable, at SPE Offshore Europe. 

DNV GL says almost 68% of oil and gas companies were affected by at least one significant cyber incident in 2016, and many attacks are assumed to be undetected. 

Critical network segments in production sites, which used to be kept isolated, are now connected to networks, making operational technology (OT) more vulnerable. According to recent research, 59% believe there is greater risk in the OT than the IT environment.

Managing threats towards OT also requires knowledge beyond general information security, such as oil and gas operational domain competence, in particular related to automated, unmanned, integrated and remote operations which are accessible online. 

Following a two-year joint industry project, involving partners Shell Norge, Statoil, Woodside, Lundin, Siemens, Honeywell, ABB, Emerson and Kongsberg Maritime, DNV GL has launched a globally applicable RP, DNVGL-RP-G108, addressing how oil and gas operators, together with system integrators and vendors, can manage this emerging threat. 

The Norwegian Petroleum Safety Authority gave input from a regulatory perspective to RP Guideline for the use of IEC 62443 in the oil and gas industry. The RP is based on the IEC 62443 standard, international practice and experience, and takes into account HSE requirements and the IEC 61511 functional safety standard. 

Pål Børre Kristoffersen, JIP Project Manager, DNV GL – Oil & Gas, says: “Dealing with cyber-security challenges has become a key focus area for the oil and gas sector, and there is greater awareness of the requirements that need to be in place. But there has, until now, been a lack of guidance for the oil and gas industry on how to implement these requirements.”

The scope of the RP is guidance on how to use the IEC 62443 standard for FEED, projects and operations. It aims to reduce the risk of cyber-security incidents, achieve cost-savings for operators by reducing the resources needed to define requirements and follow up, as well as cost-savings for contractors and vendors (based on using identical requirements from operators), simplifying audits for authorities and auditors. 

North Sea Cyber Security Europe

Related Offshore News

(Credit: TotalEnergies)

Tyra Redevelopment: Gas Export Starts from Satellite Field...
Brage Platform (Credit: OKEA)

OKEA Makes FID for Brasse Field Development in North Sea

Insight

Chevron's CEO Faces Challenges of a Lifetime with Hess Bid

Chevron's CEO Faces Challenges

Video

Cellula Robotics Taps the Power of Hydrogen

Cellula Robotics Taps the Powe

Current News

ABL Gets Neptun Deep Job for OMV Petrom in Black Sea

ABL Gets Neptun Deep Job for O

Petrobras and China’s CNCEC to Collaborate on Oil and Gas, Renewables

Petrobras and China’s CNCEC to

Norway Clears TGS and PGS Merger

Norway Clears TGS and PGS Merg

Full Capacity Operations at Tyra II Gas Development Up for Potential Delays

Full Capacity Operations at Ty

Subscribe for OE Digital E‑News

Offshore Engineer Magazine