Drilling Information under Cyber threats - IADC Information under Cyber threats Data Acquisition, Management & Security ... Mud Logging Wireline Fracture & Stimulation Electronic Drilling

Drilling Information under Cyber threatsData Acquisition, Management & Security

Victor Vela, R&D Software Manager

3/9/2016

© 2016 Weatherford. All rights reserved.

***The following presentation is provided for information and discussion purposes only. Any views or opinions provided are those of the author and do not necessarily represent the views or opinions of Weatherford. No one should rely on any information in this presentation. Weatherford makes no warranty or representation with respect to the information or suggestions in this presentation. You assume all responsibility for any decision made based on information or suggestions in this presentation, including any drilling, well treatment, production or other financial decision.***

Disclaimer


Agenda

Plan Acquisition Security


PlanDATA


Data Plan: Methods & ProvidersProviders

Drilling, Evaluation, Completion, Production, InterventionMethods:

CommunicationWITS0, WITSML 1.3.1, WITSML 1.4.1, WITSML2.0, ETP, Static Files

Unit of Measure

Plans vs. Actual

Time Sync

Frequency of Data

How does client want data structure?

Limits and Alarms

MWD/ LWD

Other Vendors

Mud Logging

Wireline

Fracture & Stimulation

Electronic Drilling Recorder (EDR)

CPDData Hub


Data Quality Plan

Definition of Quality– Requirements must be defined, understood, and clarified– Products and services conforming to the requirements are

delivered

Data Quality Plan– Job Planning and preparation– Execution and conformance– Differences of execution and plan


Required Data


Established Standard

Include information about which of the main official versions a given mnemonic belongs to:

1. Real‐time2. Raw memory data3. Memory data (QC’ed)4. End of Well5. Final data (*)

Provide basic organizational metadata on most common data groups.MWD and ML, real‐time drilling data:

1. Wellbore2. Section3. Run


Verify Before RigProviders

Drilling, Evaluation, Completion, Production, Intervention

MWD/ LWD

Other Vendors

Mud Logging

Wireline



CPD

Weatherford

Baker Hughes

Halliburton

Schlumberger

VendorsApplications

The <dialect> Challenge


Network Infrastructure

CompanyWAN

Service CompanyWAN

DB

WWW


AcquisitionDATA:


Data Flow within Network

CompanyWAN

DB

Service CompanyWAN

DB

WWW

ProvidersDrilling, Evaluation,

Completion, Production, Intervention

MWD/ LWD

Other Vendors

Mud Logging

Wireline



CPD


Quality Assurance & Monitoring

Data Quality Plan– Job Planning and preparation– Execution and conformance– Differences of execution and plan– Key Performance Indicators

Monitoring– Execution and conformance– Key Performance Indicators tools– Infrastructure Monitoring / Notifications


Quality Assurance and Monitoring

Data Quality Plan Monitoring

Job Planning & Preparation

Execution & Conformance

Differences of Execution & Plan

Key Performance Indicators

Execution & Conformance

Key Performance Indicators Tools

Infrastructure Monitoring / Notifications


ManagementDATA


Data Management

The Applications

Data Function

Data Manager

Security Access

& Controls

Real‐Time Data Big DataHistorical

Server layer

Data base layer

Data Access Layer

Data Access Layer


Data Center Options

17

Client Network

WITSML Stream WITSML Access

Hosted Solution

Synchronized WITSML Data Base Store

WITSML Stream WITSML Access

Rig Data Center Office


Groups and Access

Engineering Management

Subject Matter Expert

Operations Management

Client Management

Monitor Data Transmission & Communication

Systems

QA / QC of Data from Servers

Operations Monitoring

Client Operations


SecurityDATA


Top Ten – Security Breach

1. Lack of cyber security awareness and training among employees2. Remote work during operations and maintenance3. Using standard IT products with known vulnerabilities in the

production environment4. A limited cyber security culture among vendors, suppliers and

contractors5. Insufficient separation of data networks6. The use of mobile devices and storage units including smartphones7. Data networks between on/offshore facilities8. Insufficient physical security of data rooms, cabinets, etc.9. Vulnerable software10. Outdated and ageing control systems in facilities


Data Security

Elements of Security that must be covered– The Network– Data on the network– Servers and systems providing the hosting service– The client machines that access the service– Recovery from disaster with any aspect of the primary store of data

– Users perception about security and the value they assign to their data


What does a Cyber Attack look like?

Increasing pipeline pressure Changing field device parameters Closing/opening motorized valves Causing a denial of service attack within an control system

Increasing/decreasing motor speed Displaying fake process diagrams and alarms to the operators’ human machine interfaces (HMI)


Top Areas of Cyber Attacks

People• Sharing Accounts/Passwords/System Sharing• Innocent breach / Deliberate breach

System Usage• Web & Social Media subscriptions• Applications

Network• Other Network connections• Back door intrusion


Users & Application Roles component

System Admino System Admin

‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ OneSync Admin

o Client Admin (users and data)o Single Point of Authority

‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ RTOC Users Power Users Service Company Data Providers

o LWD/MWDo Mud Loggero Wirelineo Secure Drilling


Application on the Network

StrongerNetwork Measures

Not Operational

Significant Change


Compromising the Network

These third‐parties typically use remote access tools to connect to the company’s network, but don’t always follow security best practices

Impact

Evil Twin Access Point

Duplicate router

Risk exposure from those devices on the corporate network other Trojan software that can access the device's network connection

Tethered smartphones used for network or Hotspot

Spying on an Unencrypted Network

Methods

1

2

3

4


Questions

Drilling Information under Cyber threats - IADC Information under Cyber threats Data Acquisition, Management & Security ... Mud Logging Wireline Fracture & Stimulation Electronic Drilling

Documents