To ensure consistent work for the oil & gas industry, IoT gateways are more important ever than before. According to different system configurations and hardware and software integration, they optimize cybersecurity and facility management by various data. To deploy the most suitable gateway at different OT levels, users should consider the size, performance and I/O. In general, the closer to the field site and the edge, the smaller the gateway size should be considered, considering the constraint space in the working area. On the other hand, the edge gateways with higher performance and richer I/O integrate multiple data sources from the edge and then process and display via a human-machine interface or transmit to the enterprise IT level.
As one of the leaders in IPC, Axiomtek has been releasing purpose-built OT gateways to speed up the deployment for our customers. The I/O on the system is based on a modular design which provides more flexible choices. Moreover, the systems support DigiHub TMS (Terminal Management System) for remote device management.
ICO120-E3350
DIN-rail Fanless Embedded System with Intel® Celeron® Processor N3350, COM/CAN/DIO, 2 LAN, and 2 USB
ICO330
DIN-rail Fanless Embedded System with Intel Atom® x6212RE or x6414RE Processor, 3 LAN, Isolated COM and DIO
ICO520
DIN-rail Fanless Embedded System with 12th Gen Intel® Core™ i7/i5/i3 & Celeron® Processor, 4 LAN, 1 HDMI, 1 DisplayPort, Isolated COM and DIO
Field site data aggregation from sensors and controls for process optimization
In the field site of the oil & gas industry, due to the hazardous environment, the systems need to be placed in a cabinet to ensure the operation. So, the size of the system must be small, but the systems have to possess basic I/O for different communication protocols to receive digital or analog signals from the field site devices. At this stage, it is the first step to optimize the overall automation process by filtering, processing, and aggregating data and converting protocols. What is more, a reliable gateway helps the control systems to send control commands to adjust the productions. For example, as the gateway receives the data and finds the oil production is not as expected, it accelerates the pumps.
The smallest gateway Axiomtek has is the ICO120-E3550, which is just 0.3kg and has a wide operating temperature from -40°C to +70°C. The platform is based on the Intel® Celeron® processor N3350. The compact size enables easy and fast installation to collect data from the field devices. To support different communication protocols for data aggregation and send control commands, the small platform provides two DB9 ports that users can select among COM, CAN and DIO for the most suited combination. To transmit data to the control level, it provides two LAN ports.
If there are higher demands for transmission speed and I/O, the ICO330 provides three 2.5G LAN ports to support more networking topologies. Powered by the Intel Atom® x6212RE or x6414RE processor and featuring rich and isolated I/O, it is purpose-built to plug and play in the OT field site. To fit in any kind of field site environment, the ICO300 takes a modular design to provide a full type or slim type system. This system also provides various storage options such as SATA, mSATA and NVMe. The extension interface allows it to support wireless connections such as 5G, 4G LTE and WiFi.
Data aggregation for real-time management
As the raw data is processed, generally, the higher up the OT hierarchy the gateway is installed, the more computing power it will need to handle larger volumes of data and perform more complex data processing and analyzing tasks, like reporting in a dashboard or updating to the cloud for more advanced analysis. The gateway at this higher level not only monitors the operating status but also functions for diagnosis. In the oil & gas industry, the data on production, drilling, reservoir and transportation are all critical to the overall operation. The decision-makers can leverage the real-time aggregated data to reach the best efficiency.
For this purpose, the ICO520 based on the 12th Gen Intel® Core™ processor, brings high performance to the edge to accomplish remote data management and device monitoring. To expedite system integration in OT, the purpose-built design includes isolated COM and DIO. Also, it supports a wide operating temperature range from -40°C to +70°C and cold boot at -40°C. What’s more, the modular design makes the I/O flexible. In addition to four 2.5G LAN and COM ports, the two full-size PCIe Mini Card slots and one M.2 Key B slot enable wireless connections such as 5G, 4G LTE, and WiFi. The three storage options include a 2.5-inch SATA Drive, mSATA, and NVMe.
Standing between the IT and OT for cybersecurity
As oil and natural gas are crucial resources for daily life, the facilities are prone to be the targets for hackers to carry out different forms of cyber extortion for a great amount of ransom. More than that, the cyber systems of the industry are usually outdated and easy to be exposed. The halt of work causes panic and inconvenience for ordinary people. Therefore, to prevent tremendous loss and damage, cybersecurity is especially relevant regarding gateway deployment.
Axiomtek provides a purpose-built DIN-rail cybersecurity gateway, the iNA200, which is recommended to be deployed between OT and IT to set up a barrier to filter abnormal packets and run applications such as a firewall or VPN.
The iNA200 serves multiple network interfaces for different speed demands. Based on the Intel Atom® x6212RE/x6414RE processor and DDR4 memory, the iNA200 ensures non-stop working capability in terms of data and network, with power redundancy, LAN Bypass and TSN function. Also, it supports a variety of network interfaces including two 2.5G LANs, two GbE LANs and two 1G SFP ports to meet the needs in terms of bandwidth. It has two COM ports to receive data as well.
With endpoint sensors, users can investigate and search for advanced threats through the scanning of Indicators of Compromise (IOC) and tracking of Indicators of Attack (IOA). In addition, the cause analysis helps users understand the complete attack process.