Eddie Habibi, founder and Chairman of PAS, and I had lunch last week at HUG and we talked about this forthcoming product.
The big problem about handling knowledge management, safety management, risk management and providing adequate documentation, skills and training to operations and maintenance staff is all the bloody paperwork. That's why there is a skillset and a domain called Management of Change (MOC). From what I've been able to learn, MOC systems are better in concept than in use. Sometimes it takes more MOC than it does to just do whatever it is that you are trying to do-- and of course, when we can "just do it" and go back to real work, the temptation is overwhelming.
And, of course, inaccurate MOC is a large potential cause of system insecurity. I don't know if PAS' iMOC could have detected the Stuxnet intrusions, as Eddie told me last week, but it sure is a step in the right direction.
So, read the press release for yourselves:
PAS Releases an Intelligent Management of Change Solution for Automation Systems
Integrity iMOC detects inadvertent and unapproved automation configuration changes to fortify control system security and safety
Houston, TX – June 21, 2011 – PAS, a leading supplier of human reliability software and services to the power and processing industries worldwide, today announced the release of Integrity iMOC, the next evolution in electronic Management of Change (MOC) software. Integrity iMOC ensures that all changes made to a plant’s automation systems are detected and reconciled with specific management of change cases.
While most countries have regulations governing management of change for such things as process chemicals, equipment, documents, facilities, and procedures, few have specified requirements for management of change for automation systems. As a general rule, if an automation change affects other items that clearly require change management, then a rigorous MOC process is to be followed. However, critical changes are often made to automation systems with no record of whether they were approved or not, leaving the systems vulnerable as these undocumented changes carry the potential to be destructive. Only by ensuring that all configuration changes (except for the most fundamental changes required to operate the plant, such as setpoints, outputs, and control modes) are included in the MOC process and reconciled against outstanding MOC cases, can companies be certain their automation systems are secure.
“Undocumented and unapproved changes to automation systems have been identified as contributing factors in a number of process industry incidents and accidents.” said PAS President Chris Lyden. “With the advent of new viruses that affect the interaction of controls with the process, ensuring that all automation configuration changes are detected and reconciled with MOC cases is an essential element of control system security.”
Integrity iMOC provides a graphical environment for the definition of MOC workflows, which includes describing each state within the workflows, as well as the checklists and required transitions for the states. As an Integrity-enabled application, iMOC takes full advantage of the capabilities of PAS’ Integrity ™ software, which maps the configuration of more than 50 different automation systems and tracks all changes to them. Additionally, it reduces the time required for engineers to acquire design information, since it automatically identifies all links and interdependencies for any automation entity under change management.
As part of the installation services for Integrity iMOC, PAS can integrate it with a plant’s existing MOC system, configuring it to act as a subordinate to that system. PAS can also implement an S95-compliant plant asset hierarchy to link MOC cases to specific parts of the plant as is often done in general MOC systems.