Established in 2015, Australian Terminal Operations Management (ATOM) runs fuel terminals on behalf of its customers. Across their 17 Australian terminals, ATOM operates two technology environments: a corporate information technology (IT) environment and an operational technology (OT) environment including process control networks.
Rhys Long, IT Manager, ATOM has a portfolio that comprises wide-area networks, Cloud infrastructure that support both the Corporate and OT environments, end user devices and other technologies, while also looking after overarching IT & OT network cyber security governance and policy.
ATOM inherited an OT network, spread across 4 sites around Brisbane to manage the delivery of fuel and petroleum products – including a pipeline, pumping system, storage facilities, tank distribution and multiple control rooms. Of the 4 sites, 2 were un-manned facilities, operated remotely from control rooms.
The legacy OT network design of the 4 sites was complex and difficult to maintain – particularly for remote administration at the 2 un-manned facilities, where technicians had to physically visit to resolve problems if they occurred. In addition, the network needed to be refreshed and maintained to improve its backup network and WAN system which had reached end of vendor support.
ATOM knew the OT network was critical to its safe and efficient management and, with the help of Denver, identified a range of benefits of securely connecting its process control systems to its corporate network to enable remote access and minimising cyber-threat risks.
ATOM undertook an OT Network Refresh and Cyber Security Project on a Pipeline Telemetry System to:
* Build real-time interfaces with customer systems
* Improve the business’s security posture
* Enhance productivity and efficiency
Denver led the deployment of a new OT network and infrastructure to provide a more efficient, cost effective, secure and maintainable IT/OT environment for ATOM.
Denver provided OT Project Management, OT Cyber Security, OT network architecture along with OT network deployment expertise whilst managing other key stakeholders – primarily, the SCADA and Process Automation Systems (PAS) provider and the WAN link telecommunication provider.
In conjunction with these stakeholders, Denver developed and executed a design that simplified, secured, and enhanced the supportability of ATOM’s distributed OT infrastructure. This included:
This allowed for:
The existing OT network needed to remain operational during the project, so a new side-by-side OT network was deployed and full testing of the WAN, Firewall and OT Application connectivity was undertaken before attempting to migrate the live control systems. Migration of the production control systems to the new OT infrastructure was undertaken during a series of scheduled maintenance windows with one control system at a time being moved across at all sites and validated prior to the next being migrated – ensuring pipeline operation continuation was possible, post maintenance window.Denver’s strong Operational Technology skills and in-depth industry knowledge helped ensure a smooth implementation.
“The Denver team got the balance right between our ‘fit for purpose’ philosophy and ‘gold plating’ the project. When we work with Denver, there is always an element of flexibility,” says Rhys Long. “Our methodologies vary between sites and they can accommodate our requirements in each case.”
Denver is complying with ATOM’s customer’s security and risk policies, enabling ATOM to implement real-time interfaces between the two business’s systems. It has also delivered remote access to process control networks, enabling team members to troubleshoot and provide support remotely, improving productivity and minimising disruption to personal lives.
“We’ve made huge inroads from a business perspective mitigating cyber security risk with policy and governance and from a technical perspective, the solutions we’ve implemented and the changes we’ve made, better strengthen our security posture,” Long says.
Today, ATOM is achieving as close to 24 hour day, seven day a week, 365 day a year availability as possible, minimising the risk of losing system access. With Denver’s assistance, ATOM continues to mature and strengthen its cyber-security approach.
Denver Service Offering in IT/OT Network Capabilities
As IT/OT environments converge, Denver's technical and business experience within industry and between the multiple IT & OT layers has delivered value across our client base. In this IT & OT Network Capability Diagram, we give an overview of IT/OT convergence areas - where we work, partner and areas of exclusion.Learn more ›
Denver Merges OT Infrastructure for Iron Ore Miner
One of Australia’s premier miners is working with Denver to deliver cutting edge operations and merge its corporate and OT infrastructure for processing, as part of an essential upgrade to their Process Control System (PCS).Learn more ›
The Critical Need for Secure PCN in Mining, Oil & Gas
Process Control Networks are complex in design and implementation because they integrate with a range of corporate and industrial components. PCN's perform sensitive and vital tasks for managing and handling critical infrastructure. It’s imperative to implement security in these systems because they are targets for cyber-attacks.Learn more ›