Mission Critical Solutions for a Mobile Workforce

Oil & Gas SCADA Alerts: Location-Aware, Accountable, Secure, Intelligent Notifications and Escalations

Operations CenterSCADA (Supervisory Control And Data Acquisition) implementations all over the world provide management and support of industrial controls, industrial process monitoring, infrastructure, as well as facilities. Common SCADA characteristics include a centralized system that acquires and interprets data from multiple, geographically distributed devices and systems, providing operations personnel visibility to each component as well as the overall system's health.

A single input or output value monitored by a SCADA system is commonly referred to as a tag. Tags are named and defined with event characteristics, resulting in alarms being raised when criteria is in range, out of range, thresholds are met or exceeded, or when multiple criteria are met.

Engineer Checking ValveFor the oil and gas industry, SCADA systems play an integral role with regards to safety, security, and the environment. In particular, companies typically consider their SCADA system management of upstream facilities as mission critical. While there are usually many alarms of various types, a significant number require urgent on-site attention by specialized field personnel.Oil Battery

SCADA systems have evolved over the past decade, taking advantage of more intelligent sensors and controllers, more robust computing architectures, and sophisticated applications to better analyze the data and provide operations personnel better monitoring and management capabilities. The bottom line is that many companies have made significant investments in SCADA systems, and there are many excellent SCADA installations.

However, today's SCADA systems lack accountable, effective alarm delivery to remote field personnel.

There are many SCADA alarm notification systems in place for a geographically distributed workforce. Typically, these systems use e-mail, SMS, pagers, or some combination of these options, to deliver alarm notifications to remote field forces. Some alarm delivery solutions augment these with automated voice messaging.

Inherent in each of these alarm notification methods are shortcomings at odds with the mission critical nature of the systems monitored and managed. There are four very significant problems with these notification methodologies.

First, SMS text messages, e-mails, and pager notifications can experience significant delays in delivery. And because these systems depend, in part, on third party services and infrastructure, performance improvements are outside the control of the organization operating the SCADA system. As critical events escalate and alarm notifications are sent, field responders may not be aware there is an issue to be addressed because alarm notification delivery fails. Unfortunately, it is not uncommon to hear stories of SMS and e-mail alarm notifications arriving hours and even days after a critical alarm was raised.

Second, most of these notification implementations lack accountability. Was the alarm sent, received, or acted upon? For many systems, there is no record of whether an SMS or e-mail response message was received, or if received, when. Add unexpected delivery delays to the acknowledgement message, and you have an alarm delivery system that works well some of the time but lacks the event records that document the successes and failures.

Third, no one would consider any of these traditional alarm delivery methods to be secure. Authorization, authentication, and encryption – the basic tenets of software system security – are missing or inadequate.

Fourth, none of these harness the computing capabilities of today's mobile devices to provide location-based awareness, peer collaboration, available resource visibility, and intelligent alarm escalation.

These problems are further exacerbated by wireless network unreliability in remote locations. In an industry like oil and gas, where rapid response time may save millions of dollars, avoid an environmental disaster, or prevent injury and loss of life, the usual systems for alarm notifications are not only inadequate, they are unacceptable.

At Recursion Software, we have a rich history of technical excellence in distributed computing, mobile agents, middleware, and mobile device computing. Working with one of the largest oil & gas companies in the world, we applied our expertise to develop a new, more effective alarm notification solution that addresses the needs of SCADA alarm notifications for a mobile, distributed workforce. We achieved our goal to provide an end-to-end, accountable alarm notification solution that securely and non-intrusively connects mobile field personnel with existing SCADA installations, providing greater intelligence, greater security, and greater accountability to reduce alarm response times and problem resolution intervals.

This effort identified many features and critical requirements not offered by other solutions. Significant features we have built and continue to enhance are:

Accountable Alarm Notification and Automatic Escalations: Accountable means verifiable. When was an alarm sent? When was it received? When was it acknowledged? What were the response actions? Using Voyager™, we have leveraged its underlying messaging, security, auditing, and services management capabilities to provide end-to-end visibility to all of these events.

Real-time processing of each alarm notification coupled with real-time resource availability analysis automatically triggers a rapid, appropriate notification. Ongoing vigilance by the system results in automatic escalations when expected results do not occur.

Mobile Access to SCADA Information: Field personnel can query historical tag data for the equipment or process generating the alarm to assess not only the event's urgency but to identify any additional resources needed. For example, field engineers reviewing an alarm can see a graphical representation of the tag's data to immediately understand how quickly the value has been changing to determine whether they have time to finish their task at hand, such as eating lunch!

Multiple Network Support: Our solution seamlessly supports carrier 3G/4G IP networks, or public/private Wi-Fi networks, including the planned or unplanned transition from one network type to another. When a smartphone switches network types, it switches radios, resulting in connection loss. Our solution anticipates these situations and ensures that momentary connection losses do not result in data loss.

Unreliable networks: In many remote oil fields, wireless coverage can be limited, where one moment a sufficient carrier signal is available, and just beyond the next ridge, no network can be found. While even the best mobile alarm notification software cannot make a network more reliable, our solution anticipates an unreliable network and provides adjustable time out values, caching of data, and other techniques to fine tune the solution to the unique requirements of each customer and each oil field.

Proximity-based Notification and Escalation: Utilizing smartphone geo-location capabilities, alarm notifications and escalations can use proximity to the event when selecting alarm notification recipients.

Security: Mobile device access to sensitive SCADA system information mandates special security considerations, since these devices move outside of physically secured, controlled environments and communicate over channels outside the control of the SCADA owner. An alarm notification solution should include user authentication and authorization capabilities – verifying access and access limitations – as well as data encryption on both the device and in data transmissions. Traditional alarm notification solutions relying on SMS and e-mail introduce significant security risks.

Real-time Dynamic Personnel Profile Groups: Field personnel can be dynamically grouped based on areas of expertise, shift coverage, and real-time location information, allowing alarm notifications and escalations to be automatically matched with the right personnel.

Proximity-Based Non-Critical Alarm Resolution: Non-critical alarms often do not justify a separate dispatch of field personnel and may be resolved during scheduled maintenance or ad-hoc site visits. However, using geo-location information, when a field engineer arrives at a location, pending alarms near that location can be automatically delivered to the field engineer based on proximity to devices generating the pending alarms.

Field Force Collaboration: Providing visibility to availability to other personnel based on expertise and location, the same solution Engineers Collaborating that ensures mission critical alarm notification also supports field force data sharing. Additionally, this same system allows a remote field engineer to request additional resources using expertise, availability, and location to select and dispatch the right resources.

Multi-Platform: While this type of alarm notification targets mobile devices, facilities provided to the remote mobile field personnel are also extended to the desktop environment for use by Operations Center and management personnel.

Non-Intrusive: Any solution for alarm notifications to a mobile, distributed workforce should not require any changes or additions to the existing SCADA installation. Our solution integrates with existing SCADA installations using either industry standard interfaces or vendor specific interfaces.

Alarm Specific Delay Definitions: Each tag is associated with an adjustable, defined delay time prior to an alarm moving into the notification process. This allows a monitored device or process generating a "chattering" alarm to return to a normal state without generating an alarm notification.

Hierarchical Alarm Notification Suspension: Certain events can trigger multiple downstream alarms, flooding field personnel with multiple alarm notifications. It is imperative to have hierarchical alarm notification suspension capabilities in a mobile alarm notification solution so that primary alarms are not missed, and field personnel can quickly identify the correct problems. For example, a power outage might result in a flood of alarms, all caused by the power loss. Our solution allows for definition of dependent alarms so that their notifications can be suspended temporarily, thus avoiding a flood of alarm notifications that will be resolved when a single tag's alarm state is resolved.

Mobile Device Reports: Reports available on mobile devices are needed by field personnel to review alarm history by individual alarm tags, as well as reviewing all alarms assigned to them based upon a particular date and time range.

Are you concerned with your current level of risk exposure in your SCADA alarm notification solution? Do you believe that your alarm notification system should provide greater productivity rewards?

Contact us to learn how to enhance your existing SCADA system with an intelligent alarm notification system that is secure, non-intrusive, interactive, and accountable.