Compared with land exploitation, offshore oil and gas exploitation is relatively difficult in technology. Due to environmental limitations, unlike single well, metering room, joint station and treatment plant on land, offshore oil and gas exploitation is mainly carried out through offshore oil platforms, which are often equipped with drilling, oil extraction, processing, storage, transportation, office and living functions, so it is also known as mobile castle. It mainly includes wellhead platform, central platform, FPSO, etc., which is connected to the land production center through submarine pipeline and optical cable. The network communication is mainly based on optical fiber and microwave.

 

The importance of offshore oil and gas extraction platforms is self-evident as they not only carry the task of energy collection, but also serve as the first line of defense for China’s local security. As the automation level of oil and gas production increases, the remote monitoring of the platform by the center, the management of production scheduling, and the unattended (there is also the case that when the platform is in danger or evacuated, the land center or the central platform can remotely and quickly shut off the valve) needs to be more and more closely connected to the land platform.

 

As fixed facilities of offshore oil and gas exploitation work in harsh and complex Marine environment for a long time and are affected by waves, corrosion, erosion, fatigue and other adverse factors, a stable and reliable system is needed to monitor their operating status in real time and continuously. Network system is the basic communication facility of monitoring system. To provide stable data transmission services in the same environment, network devices such as industrial switches should be able to work stably in a wide temperature, corrosion, and vibration environment for a long time to provide high-performance communication support for multi-service systems such as SCADA, video, and voice.

 

Given the characteristics of offshore oil and gas platforms, a secure communication network solution needs to meet the following three requirements:

 

1) Network architecture

 

a. To ensure the network communication capability, the bandwidth of an industrial switch should meet the demand of peak hours and leave a certain amount of bandwidth.

b. As far as possible, redundant forms of optical fiber and wireless communication (such as microwave) should be adopted for offshore platforms. In order to ensure emergency communication, it is suggested to add the Beidou emergency communication system;

c. The industrial control system and the land terminal (wellhead platform, etc.) or other systems shall be divided into two zones, and one-way technical isolation means shall be adopted between the zones;

d. The Marine industrial control system shall be divided into different security domains according to the service characteristics, and technical isolation measures shall be adopted between security domains;

 

2) Communication transmission

 

Since the remote shutdown operation is required after the emergency evacuation of the personnel on the offshore platform, in order to ensure the integrity and confidentiality of the data in the process of wireless communication, it is recommended to deploy the industrial firewall at the data sending and receiving end, and enable the VPN function to establish a dedicated communication link.

 

3) Credibility verification

 

The self-learning whitelist technology of industrial control safety monitoring and audit was used to model network communication behavior and record key configuration parameters of communication equipment such as industrial switches. Thus, the reliability verification of the system boot program, system program, important configuration parameters and communication application program of industrial switch and other communication equipment is carried out. After the credibility is detected to be damaged, the alarm is made, and the results are sent to the full security management center (namely the unified security management platform).

 

Shenzhen Houshi Network Technology through years of technology accumulation, according to the above requirements of offshore oil and gas production platform, tailored a set of network communication solutions, its characteristics are as follows:

 

High reliability: industrial switch equipment, EMC4 design, IP67 protection level, “three prevention” treatment to prevent salt spray corrosion, to resist the corrosion of the equipment in the wet and salt spray environment at sea

High performance: industrial switch equipment, full gigabit networking, large bandwidth, video transmission without delay

High stability: industrial switch equipment, real-time monitoring of network status, self-repair of network loop detection, storm suppression, self-healing recovery of ring network fault <20ms

High security: operation monitoring abnormal alarms, user classification, authentication and encryption, and meet the GB/T22239 level of security protection; The VLAN technology can be physically isolated and 802.1X and port security access authentication is supported to prevent unauthorized access. Ensure: only trusted equipment can access the industrial control network; Only the trusted message can be transmitted on the industrial network; Only trusted software is allowed to be executed; Only a central platform can control.

Industrial switches comply with the IEC60068-2-6 standard and meet the vibration requirements of offshore platforms

Industrial switch equipment, double redundancy protection power supply, -40~85℃ wide temperature, nuclear earthquake-resistant class I design.