Generic selectors
Exact matches only
Search in title
Search in content

Cybersecurity in the Age of Smart Pumps

Industry Topics

Cybersecurity in the Age of Smart Pumps

According to the “2018 State of the Water Industry Report” put out by the AWWA, the most dramatic shift in concerns regarded cybersecurity, which jumped from 26th in the rankings from the prior year to 13th for 2018. Today’s business data and computer controls are just a few of the key systems running your operation. Each of these systems is vulnerable to attacks and must be properly protected from cybersecurity threats. Most organizations have a person or department responsible for keeping these systems safe, but in many cases – including smart pumps – is it enough? 

How Does Cybersecurity Affect Pumps?

The DHS has begun to create a defense model to protect our nation’s infrastructure, including in the private sector. Increasing hyper-connectivity among systems requires that measures be taken to protect critical infrastructure from an ever-increasing cyber security threat. And they aren’t the only ones. The National Institute of Standards and Technology has identified a set of security requirements in nonfederal information systems and organizations. They include: 

  • Access control
  • Security assessment
  • Risk assessment
  • Audit and accountability
  • Awareness and training
  • Configuration management
  • Incident response
  • Identification and authentication
  • Maintenance
  • Personnel security
  • Media protection
  • Physical protection
  • System and communication protection
  • System and information integrity

AWWA’s manager of federal relations believes the threat is clear and prevalent across all sectors. He urges that all facilities make cyber security a top priority to protect their systems, not to mention the health of public in general and to protect against lost production, service interruptions, erasure of data, litigation, recovery costs, and more.

Cybersecurity for Smart Pumps in the Cloud

The industry is moving towards smart pumps and equipment operating information that are housed in the cloud. They allow users to better understand operations and maintenance activities, but there are concerns that plants aren’t necessarily adopting them the correct way. Manufacturers know this and develop pumps, analyzers, and their connected components to ensure a secure cloud. This includes consistent software updates, app security, along with the products themselves. 

New cyber security standards are coming into play to meet the demand of all sorts of operations who are looking to protect their systems. One such standard is the UL 2900 that recognizes products that go above and beyond and constantly go under re-evaluation. The FDA is also taking part in cyber security and has issued security recommendations, such as  multifactor authentication, advanced passwords, user access limits, layered authorization, and advanced breach detection procedures.

Cybersecurity for In-House Servers & End Users

Even if your system isn’t on the cloud, it can still be subject to Internet of Things and other similar attacks. The UL 2900-2-3 Outline of Investigation for Software Cybersecurity for Network-Connectable Products: Particular Requirements for Security and Life Safety Signaling Systems was developed for manufacturers, integrators, and owners to secure their in-house servers, as well as their end users.

One of the most successful ways to secure smart pumps is through penetration testing. It does not involve certification, but is an immediate solution for facilities concerned about their current state of security. Contractors can perform these tests or they can even show your staff how to perform these tests themselves. This is a useful strategy for testing the vulnerability of current pumps and systems, as well as any that may be implemented in the future. 

There are also systems that can encompass the entire operation with cyber security protections. One such option is Schneider Electric’s EcoStruxure Plant that is IIoT-enabled with an open and interoperable system architecture. In addition to providing security measures, it helps maximize process efficiency, and offers real-time control of other variables such as safety risk, reliability risk, environmental risks, and operational profitability.

Further Reading:

Webcast of the National Cybersecurity Summit

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations

2019 State of The Water Industry Report

US Federal Register:  UL 2900-1 Ed. 1 2017 


Related Articles

Related Whitepapers

Bearing assembly retrofits: Not just for overhung pumps

Reliability is a fundamental requirement for between-bearing, high-energy pumps that operate in oil and gas applications. To optimize pumping systems, design improvements and material upgrades…

How to Transfer Hazardous Chemicals

Most chemicals are either toxic, volatile, or highly corrosive and are therefore to be handled with care. Chemicals can pollute and harm the environment and…

High-Pressure Machine Tool Coolant Pumps with Superior Handling of Abrasive Fines and Metal Particles

Compact, Seal-less Pumps Reduce Costs, Improve Cutting Performance and Boost Productivity The use of high-pressure cooling for machine tool operations has increased significantly in recent…

10 Essentials for Selecting a Double Diaphragm Pump

In almost all factories you can find at least a couple of air-operated double diaphragm pumps. Not always in the heart of the process, and…


Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up for our Newsletter!

Select list(s) to subscribe to

By submitting this form, you are consenting to receive marketing emails from: Empowering Pumps & Equipment, 2205-C 7th Street, Tuscaloosa, AL, 35401, You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact