Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Cybersecurity in the Age of Smart Pumps

Industry Topics

Cybersecurity in the Age of Smart Pumps

According to the “2018 State of the Water Industry Report” put out by the AWWA, the most dramatic shift in concerns regarded cybersecurity, which jumped from 26th in the rankings from the prior year to 13th for 2018. Today’s business data and computer controls are just a few of the key systems running your operation. Each of these systems is vulnerable to attacks and must be properly protected from cybersecurity threats. Most organizations have a person or department responsible for keeping these systems safe, but in many cases – including smart pumps – is it enough? 

How Does Cybersecurity Affect Pumps?

The DHS has begun to create a defense model to protect our nation’s infrastructure, including in the private sector. Increasing hyper-connectivity among systems requires that measures be taken to protect critical infrastructure from an ever-increasing cyber security threat. And they aren’t the only ones. The National Institute of Standards and Technology has identified a set of security requirements in nonfederal information systems and organizations. They include: 

  • Access control
  • Security assessment
  • Risk assessment
  • Audit and accountability
  • Awareness and training
  • Configuration management
  • Incident response
  • Identification and authentication
  • Maintenance
  • Personnel security
  • Media protection
  • Physical protection
  • System and communication protection
  • System and information integrity

AWWA’s manager of federal relations believes the threat is clear and prevalent across all sectors. He urges that all facilities make cyber security a top priority to protect their systems, not to mention the health of public in general and to protect against lost production, service interruptions, erasure of data, litigation, recovery costs, and more.

Cybersecurity for Smart Pumps in the Cloud

The industry is moving towards smart pumps and equipment operating information that are housed in the cloud. They allow users to better understand operations and maintenance activities, but there are concerns that plants aren’t necessarily adopting them the correct way. Manufacturers know this and develop pumps, analyzers, and their connected components to ensure a secure cloud. This includes consistent software updates, app security, along with the products themselves. 

New cyber security standards are coming into play to meet the demand of all sorts of operations who are looking to protect their systems. One such standard is the UL 2900 that recognizes products that go above and beyond and constantly go under re-evaluation. The FDA is also taking part in cyber security and has issued security recommendations, such as  multifactor authentication, advanced passwords, user access limits, layered authorization, and advanced breach detection procedures.

Cybersecurity for In-House Servers & End Users

Even if your system isn’t on the cloud, it can still be subject to Internet of Things and other similar attacks. The UL 2900-2-3 Outline of Investigation for Software Cybersecurity for Network-Connectable Products: Particular Requirements for Security and Life Safety Signaling Systems was developed for manufacturers, integrators, and owners to secure their in-house servers, as well as their end users.

One of the most successful ways to secure smart pumps is through penetration testing. It does not involve certification, but is an immediate solution for facilities concerned about their current state of security. Contractors can perform these tests or they can even show your staff how to perform these tests themselves. This is a useful strategy for testing the vulnerability of current pumps and systems, as well as any that may be implemented in the future. 

There are also systems that can encompass the entire operation with cyber security protections. One such option is Schneider Electric’s EcoStruxure Plant that is IIoT-enabled with an open and interoperable system architecture. In addition to providing security measures, it helps maximize process efficiency, and offers real-time control of other variables such as safety risk, reliability risk, environmental risks, and operational profitability.

Further Reading:

Webcast of the National Cybersecurity Summit

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations

2019 State of The Water Industry Report

US Federal Register:  UL 2900-1 Ed. 1 2017 


Related Articles

Sulzer Cost effective sustainable fuel production

Cost effective sustainable fuel production

Benchmarking Market Report highlights cost-leadership of Sulzer Chemtech BioFlux Process Technology for Renewable Fuels production BioFlux® process technology for renewable fuel…

Related Whitepapers

Expansion Joint Expertise Improves Industrial Wastewater System Reliability

The majority of industries have wastewater treatment plants. Government agencies and local governments require these facilities to meet pretreatment requirements. Pretreatment rules were enacted to prevent…

How to Decrease Oil Changes with Bearing Isolators [Inforgraphic]

Learning how to decrease oil changes can be time- and money-saving. Oil life can be long if contamination is eliminated, which is easier said than…

Synchronous Machines Are The Optimal Choice For Heavy Industry

TECO-Westinghouse experience assures superior performance and reliability For over a century, Westinghouse has been the pacesetter in the design and production of electric machines for heavy…

Why FLEXXORs Are Designed Differently

J. Hilbert Anderson, President of Coupling Corporation of America, discusses some of the reasons why FLEXXORs are designed differently from all other flexible couplings, and…


Leave a Reply

Your email address will not be published. Required fields are marked *

Join the #PumpTalk Community

By submitting this form, you are consenting to receive marketing emails from: Empowering Pumps & Equipment, 2205-C 7th Street, Tuscaloosa, AL, 35401, You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact