The facilities of a waterworks belong to the critical infrastructures. High security standards and special legal regulations for documentation apply here. All requirements are met with a digital maintenance log, and a security solution secures the entire maintenance process.
The challenge: Hard-to-follow maintenance processes for a critical infrastructure
In industry, there are many 30-year-old machines or industrial control systems based on historical operating systems from MS-DOS to Windows 3.11 to Windows XP – and they are to be used for a long time to come. This is also the situation at a regional waterworks. A merger with another utility has created a very heterogeneous fleet of equipment at disparate locations.
As a result, regular maintenance of the equipment was confusing: there were no uniform methods of accessing the equipment. In addition, there was no documentation or audit of accesses. The two-man rule and approval processes were also only implemented to a limited extent. The waterworks thus faced a considerable commercial and legal risk: in the event of damage, the parties responsible would not be traceable.
Added to this: IT and control systems of the waterworks belong to the so-called CRITIS facilities. The acronym means “critical infrastructure” and refers to a federal law on the security of vital infrastructure. It obliges operators to take appropriate organizational and technical precautions to avoid failures and security problems. There are fines of up to 100,000 euros for violations, and soon as much as 20 million euros or four percent of global sales, according to the draft amendment.
The solution: A digital maintenance log for industrial plants
The system is secured on the basis of the latest IT security standards without modifying it with additional software or updates. The software solution se.MIS™ (sematicon Maintenance Information Solution) was developed in a development partnership between Munich-based sematicon AG and security specialist CyProtect AG and offers a secure industrial remote management solution for accessing control systems and plants. The age and software version of the target systems are of secondary importance.
By means of various hardware modules that are connected to the machines, non-network-capable machines and systems can also be integrated into the infrastructure. This enables secure access to a large number of networked and not-yet-networked machines. The communication and data to be sent can also be additionally protected with strong encryption. Remote access is thus possible for a wide range of machines and plants and requires no additional network connection or software installation on the target system.
The software can be used locally, in the company’s own data center or in the cloud. It is operated via a simple web interface. As with IT systems, there is rights management that precisely controls access. A digital maintenance log records all processes automatically and can also store photos and documents. It generates a complete log of all internal and external accesses to a machine.
The result: Traceable and legally compliant maintenance
Maintenance procedures are fully traceable through se.MIS™. The solution provides a unified access method to the facility. The maintenance log provides complete documentation of all accesses. The two-man rule and the approval processes possible with the maintenance log provide the operator with legal security vis-à-vis state authorities and an insurance company.
The system is easy to use and does not require extensive training of personnel on different processes. Scheduling maintenance windows helps minimize plant downtime. Furthermore, the system offers additional options when connecting further external modules, for example condition monitoring to determine the current machine status.
In the process, existing or additionally installed sensors are used to determine machine data, which, among other things, ensure that technicians are automatically alerted before the plant fails. Predictive maintenance, in which adaptive algorithms detect malfunctions at an early stage, is also possible.