Scope of the Project and Current Status
The first stage of the project called for installing Radiflow’s iSID Intrusion Detection System at one of the rigs in the cluster, with the intention to do the same in the rest of the rigs (as the project grows with multiple instances of iSID, the client will be able to monitor and manage of the entire array of iSID systems through the Radiflow iCEN Central Management Solution.)
For this project, iSID was tasked with providing full visibility into the OT network, detection of attempted attacks and access violations, management of maintenance activities and monitoring of logic changes on controllers.
In addition, the Radiflow system provides operators with tools and insights for risk assessment and mitigation, for eliminating vulnerabilities and optimizing mitigation measures.
Upon detecting anomalies, iSID would relay alerts to the company’s SCADA system using Radiflow’s OT protocols northbound interface. This enables the personnel at the operating room to be aware on any anomaly in their network or cyber and operation incidents through the SCADA system interface.
At present, iSID is fully operational at the oil rig. It has already detected vulnerabilities and misconfigured PLCs in the rig’s OT network and has issued recommendations for remediation.
The operator’s information security staff has been trained on operating iSID (at the operator’s premises).
Following a few upgrades and adjustments to the system, it is expected that the next phase of installing iSID at additional rigs will be green-lighted soon.