Case Study

Large Natural Gas Power Plant in Brazil Solves Operational Challenges with XONA OT User Access Platform

The Situation

The Porto de Sergipe plant in Brazil, like many power-generating assets worldwide, still requires a significant skilled workforce – usually more than 20 people on site – to operate and maintain the facilities. Typically, multiple operators and maintenance technicians are spread out across the plant on any given shift, communicating with each other via two-way radios (“walkie-talkies”). The operator is fixed at a console in the control room, and the maintenance technicians are roaming the site attending to equipment maintenance, repair issues and baseloaded profile challenges as they arise.

The Challenge

In recent years, there have been significant advancements in controls for operational flexibility. The challenge is to enable two levels of remote control of the Human Machine Interface (HMI) and other control room computers, further building upon the digital infrastructure. These two levels consist of:

  1. On-premise operation of the plant from a mobile device (tablet) to enable the fixed operator to also do maintenance checks
  2. Control of a facility from “off-premise” to enable the operation of multiple plants at a time

Industry: Energy

Natural Gas Power Generation

XONA Platform Deployment

XONA Key Benefits

  • Frictionless multifactor authentication (MFA) for OT operators
  • Reduced cost through operational efficiency
  • Role-based technician to system mapping
  • Secure application access for monitoring and session logging
  • Application screen recording for forensics and training
  • Visibility and control of XONA user to system access
  • NERC-CIP compliant

THE SOLUTION

The XONA OT user access platform provides the secure and compliant communication channel to the Sergipe plant control system for the mobile operator with an iPad over a local WiFi network. The on-premise operation of the plant from a mobile device enables the fixed operator to roam, allowing them to also serve the role of maintenance tech and potentially drive a50% reduction in labor costs. The control of a facility from off-premise in a centralized command center enables the operation of multiple plants at a time, leading to a reduction in the number of operators.

The XONA platform utilizes a simple User Interface (UI) in a mobile browser for efficient user authentication and authorization to the control systems. XONA combines protocol isolation, encrypted screen remoting, user-to-system monitoring, auditable connection logs, user access screen recording and hardware token-based multi-factor authentication (MFA) – all while meeting the stringent NERC-CIP and IEC compliance requirements.

THE RESULT

Increased operational efficiency for mobile operator

Power plant workers and contractors can easily and remotely access plant control room HMI and other operational technology (OT) servers from a tablet using secure, clientless, MFA browser-based authentication.

Reduction in costs with simple deployment, management and control

The power plant now has a simple, secure and cost-effective solution for visibility and control over the local plant, garnering access forensics for both cyber effectiveness and training.

Reduction of cyber risks with strong application access protection

Local access to HMI and other OT is protected with strong MFA and with no data-in-transit.

Xona Zero-Trust OT User Access Platform

Architecture with Purdue Model

 

Get a personalized demo of
Xona’s secure access solution

Discover how Xona simplifies your critical infrastructure security strategy. You’ll see how our platform delivers secure, seamless access to critical systems, protecting your infrastructure while optimizing performance and reducing overhead.

Request A Demo