View-Master brings Focus!

Remember the View-Master™?     

Now it’s back!!  PAS is proud to reintroduce the View-Master, complete with a Super IntegrityMan reel.

Check out how our hero helps Joe Thomas, a control systems engineer, more effectively manage his automation system and connected applications.

I won’t give away the story line here – you can request a free View-Master for yourself to do that.

But I will tell you that the engineer gets promoted for increasing plant safety, improving cybersecurity and overall effectiveness of plant staff.

All this just by using the Integrity software at his plant to better manage his automation assets.

Shouldn’t you be using Integrity too?

And, if you have any doubts, check out the View-Master’s pedigree – this is back from 1947:

© Copyright PAS 2006.  No part of this blog is to be copied in full or in part without the express written permission of PAS; but references and web links are more than OK!  Credit for the Viewmaster graphics goes to Mary Ann Sell, as these come from her personal collection.

Focus brings results!

This past weekend, my wife and I packed into a Mini Cooper and drove from Houston to Phoenix.

Now, this is not my normal way of doing my 100,000 mile commute, but it did give us some serious quality time to talk. 

One thousand, two hundred and ten miles (1,936 km) of talk time, to be exact. 

And since we live apart all week, the extra talk time was a bonus for us.  A time to catch up, plan and strategize as a husband-and-wife team.

So why bring this up here?

Because I’m a firm believer that focus brings results.

My wife and I planned, prepared and focused on driving to Phoenix.  And, as a result, we successfully made the drive in two segments totaling about 19 hours (that’s a 64mph average for those who want to know).

The same looks to be true for PAS.

At the company, we planned, prepared and focused on a +52% growth goal for 2006.

With the first 9 months almost behind us, it’s a good time to assess our progress – and it looks good!

The general consensus among the sales and management team is that we will exceed our 52% target – and we will do so by meeting or exceeding our initial targets for most business areas.

This is good news.

And the news is ESPECIALLY GOOD for our Alarm Management business, where The Book and The Workshops put us on track to even exceed the aggressive goals we set for that business area by additional 60%.

Our next objective is now obvious… to achieve that same level of plan-beating success for all business areas.

Focus has brought and will continue to bring results.

Stay tuned!

© Copyright PAS 2006.  No part of this blog is to be copied in full or in part without the express written permission of PAS; but references and web links are more than OK!

Big-Scale Savings

Integrity is making its mark.

Yesterday, we announced the successful completion of the Integrity software for the integrated management of over 100 automation assets at one of the world’s largest oil and chemical complexes, operated by SK in South Korea.

Read the press release.

The staff at SK certainly had their hands full prior to the implementation of Integrity at their massive plant site.

Imagine what kind of integration nightmares they may have had in keeping all the automation systems, databases and advanced applications consistent, and the sheer number of automation professionals and application engineers involved.

Just keeping up with changes made was an enormous task in and of itself.

But not anymore!

Today, any of SK’s technical staff can log in and pull up a web-based view of all 120+ automation assets to review the flow of real-time data across the entire plant, all inter-dependencies, changes made that may impact their area of responsibility and more.

Integrity typically saves 20-40% of a control engineer’s time.

And in this case, that means a significant number of engineers can now turn their attention to optimization of actual operations, not just keeping up with changes or producing documentation!

An impact that will certainly be seen at the bottom line.

© Copyright PAS 2006.  No part of this blog is to be copied in full or in part without the express written permission of PAS; but references and web links are more than OK!

CyberSecurity Reactions

Earlier this week, our esteemed Founder and CEO participated on the panel of  experts at the NPRA CyberSecurity conference.  This was the first event of its kind hosted by the NPRA for the petroleum, petrochemical and chemical industries.

What we learned there validated our thinking.

The focus today by all the other vendors is on intrusion prevention.  They think it’s all about detecting the hacker. 

But that’s just part of the story.

Intrusion prevention does nothing about how to figure out what the hacker did or how to recover.

I guess it’s like buying your dream house and then finding out that the place needs maintenance and costs more than you can really afford.

There’s great joy on signing the deed, but then big headaches as you try to figure out what work needs to be done and even more problems in figuring out how to pay for it. 

All this after the initial signing party on catching such a deal.

Prudence suggests that we think beyond just noticing that the hacker came to visit.  We need to be prepared to assess the damage and implement a recovery plan.

But maybe the IT folks focused on CyberSecurity think that isn’t their problem – they’ll just leave those nasty post-detection tasks to the control guys.  After all, IT is now the hero for keeping the bad guys out, aren’t they?

Now try asking the average control engineer how they get these nasty post-detection tasks done… After all, hasn’t IT told them everything they need to know?

The first issue is finding out what was impacted.

Ask the control engineer what tools he/she has to scan for unauthorized changes across all the automation infrastructure – from the PLC & DCS to real-time database and advanced apps.  You’ll almost certainly get a blank look… 

And when you probe further to find out what kind of backups he/she has for the automation assets at the plant, you’ll probably find out that the backups date from 1-6 months ago.

Ouch!  That makes for a pretty tough recovery process.  Especially if any sort of regular maintenance or upgrade work has been going on…

Now I don’t want to pick on control engineers (I used to be one), but the truth is that there is generally a pretty lax approach to automation system backups.  (Lots of our friends found this out the hard way after Hurricanes Katrina or Rita.)

So a good solution would be to implement an automatic backup for all automation assets, and sprinkle in some multi-platform change tracking?? 

That would surely help solve the problem…

Some call that CyberSecurity Parts 2 & 3 – the “other” (more important?) part of the problem.

We call it Integrity. 

Don’t operate you plant without it.

© Copyright PAS 2006.  No part of this blog is to be copied in full or in part without the express written permission of PAS; but references and web links are more than OK!

CyberSecurity Parts 2 & 3

CyberSecurity Part 1 = Intrusion Detection

CyberSecurity Part 2 = Damage Assessment

CyberSecurity Part 3 = Recovery & Restoration

When you mention CyberSecurity to others in the industry today, everyone immediately thinks about what I call CyberSecurity Part 1: Intrusion Detection.

First, let’s agree that everyone knows that process control systems are vulnerable – having been designed for performance in real-time, their biggest protection until recently has been their use of proprietary operating systems and vendor-specific command languages. As a hacker, you really needed to know the specifics of a control system in order to attack it.

These days, though, the major vendors have almost all moved to use PC- and Windows-based operating systems as their platform of choice. Suddenly, the hackers know as much or more than the vendor experts about the underlying structures and the tables are turned.

Government organizations – like the United States Computer Emergency Readiness Team – and others all pretty much agree that CyberSecurity is a big issue for the safe and continued operation of the world’s process and manufacturing facilities.

 

But they all only focus on CyberSecurity Part 1: Intrusion Detection – check out  www.us-cert.gov/control_systems/cstraining.html to see what I mean.

At PAS, we’re focused on CyberSecurity Parts 2 & 3, because we believe that it is NOT ENOUGH to know that you’ve been attacked by a hacker, but to also know what changed and how to recover.

The PAS Integrity software is the world’s premier and only solution addressing the Damage Assessment and Recovery & Restoration aspects of a CyberAttack.

Without Integrity, users are left to manually search across the various automation assets to figure out what changed and from what backup (if any exists) to restore the configuration. 

That type of manual find-and-restore operation is time-consuming and labor-intensive – meaning it may cost unnecessary days or hours of plant down-time while you search system records. Even then, it only works for simple one-time hackers who crack in, break something and leave.

But manual find-and-restore operations are almost completely ineffective for the more sophisticated hacker.

The advanced hacker may break into your systems multiple times over a longer period of time to lay his seeds of destruction.  While this sounds too-sophisticated-to-be-true, stop and think about how disgruntled employees might set about to do their damage. 

A simple restore from the last backup is insufficient to discover what changed or how to restore it.

And here is where the Integrity software from PAS shines – tracking all changes across all automation assets over time by any source – user or intruder.  Damage Assessment is just a web report away.

Add to this the long-term historical configuration record of every automation asset in the plant, and now you have the basis for a complete and correct Recovery and Restoration effort.

If you haven’t yet put a CyberSecurity policy in place, now is the time to do that.

But don’t stop at Intrusion Detection or your only report to plant management will be that you caught and stopped the attack.

And when asked about how widespread the attack was, over what period of time it took place, what was affected and how you plan to restore normal operations….

well, let’s just say that you’d rather not be in that position.

Integrity. 

Because your plant and your company need it.

Your next step:  attend a new or recorded webinar and learn more to protect your plant, your career and maybe even your life!

© Copyright PAS 2006.  No part of this blog is to be copied in full or in part without the express written permission of PAS; but references and web links are more than OK!

Knowledge Transfer: Diet Coke & Mentos

Today, knowledge travels at the speed of light.  Information moves across the internet faster than any of the “old” media ever could.

As an example, check out the Diet Coke and Mentos trick – in the last few months, more how-to knowledge and see-me-do-it information has been shared on the internet than perhaps any other experiment.

If you haven’t seen how a few mentos can transform a 2-liter bottle of diet soda into a geyser spewing high into the air, then you’re missing out what every teenager already knows.

To catch up on this, check out any of these links:

Soda eruption in the bathroom

Restaurant back room fun

100+ bottle diet coke symphony

Diet-coke house-jumping rocket

How to make a diet coke rocket

The science behind it

On a more serious note, the science and the approach to knowledge management in the processing and manufacturing industries must change tremendously too, especially in the next few years.

As senior operations staff near retirement, and as staffing headcount continues to be reduced in the plant, knowledge transfer and knowledge management becomes a very serious issue. 

Both for customers and PAS.

At PAS, our web-based Integrity software represents the state of the art for knowledge management and transfer for the automation assets and embedded intellectual property in our customers’ plants.

Our customers spend millions, if not billions, on installing, configuring and maintaining automation assets – and other than the Integrity software, there are only point solutions for managing configuration information, inter-connectivity, data flow, and embedded intellectual property.

So when all those more senior people retire, who’s going to know how things work??

And that’s the exact problem we’re trying to address with Integrity.  Click here to read more in another posting…

It’s amazing that knowledge management hasn’t become a bigger issue sooner…

Finally, be sure not to eat mentos after chugging diet coke…you can already imagine what happens, but if you don’t believe it, then click here (at your own risk).

Anyway, real coke gets rid of the kidney stones, not that diet stuff….

© Copyright PAS 2006.  No part of this blog is to be copied in full or in part without the express written permission of PAS; but references and web links are more than OK!