Intrinsically Safe Isolation Station (ISIS)
According to the situation that most production control networks exist serious disfigurement, Beijing OptimiPro Control Tech Co.,Ltd. developed a new tech called “Intrinsically Safe Data Transfer and Isolation”(ISIS) technology which adapts the principle of “photographic data transfer technology” to transfer data from DCS of production control network to data base in management network while guaranteeing physical isolation between the two networks, so as to realize intrinsically safe of the production control network.
ISIS overcomes the disfigurement of hysteretic nature of traditional network safe technology, realize physical isolation between production network and management network, solve the unsafe problem of data transfer in long distance, provide a new guarantee to the safety of production network, and therefore will bring a revolution in the field of production network safety.
Part of customers
Due to the remarkable result, Beijing OptimiPro Control Tech Co.,Ltd. has applied its technology and products into many domestic petrochemical plants, and established cooperative relationship for a long period. The following table lists parts of customers and units or products in use, and more projects are under constructions.
Name of customers
Unit or products in Use
Fushun Branch, CNPC
Qingdao Branch, SINOPEC
Qingdao Branch, SINOPEC
Shijiazhuang Branch, SINOPEC
Baling Branch, SINOPEC
Jinling Branch, SINOPEC
Qingdao Branch, SINOPEC
Series of products
The company has two series and dozen varieties of products of Dynamic Correlation Integration Optimizer ( DCIO) and Intrinsically Safe Isolation Station (ISIS) in the fields of advanced process control and network safety.
Safety Data Transfer between production control network and management network
Safety Data Transfer between production control network and management network
To prevent DCS System from Affected by Virus and Hacker’s Attack A Complete Solution for Safe Production
--DCS Isolation Station of Intrinsic Safety
Potential Safety Hazards
·DCS Systems of Most Plants Are Threaten by Virus and Hacker’s Attack
Computer controlled production process (DCS-Distributed Control System) is now popular in petrochemical industry, which, however, is connected to real-time database and office network of the plant. Hundreds of computers are connected in the network that DCS also is connected to, so DCS may be affected through the computer network once one of these computers is affected by virus.
·Existing Issues and Potential Safety Hazards of Process Control System
1.An obvious issue of conventional data acquisition and monitoring system is that process
control computers are physically linked with LAN(Local Area Network);
2.Conventional data acquisition and monitoring system may enable process control computer to
be infected by virus from the office management network or attacked by Hacker's;
3.Although there are anti-virus software and firewall, process control computer is not absolutely
safe and unpredictable consequences may be caused.
·DCS Infected by Virus will Have Serious Implications for Production Safety
Unlike normal office and home computers, DCS, once infected by virus, will have serious implications
for production safety and may cause emergent shutdown or even explosion, which may result in tens of
millions of dollars worth of damage. For examples:
◆Testifying before the US House of Representatives in 2005, a director from the Sandia National Laboratories said that a Trojan program was deliberately inserted into Supervisory Control and Data Acquisition (SCADA) system and triggered wrong actions of valves and compressors, which therefore resulted in a huge explosion of Trans-Siberian oil pipe. According to the Washington Post, this explosion was the most monumental non-nuclear exposition watching from space, estimated at the equivalent of 3000 tons of TNT. (In contrast, 9-11 explosions of US World Trade Center were about 100 tons of TNT).
◆Tom Donahue, a CIA senior analyst, said that foreign hackers controlled electric equipment of the US by way of internet in 2008 and demanded money. They then powered off the lighting of multiple cities and finally cut off the power supply.
◆Virus of Stuxnet Aiming at Industrial Control System Stuxnet is the first destructive virus aiming at industrial control system in the world. It can be spread through U disk and LAN. When this computer worm infects industrial equipment, it comes into sleeping mode till specific conditions are satisfied. Then it will maliciously modify the control system and its control parameters and send instructions to other relevant control systems. For example, once the temperature reaches a specific level, the Stuxnet may disturb action of cooling system through various methods. Eugene Kaspersky, founder and CEO of Kaspersky Lab said “I believe that this is an epoch-making turning point because from now on we have entered into a new era. The network attack in the past was only launched by network criminals, but now we are in an era of network terrorism, network weapon and network war.”
◆Testifying before US Senate in 2009, Joseph Weiss, a control system security expert, said that the
industrial control system based on network had been breached more than 125 times in the past decade
involving nuclear power plants, hydraulic plants, water utilities, petroleum industry and agribusiness.
These attacks had caused significant environmental damages, significant equipment damages and
·New Computer Viruses Emerge Endlessly. Up to 8201 New Viruses per Day Emerged in 2009
According to the investigation and analysis report on virus, issued on Feb. 2010 by Network Security
Bureau of the Ministry of Public Security of China, new virus retrofits quickly. The production of virus has
become mechanical and automatic and the number of new virus has increased sharply.
In 2009, 2,993,479 new viruses were found, nearly 8201 new viruses per day.
·Available Anti-Virus Measures are Lagging Behind the Arising of New Viruses and Unable to Prevent DCS from being Infected by Virus Fundamentally
Available anti-virus measures, in terms of mechanism of making, are lagging behind the generating of
viruses in time. Current anti-virus making process is that after a new virus arises in the network,
anti-virus company then samples and analyzes it and makes new anti-virus measures based on features
of the new virus so as to let users update their anti-virus software. Such anti-virus making process needs
time, and during the period of time between new virus found and relevant anti-virus software updating,
computer network system cannot resist this new virus.
·A fundamental solution to preventing DCS from being attacked by virus and Hacker has successfully obtained the national invention patent and is applying for international one
The reason why DCS can be infected by virus is virtually that DCS is physically linked with real-time
database and office system through network to transfer data of production facilities. If this network is
disconnected, DCS will not be infected. But by doing that, no production data can be transferred to the
real-time database. Is it possible to transfer production data of DCS to the real-time database not through
computer network If it is, the spread path of virus and hacker can be completely cut off and the safety
of DCS can be essentially guaranteed.
OptimiPro Control Technology Co., Ltd. has invented a “Photographic Data Transfer technology”
after 5-year research and development. By means of Photographic Data Transfer technology, the data from
DCS can be transferred to the real-time database without network. This technology has been successfully
commercialized and obtained invention patent in China in 2009 (patent no.: ZL200610064971.8).
Due to its nature of inventiveness, we are applying for patents in over 40 countries. Recently, the patent
has passed the examinations of Canadian and Russian Intellectual Property Office.
Introduction to Product
·Principle of Intrinsically Safe Photographic Data Transfer Technology
As shown in the figures, DCS data to be transferred is collected by the Data Acquisition Mapping Substation and is displayed on its screen. The real-time data shown on the screen will be automatically photographed by an image pick-up system, and then an intelligent machine reading system will automatically transfer the photographic image to real-time data - both systems reside in the Intelligent Photographing and Reading Substation. The data in P&R substation will be delivered immediately to the real-time database and office network through LAN. Such process requires no network-based physical connection between LAN and DCS, so that no virus and Hacker will be able to enter into DCS through network. As a result, safety of DCS can be virtually guaranteed regardless what the virus is.
·Intrinsically Safe DCS Isolation Station
OptimiPro Control Technology Co., Ltd. has successfully developed a commercialized intrinsically safe DCS isolation station based on the principle of Intrinsically Safe Photographic Data Transfer Technology by means of integrating data acquisition computer, display system, image pick-up system and intelligent machine reading system. This isolation station has been running stably for a long period of time in multiple DCS systems.
Structure and Specification of Product
·Input and Output Interfaces of Intrinsically Safe DCS Isolation Station
(1)OPC Standard Interface
▲Connection with DCS interface: Built-in standard OPC client ports of the Date Acquisition Substation
obtain data and OPC server status from DCS OPC server .
▲Connection with external network interface: Data transferred by means of photographic technology
will be communicated with external network through built-in OPC server of the Photographing and Reading
Substation. Status of this OPC server shall be consistent with that of DCS OPC server, and be designed
as “shadow” server of DCS OPC server.
(2) Non-standard Interface, API Interface
For different items to be connected, API can be used as data communication interface.
·Transmission Specification of Intrinsically Safe DCS Isolation Station
▲PDT2000 Series: 100 data are transferred within 3s per screen, 33 32-digit decimal data are transferred
per second at most, single OPC client input and single OPC server output.
▲PDT3000 Series: maximum 12000 64-digit binary data (equivalent to 12000 double-precision floating
point numbers) are transferred per second, maximum data transfer capability is 6000 TAG/s for each
Single/Multiple OPC client input, Single OPC server output
·Solution for system already containing Real-Time Database
If existing DCS has already been linked with real-time database through OPC interface, Intrinsically Safe DCS Isolation Station with OPC interface can be chosen for isolation. The connection is simple:
(1)OPC client of Intrinsically Safe DCS Isolation Station is connected to DCS OPC server;
(2)OPC client of Data Acquisition Station is connected to built-in OPC server of Intrinsically Safe DCS Isolation Station.
·Intrinsically safe Solution for system already containing Real-Time Database
For the situation that multiple DCSs share one real time database, there are three solutions:
(1) Each DCS is isolated with Intrinsically Safe DCS Isolation Station;
(2) Multiple DCSs transfer their data through one OPC server to a single-input / single-output Intrinsically Safe DCS Isolation Station (Fig. 7);
(3) Each DCS through its own OPC server transfers data to a multi-input / single-output Intrinsically.
Safe DCS Isolation Station (Fig. 8).
·Redundancy of Two Intrinsically Safe Data Acquisition Stations
In order to improve reliability of intrinsically safe isolation station, the redundant scheme of two
stations is available. One of the two stations is used as usually operation, while the other is used
as back-up (Fig. 9).
·Wireless Remote Monitoring Scheme
If long distance monitoring is required,an intrinsically safe wireless remote
monitoring station could be used.
◆By this scheme, intrinsically safe remote data can be transferred through GRPS/CDMA/3G.
After the intrinsically safe remote monitoring station acquires data from DCS, it will be
connected to remote database through GPRS/CDMA/3G.
◆Remote and reliable unattended monitoring can be realized by means of built-in remote
health status monitor and automatic fault detecting and recovering system, shown
▲A Petrochemical Plant of SINOPEC: installed two Intrinsically Safe DCS Isolation Station
Systems in 2007 (Fig. 11 & Fig. 12). The two systems have been running stably since then.
▲A Cyclohexanone Department in a Petrochemical Plants of SINOPEC has used the Intrinsically Safe DCS Isolation Station over three years (Fig. 13). The whole system is running stably .
▲Remote Customer Support
A consulting company in Beijing, China runs a remote monitoring system which adopts Intrinsically
Safe DCS Isolation Station to monitor all on-line optimal control systems spreading around China and
provides customers with remote support (Fig. 14). This customer support system has been running stably
for over four years and has been approved very reliable.
(1) Proprietary national patent of non-network data transfer technology;
(2) Transfer DCS data to real time database with network disconnected, real physical disconnection of network Fully avoid invasion of virus and hacker and virtually guarantee safety of DCS.
(3) Automatic running once the system is started.
(4) Support multiple client input.
(5) Built-in DCS OPC server, which conforms to OPC2.0 international standards and status of which is same with that of DCS OPC server.
(6) Support multiple input and output interfaces, like OPC, API and MODBUS, etc.
(7) With debugging and simulation test environment.
(8) Support redundancy with two isolation stations.
(9) Data acquisition system of the isolation station (OPC Client) is capable of automatically re-connection if the link of data acquisition system to DCS server is disconnected occasionally.
(10) Provide excellent isolation station configuration tool.
(11) High reliability and stable performance.
(12) Digital treatment conforms to IEEE international standards.
(13) Support Modbus protocol, and stable and reliable remote data GPRS/CDMA/3G wireless connection.