Blog

The Crucial Role of a Disaster Recovery Plan

Select Dynamic field
Along the United States Coasts, Hurricane Season is a lengthy period of anxiety and uncertainty for many – especially if your industrial facility is tasked with achieving maximum production and uptime.
Disasters can strike at any time – but not all disasters are in the form of hurricanes, floods, or other natural phenomena. Let’s face it: equipment failures are inevitable; cyber attacks have become commonplace; human error is unavoidable. These are only a few ways your facility can be hurled into “Disaster Recovery Mode.” But, are you prepared?

Preventative Maintenance and Recovery

There is a direct correlation between Preventive Maintenance and how quickly your operation can recover from a disaster. Do you have up-to-date incident response procedures in place to get systems back online if they are compromised? Is your staff trained on those procedures? Do you have adequate spare parts for process-critical and at-risk components?

Is your answer to any of those "no" or "I don't know”? You aren't alone, but don't worry. We're here to help change that with 24UP® Solutions.

What is 24UP® Solutions?

24UP® Solutions is Champion’s solution led by the experts who have seen it all. They understand that no facility, industry, or Industrial Control System is exactly alike. Maybe you have an in-house department dedicated to the livelihood of your Operational Technology (lucky you!). Maybe you rely on support from a major equipment manufacturer. Maybe your industrial process consists of multiple systems and manufacturers working together to achieve your goals.

Regardless of the situation and your facility’s level of in-house expertise, Champion’s 24UP® Solutions professionals can make recommendations, develop procedures & training documentation for your site’s staff, provide routine hardware & system diagnostics, backups & imaging – everything you might need from a Preventive Maintenance angle to ensure the least amount of downtime when disaster strikes.

Our 24UP® Solutions are tailored to your specific needs. Whether simply providing you with the tools to be prepared, or being your one-stop “go to” for maintenance and 24/7 emergency support – we work with you to build a plan that fits.

Don’t have an OT cybersecurity expert on staff? Clients who take advantage of our 24UP® Solutions plans also have access to Champion’s Certified Cybersecurity Experts. Trained in the latest ISA/IEC 62443 standards for Cybersecurity, and holding GICSP certifications in current NIST standards, these experts can be leveraged to provide third-party (read: “unbiased”) system audits, identify and mitigate potential weaknesses, and maintain the latest protections against OT cybersecurity threats.

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
solution brief

Disaster Recovery

download

More Posts

Read More
Blog

The Hidden Costs of Your Legacy Systems

Select Dynamic field
“My old control system is still hanging in there. How can I justify a costly replacement to management?” This is an age-old question, to which many believe: “If it ain’t broke, don’t fix it.” However, when it comes to Industrial Control Systems (ICS), this approach is often the riskier and costlier route for facilities.
The answer lies in Total Cost of Ownership (TCO) – a method of engineering, economic, and financial analysis. TCO aims to consider all of the direct and indirect costs related to a product over its lifetime. The TCO of your car isn’t just the purchase price, but all the related costs over the time you own it: gas, financing, insurance, maintenance, depreciation, and more. The same approach can be applied to a control system over its lifetime.

Common Hidden Costs

Maintenance

The cost of maintaining legacy systems grows exponentially with age. This is due to increased routine problems, along with added system complexity from customization and changes. Over time, updates become more time-consuming and costly.

Talent

In parallel with maintenance costs, talent costs are much higher on a legacy system. Not only are the costs exorbitant in man-hours, but unlike on newer systems, they often require skill sets that are expensive and difficult to find.

Support

As proprietary legacy systems reach a point of limited or discontinued vendor support, the costs of support begin to soar. Tie this to increasing talent costs for external support, longer support response times, and – dare we say it – interruptions in production that affect your bottom line at its core.

Compliance

With industry regulations continually changing, the cost of keeping legacy technology in compliance can be burdensome. Even more costly are the risks of noncompliance, with penalties or fines adding to your Total Cost of Ownership.

Lost Revenue Potential

Without newer features such as mobile data access, or the ability to gather and act via analytics tools, your plant operates on inefficient processes, lower production output, and results in a dwindling bottom line.

New Tech, New Benefits

Implementing new technology can bring a wealth of benefits, from risk reduction and meeting heightened regulatory standards to better decision-making and improved efficiency. Technology of today enables facilities to be more agile, innovative, and cost-effective in an ever-evolving climate.

Concerns of process interruptions can most times be eliminated using well-planned migration approaches, and increased security can alone make the switch a worthwhile investment. Champion’s Certified Cybersecurity Experts are trained in the latest ISA/IEC 62443 standards for Cybersecurity, ensuring your new system benefits from the most current, comprehensive safeguards.

At some point, legacy technology becomes a barrier to daily operations, business stability, and overall growth. By knowing the true cost of running legacy systems, industry leaders can see the clear return on investment (ROI) of embracing new technology and its upward-driving effects on your bottom line.

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
more on our website

Industrial Automation

visit the page

More Posts

Read More
Blog

Staying Compliant With Your Safety Systems

Select Dynamic field

The Process Safety Life Cycle and ANSI/ISA 61511/IEC 61511: An Overview

Champion Technology Services, Inc. understands the challenges plant managers face complying with OSHA 29 CFR 1910.119 Process Safety Management of Highly Hazardous Chemicals (PSM). The ANSI /ISA 61511/IEC 61511 Functional Safety standard provides PSM regulated facilities guidance toward compliance, but is not a prescriptive standard. It does not tell us what to do, nor does it require a particular level of safety for our plant. The standard does provide an objective means of measuring the current level of risk and for objectively reducing that risk. For this reason, it is considered a performance based standard.

This ANSI/ISA 61511/IEC 61511 Process Safety Life Cycle provides process manufacturers with a phased, step-by-step approach to manage process safety throughout the life of their plant. Depending on the size and complexity of the process, each phase can take months or years to complete and may involve a sizable multidisciplinary team. Project management and documentation are critical to long-term success. However, many facilities lack the in-house engineering, implementation, and maintenance resources to design, build, and maintain these systems alone. Champion Technology Services, Inc. is committed to compliance with current standards and engineering best practices to support clients in all phases of the safety life cycle.

The 3 Phases of the Safety Life Cycle

Analysis Phase

Analyze the process, document the safety hazards and the level of safety required to meet your organizations tolerable risk level. The outcome of the analysis phase is typically that a plant is able to mitigate the risk with engineering and operation improvements or that a safety instrumented system (SIS) is required. If a SIS is needed, a Safety Requirement Specification (SRS) must be developed before the Design and Implementation phase can begin. The (SRS) will document all input, output requirements, functional logic, and safety integrity level (SIL) for each safety instrumented function (SIF).

Design & Implementation Phase

Once the SRS is completed, the process of designing, engineering, and selecting a safety system can begin using approved software and hardware subsystems. It is critical to ensure that the SIS is installed, commissioned, documented, and validated by qualified personnel so that it does what it is intended to do and meets the requirements of the SRS.

Operations & Maintenance Phase

Once the SIS is commissioned into service, plant operators should operate and maintain it according to the specified requirements and SIS design plan and keep all documentation current. Procedures should be in place to validate, document, and report any deviation from the applied standards and the SRS. If modifications or additions to the SIS are needed, or if the SIS is decommissioned, it requires re-entering the safety lifecycle at the appropriate step.

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
more on our website

Functional Safety

visit the page

More Posts

Read More
Blog

The Top 5 Things You Can Do To Ensure A Successful Project

Select Dynamic field
Champion Technology Services, Inc. understands that projects often come with headaches and unplanned surprises. That’s why our Project Management team is dedicated to delivering solutions on schedule, on budget, and without surprises. We’ll identify risks, determine how best to mitigate those risks, and keep an open dialogue with you through the process.

What makes a project successful?

  • Deliver the solution you need
  • Stay on schedule
  • Be done right
  • Stay on budget
  • …and be cognizant of any risks along the way — to deliver a robust solution as seamlessly as possible.

How can you facilitate that?

1. Clearly define project expectations.

Poorly defined projects almost always result in less than “ideal” execution. Be sure to specify exactly what is needed and set realistic expectations on delivery milestones.

Vague project expectations translate to delayed delivery of equipment, imprecise scheduling, and the need for change-orders: all of which affect your project’s bottom line.

Sometimes you may not know what you need, but you have a big-picture goal to achieve. That’s okay, too! Champion can offer more agile solutions you may want to consider. We can also help to narrow down your goals into smaller, manageable pieces with clear, actionable steps.

2. Review in detail any project proposals.

The proposal is the first step in achieving alignment between client and integrator. Here, a clear listing of requested (or recommended) deliverables to achieve a successful project is outlined. Review the full listing, ask questions if you need clarification, and ensure the deliverables match your expectations. If any items don’t align as expected, now is the time to discuss and have any modifications made to the proposal.

3. Review in detail the Functional Specifications.

The Functional Specification is the set of documents that outline your system’s design details. It explains how the system will work, what the graphics will be like, what the network will connect to, and more. This is where it is critical that you play an active role with your Project Manager.

Review all functional details to make sure they align with your needs and expectations. Once these documents are signed-off on, the system will be designed as outlined. That’s why its imperative that all stakeholders be in alignment to achieve successful delivery.

4. Keep an open dialogue with your Project Manager.

Transparency and regular communication is vital in the success of any project – not only for Project Managers, but also for you as a client. Communicate any alterations to the original project scope, timeline, or other factors which may affect the project execution.

5. Ask questions!

If you’ve ever had a FAT (Factory Acceptance Test) not go as expected, chances are it wasn’t a positive experience. One of the primary gaps that prevents successful project execution is a lack of common understanding between Project Manager and client. Ask questions when you’re unclear on next steps or if you sense that something is going awry. The issue can be resolved before it’s too late.

Technology is always evolving, and the acronyms abound. While Champion’s professionals are experienced in a diverse set of industries, we know that you are the expert of your specific industry. Conversely, as industrial automation experts, we don’t expect our clients to know everything about the technology solution. Asking questions is the best way to ensure the alignment of your expectations with the delivery of your project!

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
more on our website

About Us

visit the page

More Posts

Read More
Blog

Don’t Hire a System Integrator — Until You Answer These 3 Questions

Select Dynamic field

You’re considering hiring a System Integrator for your company’s automation processes. But, where to begin? Aren’t all integrators alike? Not really. Below are a few questions to consider before choosing the right integrator for you.

People

Are the Integrator’s staff experienced and committed to your needs?

While selecting a particular platform or technology from a myriad of vendors is critical, having the right people with the right support skills (and winning mindset!) is just as imperative.

Ask these questions about their people:

  • What types of experts do you have on staff?
  • What experience do you have with the platform I use?
  • Does your company invest in having personnel trained within industry associations such as ISA and PMI?

Champion knows a System Integrator is only as good as its people. That’s why we put so much importance on the hiring, professional development, and nuturing of our workforce culture.

Our Mission puts it best: To improve the overall safety, well-being, and prosperity of our employees, our company, our clients, and our communities through the intelligent and efficient application of the resources and technologies currently available.

Performance

What is the System Integrator’s experience with my industry?

If you ever hear the phrase, “Industrial Automation is the same across all industries,” you probably want to keep looking.

Be sure to ask these types of questions:

  • How long have you worked in my industry?
  • What types of industry-related processes have you automated in the past?
  • What is your success rate for my type of project?
  • How do you keep up with the latest automation innovations in my industry?

Champion holds extensive automation experience across a diverse set of industries. This knowledge didn’t just “happen” overnight; every industry has its own set of operational nuances, regulatory standards for Safety and Quality, and requirements to ensure the highest satisfaction.

Champion continues to grow with the latest technologies, standards, and industry best practices to keep our clients operating at peak performance.

Processes

Does the Integrator have tried-and-true workflow processes?

If the System Integrator you’re considering speaks broadly about their work but struggles to provide time-proven workflow processes to achieve goals, be extra cautious before proceeding.

Be sure to ask these types of questions:

  • What does a typical project look like from start to finish?
  • How does the System Integrator communicate with their client?

Champion’s Project Life Cycle is client-focused.

What does this mean? It means we tailor our solutions to meet the needs and criteria of our clients. From Conceptual Planning & Front-End Engineering, to Project & Program Management, Commissioning & Start-Up, and ongoing Support Services, we are able to meet the needs through the entire life cycle and beyond.

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
more on our website

About Us

visit the page

More Posts

Read More
Blog

The Top 5 ICS Cybersecurity Vulnerabilities

Select Dynamic field

1. Boundary Protection

Why is this important?

The boundary under consideration is the electronic division between the industrial control system (ICS) and the enterprise network; think of servers and switches. This boundary must be protected from undetected, unauthorized activity in critical systems.

If boundary protection is weak, various threat vectors (pathways) may have access to interface with devices that directly support the control process. Any number of these types of vulnerabilities can cripple your system.

Not only does inadequate boundary protection make it more difficult to detect unauthorized activity, but the range of threats also increases significantly when there is no logical separation of the ICS network from the enterprise or other trusted systems (i.e. the Internet).

How to fix the problem:

Establish a Demilitarized Zone (DMZ) between the ICS and the enterprise network. The DMZ should have a dedicated “jump server” that permits limited access for enterprise network devices or nodes to access certain data on the ICS network. The jump server should be hardened (only running essential services) with unique login credentials.

A second layer of logging and monitoring with verification should be incorporated for jump server access.

2. Least Functionality

Why is this important?

If the boundary layer has been breached and internal access has been established by a rogue actor, this increases the number of vectors that could potentially be under attack in critical systems.
The objective of least functionality is to minimize the computing resources associated with services, functions, ports, and protocols to the bare number of those required to support central system operations.
In other words, if the system has been compromised, limit what the bad actor can access or control once inside.

How to fix the problem:

Each ICS network component hardware vendor will have available hardening guidelines and operational requirements. Determine the settings that will provide your necessary system functionality while documenting any exceptions.

Your specific operational requirements will delineate services, ports, protocols, and applications that the system needs to function properly. Restrict all other component and system access to the most basic and necessary requirements.

3. Identification And Authentication

Why is this important?

Authorized organizational users, including processes acting on behalf of organizational users, must be identified and authenticated.

This is especially difficult when securing accounts of personnel who may have administrator access and who leave the organization or travel to another site within the organization.
The goal is to achieve accountability and traceability for every user account in the event an account becomes compromised.

How to fix the problem:

All accounts with administrator privileges should have unique access credentials and where applicable, System Administrator accounts should integrate with Active Directory (AD).

Where possible, each user should have an individual account and any shared accounts should be documented explicitly.

When group user accounts are used, such as in a control room setting, a second layer of accountability, such as an access log or key card, should be employed.

4. Physical Access Control

Why is this important?

Physical access devices include things like card readers, USB drives, keys, locks, and combinations.
Even though the organization may be able to apply a certain degree of control over employees and visitors, additional physical security may be required to prevent or monitor ICS component access. In some cases, keys that allow physical access may not be under the facility’s control. This could allow unauthorized personnel to access sensitive areas.

How to fix the problem:

Physical safeguards may come in the form of human guards, physical barriers, cameras, and the physical isolation of specific equipment.

Develop a key management policy with the goal of limiting the number of physical keys that must be tracked.

Ensure that a policy is in place to identify all parties who access remote facilities at all times and treat every alarm as a serious breach until verified to be otherwise.

5. Audit Review, Analysis And Reporting

Why is this important?

When controls are put in place to produce logs of user access, connectivity, and configuration of systems and components, a lot of data is generated.

Without a formalized review and validation of the data that has been collected, unauthorized users or programs may infiltrate the system without detection.

Collected data must be dutifully audited, reviewed and analyzed to report security-related events such as account usage, external connectivity, configuration modifications, and ICS component inventory.

How to fix the problem:

Retain or create a centralized service to collect logs and events at a system-wide level. This will include both security information and events that occur on the network.

Define a list of the appropriate events that need to be assessed and formalize the appropriate degree of review, analysis, and responses.

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
solution brief

System Hardening

download

More Posts

Read More
Blog

Champion Technology Services, Inc. Announces Business Partnership with exida

Select Dynamic field

Exida, a global supplier of functional safety products, services, and certifications is pleased to announce a business partnership with Champion Technology Services, Inc.

“Champion is very excited to partner with exida, a recognized world leader in Functional Safety and Alarm Management solutions for the process industry,” says Mehrdad Ghorashi, President of Champion.

“We understand the importance of these areas to our customers and also recognize the increasing risk posed to their critical networks by cyber threats. We feel this partnership validates the high level of competency and quality Champion is known for. Our Functional Safety Professionals together with exida’s expertise, will allow us to provide a full suite of safety lifecycle services such as Process Risk Management consulting, PHA/HAZOP facilitation, SIL Selection, SRS development, SIL Verification, Proof Test procedures and also services to support an effective Alarm Management Program”.

“Champion has built a strong reputation for providing quality engineering services to their customers, and this complements exida’s service and product offering,” says Steve Gandy, exida vice president of global business development. “exida has been looking to partner with a select group of companies as a means of enhancing both companies' product and service offerings. We are very pleased to partner with Champion Technology Services, Inc. and expect to have a very successful partnership.”

About exida:

exida is a certification and research firm specializing in safety critical/high availability automation systems, control system cybersecurity, and alarm management. exida has performed more process control safety certifications than any other company worldwide. exida’s main offices are located in: Sellersville, PA, USA and Munich, Germany and has worldwide operations with service centers in Brazil, Canada, Mexico, Netherlands, New Zealand, Singapore, Japan, South Africa, and the United Kingdom.

About Champion:

As a leading systems integrator, Champion Technology Services, Inc. provides concept to completion of automation solutions using the latest advanced technologies. Our main focus includes industrial automation and control systems integration along with telecommunication solutions such as wireless communications and data management. With ten offices throughout Louisiana, Texas, Utah, and Colorado, Champion serves customers across the United States and internationally.

Ready to learn more? Contact us today to schedule a no-cost consultation.

We empower our clients to build safe, sustainable operations by delivering comprehensive Operational Technology (OT) solutions. From concept to implementation and beyond– we'll be there every step of the way.

Let's collaborate.

Schedule a no-cost consultation today.

 Contact an expert
more on our website

About Us

visit the page

More Posts

Read More