Saudi Aramco Review

OTN Systems builds secure multi-service networks

The company, which has a proven track record of reliability in oil and gas applications with installations in the desert, on offshore platforms and in other harsh environments, has developed dedicated networking solutions for the sector

OIL and gas installations have specific networking requirements. To fully support these demanding applications, OTN Systems offers dedicated networking solutions with an extremely high level of reliability and security.

Depending on the type of oil and gas installation (pipeline, refinery, field development, offshore operations), the area can stretch from just a few kilometres (km) up to more than 1,000 km.  Due to the fact that the physical topology is stretched and that all communications fibres run through one or two fibre optic cables, the optimal logical network topology for the backbone is a redundant ring. The OTN network can easily accommodate more than 100 network nodes in a single redundant ring. For larger installations different rings can easily be coupled.

The most important applications are of course Scada (supervisory control and data acquisition), ESD (emergency shut down) and DCS (distributed control system), which control and monitor the pipeline processes. For safety and emergency the fire and gas system is also among the most important applications. Furthermore, telephony services and public address (PA) can be provided by means of VoIP (voice over IP). The same network can also be used to provide corporate LAN (local area network) access or wireless access to users and devices in the field.

For remote surveillance and access control of the sites IP video cameras are added, which can be monitored in real time or recorded centrally to document incidents.

Applications supporting power over Ethernet such as VoIP phones, IP CCTV cameras or wireless access points, can be powered via OTN’s PoE+ (Power Over Ethernet Plus) ports (IEEE 802.3at). Remote locations away from the main line can be accessed over optical fibre via GbE (Gigabit Ethernet) SFP modules which can be installed in the node’s combo ports. Depending on the available fibre layout this access network can be a star or a redundant Ethernet ring.

When combining different applications on a single network, OTN takes care that there is no mutual interference between applications. Traditionally, VLANs (virtual LANs) have been used to make a logical separation between application subnet works. However, these VLANs don’t guarantee bandwidth availability. That’s why OTN Systems introduced the SLAN concept (segmented LAN), which reserves a dedicated amount of bandwidth (hard QoS) for each traffic engineered VLAN.

The OTN network uses timeslots to provide a guaranteed amount of bandwidth (SLAN) to each application, which makes the network deterministic. The OTN network management system dedicates a specific and configurable amount of bandwidth to every individual service. The huge advantage of this is that the bandwidth is always available for the application and that there’s no bandwidth contention between the different applications.

This also means that OTN can guarantee that adding a new application to the network will have no impact on the performance of the Scada system, which simplifies network planning and reduces project risk.

OTN networks are available with a bandwidth of up to 10 Gbps, which easily matches or exceeds the bandwidth requirements in modern oil and gas operations. This high capacity also allows the creation of multiple independent Gigabit Ethernet sub networks (SLANs) on a single OTN backbone.

OTN has a proven track record of high reliability and availability in oil and gas applications with installations in the desert, on offshore platforms and in other harsh environments. The main system components can be equipped redundantly to maximise system availability.

OTN network protection switching in case of cable breaks or equipment failure is based on hardware (L1) instead of RSTP/MSTP (L2) or routing protocols (L3), which makes protection switching extremely fast (50 ms) even for networks exceeding 100 nodes and 1,000 km of fibre cable.

For secondary redundancy (in case all fibre links are broken) back-up links over a public network, radio or satellite link can be used by means of MSTP or the embedded OSPF routing protocol. The redundancy features of OTN guarantee a high availability which allows SIL3 certification.

The main operational cost would be the cost of network unavailability, which is avoided by the industrial design and network reliability of OTN as described above.

Pipelines are often installed in inhospitable terrain and remote areas, which makes it expensive to go on site. That’s why OTN has an “install and forget” approach. The centralised network management system allows monitoring, event logging and GUI (graphical user interface) based configuration of the complete network, including occasional remote firmware updates.

As the OTN network is deterministic and the full configuration database can be prepared off-line, OTN reduces both time and project risk during the planning and commissioning phase.

As pipelines and oil and gas installations are crucial for the energy supply, they are considered to be critical infrastructures. Therefore, the protection of these installations is of the utmost importance. Not only should the physical security be considered, which can be increased by access control, CCTV, fibre sensing or other technologies; but also the cyber security aspect must not be neglected.

As more applications are automated and controlled remotely, the network plays a vital role in the operations. By design OTN networks have some unique features that provide excellent resistance against hackers.

First of all, it is virtually impossible to intercept or “sniff” the data that are transferred between the OTN nodes over the optical fibre. This means that the long distance transmission of the data is secure and confidential. Because of the fact that OTN keeps all applications separated on the backbone, it is also impossible for a hacker who has access to one part of the network to gain access to other parts of the network.

Furthermore, the OTN network management data is carried in a separate channel, which is completely isolated from the application user data. So it’s impossible to modify or disturb the OTN network settings by gaining access to an application interface port. These unique features give OTN an additional level of security compared to traditional networking products.

The OTN networks are configured and monitored via a user friendly graphical user interface which gives a clear overview of the network topology and alarm states. The OTN Management System (OMS) allows configuration of all the hardware components in the network.

The OMS is also used to set up connections between application ports and to allocate a dedicated amount of bandwidth to each of these connections. In this way OTN provides Connection Oriented Ethernet, which is a huge advantage over the traditional “connectionless” any-to-any Ethernet networks when considering network management, resource planning and network predictability.

The above topics outline the main advantages that OTN brings when it comes to the transport of Ethernet and IP applications in a reliable and deterministic way. However, often not all applications are Ethernet or IP based. Some applications are simply not available with an Ethernet interface, for other devices the IP capable version is more expensive.

And then there is a lot of existing equipment in the field that is too costly and cumbersome to replace. Here, OTN offers a unique advantage because it also provides modular nodes which can be equipped with dedicated interface cards to support analog voice, serial data or analogue video applications directly, without the need for external convertors or codecs.

The addition of the new N50 and N70 industrial Ethernet backbone nodes to the OTN product family is an answer to the increasing use of Ethernet and IP capable devices in the oil and gas industry. They provide the ideal solution to transport multiple Ethernet and IP based applications in a reliable and easy way.

In combination with the existing OTN nodes which additionally provide interfaces for non-Ethernet applications, this provides a unique multi service networking portfolio for critical pipeline applications.

Link for the graphs:

More Stories