STAR Refinery in western Turkey uses a range of the enabled services within Honeywell’s Assurance 360 (A360) framework to enhance OT asset tracking, enable regulatory compliance and improve operations. During this week’s Honeywell Users Group in Madrid, STAR’s Sedat Topcuogullari, operations technology ICS supervisor, co-presented with Musa Ozturk, Honeywell’s A360 performance manager, about how the refinery is relying on Honeywell Forge Cybersecurity Suite to manage system health, performance, maintenance and compliance.
Enabled services are being utilized by the OT team, the maintenance team, the cyber team and Honeywell’s A360 team to monitor the availability, performance, maintenance and lifecycle of the integrated control and safety systems. It continuously monitors system status in alignment with ISO 27001, extending the rigorous approach to cybersecurity and processes to ensure proactive management and protection of digital infrastructure.
Read More: Transforming Cybersecurity with Outcome-Based Solutions
“It’s fully automated,” noted Ozturk. “The system refreshes itself, so the dashboard can display what’s happening.”
The Honeywell Forge Cybersecurity Suite is a unified software system designed to simplify, strengthen and scale industrial cybersecurity in a complex OT environment, whether that’s at a single site or in a global footprint. Digital transformations for facilities like STAR Refinery’s mean connecting OT assets and enabling remote capabilities, so cybersecurity becomes fundamentally critical. From safely operating a complex ecosystem of plant control systems to avoiding non-compliance fines, a simple, centralized way to administer cybersecurity across the enterprise is needed.
The STAR infrastructure includes node agents, virtual-service-environment (VSE) service nodes and virtual-service-platform (VSP) relay nodes. “There are compliance regulations from the Digital Transformation Office of the Presidency of Turkey, energy licensing procedures and ISO 27001 standards. Endpoint security is part of the same requirements,” explained Topcuogullari. “We are constantly updating our cybersecurity.”
Honeywell Forge Cybersecurity Suite offers remote access to control OT assets in the field from a single security and operations center. Cybersecurity Suite uses a single outbound connection approach to simplify the manageability and visibility of complex OT environments. The suite complies with NIST Cybersecurity Framework, NIST SP 800-82 guidelines and, most important for STAR Refinery, international standards such as NERC CIP, ENISA, ISA/IEC 62443 and ISO 27001.
Before the A360 implementation, Honeywell had an engineer posted in the STAR facility. “It’s now automated,” explained Ozturk, so the system automatically provides the most up-to-date audits from Honeywell’s Global Technical Assistance Center (GTAC). “If Honeywell has published a new article, we are able to see directly if any asset is affected and if everything is compliant.”
Read More: Maximizing Network Safety with Holistic Cybersecurity Solutions
Honeywell and STAR Refinery are constantly working together to update key performance indicators (KPIs), such as critical incidents, non-critical incidents, maintenance reports, recent changes, plant availability, preventive-maintenance execution and operational support.
“If there’s an issue and engineers need to be assigned, it will display active alerts and details that can be assigned to team members,” explained Ozturk. “We are using the Honeywell Teams functionality to assign and track. When we finalize all the problems, we handshake with the audit team on KPIs.”