- Association News
ISA Fellow Donald Dunn, Industrial Cybersecurity Training in Germany, Open Process Automation Systems, In Memoriam, Cybersecurity First Responder Credentialing Program, ISAGCA Cybersecurity Whitepaper, ISA Initiatives for Lifelong Learning
- ISA Fellow Donald Dunn
- ISA, MBI Answer Need for Industrial Cybersecurity Training in Germany
- Bartusiak Helps Further Open Process Automation Systems
- In Memoriam: Harold L. Wade
- Cybersecurity First Responder Credentialing Program Debuts
- ISAGCA Releases Cybersecurity Whitepaper
- New ISA Initiatives Support Being a Lifelong Learner
Meet 2020 ISA Fellow Donald Dunn
Early in his career in 1998, Donald Dunn worked with Lion Dale Chemicals. As part of his role, he performed incident investigations and noticed that one of the root causes of many incident investigations was a causal factor of operators not responding to alarms. “Alarm floods was the biggest problem,” he explained. “They’d get so many alarms that they didn’t know what to respond to. That experience is what drove me to get involved in alarm management, industry safety, and ultimately ISA18.”
Now, as an ISA Fellow, Dunn is being honored for many years of work on the education and standardization of terminology, as well as requirements and guidance related to alarm management and process industry safety. Currently, Dunn works as a senior consultant with WS Nelson in New Orleans, though he lives in Houston. He is also a senior member of the Institute of Electrical and Electronics Engineers (IEEE).
“Within the automation realm, my most significant accomplishment is the effort that Nick Sands and I put forth to cochair ISA-18.2, the standard for alarm management,” Dunn said. “It was the first global standard for alarm management. The standard uses a life-cycle approach, following an alarm from cradle to grave. It covers a multitude of topics, such as implementation, operation, and maintenance.”
When Dunn first joined ISA and started working on updating and developing other standards ahead of the development of ISA-18.2, he went to an ISA show in Houston in 2003. There, he went to a meeting with a managing director who was seeking someone to chair the committee and develop a standard. The managing director asked Dunn to co-chair the committee because Dunn had been involved in the development of similar standards for many years. Dunn happened to be sitting next to Nick Sands, whom he had just met. “I said, ‘I will happily co-chair if this guy right here would co-chair it with me,’” Dunn explained. The two ended up working together until 2009 to put together and finally publish the ISA-18.2 standard.
Sands recruited Dunn to run for vice president of the ISA Standards and Practices Development Board. He was elected in 2009. During his time on the board, Dunn discovered that ISA was not charging for its standards, which are intellectual property. “I spent three years discovering why that was the case and developing a consensus to change it,” he said. “We were running on a deficit within the standards and practice portfolio. I worked very hard to change that.” And he did; the standards portfolio now turns a profit for ISA.
Dunn says ISA membership has both helped broaden his knowledge base and expanded his number of industry contacts. “Engineers have worked on a lot of problems in the past, and if you encounter a problem and reach out to others for help, you might be surprised how many are willing to assist,” he said.
During his career, Dunn noticed that lots of young engineers want to be managers, but he advises them to step back and ensure they know the field. “My number one piece of advice is to learn your craft,” he said. “Number two is to get involved in organizations like ISA and IEEE. That will help you learn the technical side of your craft and develop your network. Those are the things I’ve tried to preach during my whole career.” —By Melissa Landon
ISA, MBI Answer Need for Industrial Cybersecurity Training in Germany
ISA and Maschinenbau-Institut GmbH (MBI), a service company of the German mechanical engineering industry association, or VDMA, are joining forces to offer a unique cybersecurity training program for German speakers. The first offering will be a Cybersecurity Fundamentals course for VDMA members located on the group’s Fraunhofer site in Karlsruhe, Germany. With more than 3,300 members, the VDMA is the largest network organization and is an important voice for mechanical engineering in Germany and Europe.
Forged in response to the changing industrial security landscape and growing cyberthreats to automation networks and systems, the collaboration focuses specifically on training VDMA members in operational technology (OT) security standards. Both organizations will share training expertise based on the ISA/IEC 62443 set of cybersecurity standards.
“Cybersecurity needs to be addressed by our members, as recent global ransomware attacks have demonstrated their potential impact,” said managing director Catherine John of MBI, which is the education academy of VDMA. “Our members need to adequately manage the associated cyberrisk stemming from the vulnerabilities of OT technology, coupled with the increased connectivity in our digital era.”“ISA is committed to providing high-quality technical resources that cover all areas of cybersecurity,” said ISA European director Pieter van der Klooster. “We have covered the entire spectrum of cybersecurity education and advocacy, from the development of the world’s only consensus industrial cybersecurity standard, to critical education, to compliance programs helping companies certify products and systems.”
Bartusiak Helps Further Open Process Automation Systems
ISA executive board member Don Bartusiak, who has previously served as ExxonMobil’s chief engineer for process control, has become known as a significant champion of Open Process Automation. During a presentation at the 2017 ARC Forum in Orlando, Fla., he announced ExxonMobil’s next-generation multivendor automation architecture initiative and described how industry had had enough of closed, proprietary automation systems. The future, he said, was multivendor, interoperable, standards-based, open, and secure.
The future is here with the late June launch of the Coalition for Open Process Automation (COPA) QuickStart system, which is aligned with The Open Group O-PAS Standard, a “standards of standards” for industrial process automation developed by the Open Process Automation™ Forum (OPAF). Bartusiak’s company, Collaborative Systems Integration, is the systems integrator for the COPA QuickStart offering.
Bartusiak said, “Industrial manufacturers have repeatedly told me that if O-PAS Standard–aligned systems were available, they would buy them. The COPA QuickStart system is our answer to that challenge.”
COPA is applying years of research, collaboration, and investment by members of OPAF to bring to market industrial control systems (ICSs) that are built on industry standards for open, secure, and interoperable architectures. The COPA partner companies have engineered COPA QuickStart to incorporate components and technologies from multiple vendors into a single, advanced, and cohesive industrial control system. It is said to provide the critical first step in helping industrial manufacturers start learning, proving, and adopting open architecture ICS solutions into their operations.
“The move is analogous to the shifts that occurred when PC technology displaced minicomputers and mainframes,” says Automation.com’s Bill Lydon. “That extraordinarily successful trend accelerated efficiency and profitability for companies of all sizes.”
Find out more at https://copacontrol.org or at www.opengroup.org/forum/open-process-automation-forum.
In Memoriam: Harold L. Wade
Harold L. Wade, PhD, PE—ISA Fellow, Life Member of IEEE, book author, and all-around Renaissance man—died on 24 May 2021. He was 91. Wade possessed more than 50 years of experience designing, applying, and installing process control systems in such industries as petroleum refining, chemical processing, textiles, and water treatment. He was the author of ISA’s best-selling book, Basic and Advanced Regulatory Control: System Design and Application, Third Edition, which explains the application of basic and advanced regulatory control strategies. He also developed the process control training program, PC-ControLAB.
Wade received a BS in mechanical engineering from Oklahoma State University and earned both master’s and doctorate degrees in systems engineering from Case Western Reserve University. Wade held technical positions at Honeywell, Foxboro, and his own consulting engineering firm, Wade Associates, Inc. in Houston, Texas.
Wade was a course instructor, a Donald P. Eckman award recipient for 2008, a long-time member of ISA’s Automation Controls and Robotics Division (ACARD), and a member of the American Theatre Organ Society. ISA member Brad Carlberg called him “ISA ACARD’s Renaissance Man” and noted, “We lost a truly great man with his passing.” On ISA Connect, Carlberg shared a YouTube link to Wade’s 2020 Christmas piano program, as well as a story in Wade’s own words:
My first year in college I was a music major at Texas Christian University, Ft. Worth. Toward the end of the year, I decided I’m not going to make it as a professional musician, so I should change to my other choice, engineering. So, I transferred to Oklahoma A & M (now Oklahoma State University) as a mechanical engineering major.
At that time, few engineering students graduated in four years, but I felt bad that I had wasted my parents’ money on a now-useless first year of college, so I was anxious to graduate as quickly as possible. After three years I only needed 24 semester hours of classes to graduate, so I signed up for all 24. At the end of the previous semester, one of the instructors had asked me to be his teaching assistant in the hydraulics lab. Should provide a little bit of $$, I thought, so I accepted. (His assistant? I never saw him. I was the lab instructor, teaching my fellow students.)
This was the days of the “big bands” and fraternity and sorority dances every Friday and Saturday night. There were two dance bands on campus, and at the start of my final semester, the leader of the “excellent” band said, “Harold, we just lost our piano player. Could you play the piano for us?” That was a dream come true for me, so I said yes. Now I had 24 semester hours of coursework and two part-time jobs. My grade-point average took somewhat of a nose-dive, but I paid all of my college expenses for the semester and still had a few $$ left over.
Cybersecurity First Responder Credentialing Program Debuts
The ISA Global Cybersecurity Alliance (ISAGCA) and the Incident Command System for Industrial Control Systems (ICS4ICS) have announced the release of a cybersecurity first-responder credentialing program. The ISAGCA joined forces with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and cybersecurity response teams from more than 50 participating companies to adopt the Federal Emergency Management Agency’s Incident Command System framework for response structure, roles, and interoperability. This is the framework used by first responders globally when responding to hurricanes, floods, earthquakes, industrial accidents, and other high impact situations.
Incident Command Systems have been tested during more than 30 years of emergency and nonemergency applications, throughout all levels of government and within the private sector. The approach guides companies, organizations, and municipalities in identifying an incident, assessing damage, addressing immediate challenges, communicating with the right agencies and stakeholders, and resuming day-to-day operations. The ICS4ICS framework applies traditional Incident Command Systems best practices to cybersecurity incidents, ensuring common terminology and enabling diverse incident management and support entities to work together.
ICS4ICS provides clearly defined command structures, including standard roles needed in a response, and the framework can scale to support small or extremely largescale incidents that affect many organizations. “For many years, we’ve needed ICS4ICS, to enable collectively organized cyber and physical responses in a unified way,” said ISAGCA advisory board chairperson and ICS4ICS leader Megan Samford. “Credentialing cybersecurity first responders is an important milestone in this valuable public-private partnership.”
ISAGCA has developed an adjudication process and certified its first four responders. “I’m proud to be one of them and stand ready to help companies recover from cyberincidents,” said Samford, who is also VP and chief product security officer of Schneider Electric’s energy management business.
The adjudication process, managed by a formal committee within ICS4ICS, consists of an application process and panel of incident command system subject-matter experts who evaluate the candidate’s submittal. The inaugural round of credentialing recognized these cybersecurity experts:
- Mark Bristow, branch chief of cyber defense coordination at CISA, whose 15-year career with U.S. government cybersecurity agencies includes responses to incidents ranging from Ukraine cyberattacks to attempts by Russian government hackers to intrude on energy equities
- Neal Gay, senior manager of managed defense/industrial control systems at FireEye
- Megan Samford, ISAGCA chairperson; VP and chief product security officer of Schneider Electric’s energy management business
- Brian Wisniewski, U.S. Army Reserve.
ISAGCA Releases Cybersecurity Whitepaper
A new document from the ISA Global Cybersecurity Alliance organization provides an overview of ISA/IEC 62443-3-2, Security Risk Assessment for Design, as well as a summary of methodologies that can be used to execute an industrial automation control system (IACS) cybersecurity risk assessment. The included risk assessment work process is applicable to many sectors, including process industries, building automation, medical device manufacturing, power generation, water/wastewater treatment, and transportation. Download it for free from www.isa.org/ISAGCA.
New ISA Initiatives Support Being a Lifelong Learner
I took my Professional Engineer exams almost 30 years after graduating from university. I do not recommend doing this. Taking the Fundamentals of Engineering exam while you still remember all your engineering math from university is likely the better way to go. I also advocate taking your Principles and Practice of Engineering exam as soon as possible in your career.
Having said that, I will say that there is a sense of satisfaction when all the studying pays off and you achieve a certification or accreditation. I have also taken the Certified Automation Professional (CAP) exam. I did not do any of this because someone asked me to. Rather, I wanted to test my knowledge, challenge myself, and keep getting better at what I do.
There are other ways to show commitment as a lifelong learner than taking exams and achieving more letters behind your name. I have been involved in an ISA initiative to develop an exam for the Certified Mission Critical Professional qualification. As part of this, I was asked to write the study guide, Mission Critical Operations Primer. I am also a certified ISA trainer in cybersecurity and teach the IC31 and IC32 classes. There is always something new to learn, even from a class you are teaching. The questions from the students in these classes have given me new perspectives.
Since I immigrated to the U.S., the common element in my learning journey has been ISA. Gerald Wilbanks, former ISA President, was a key contributor to my PE study. I purchased the Automation Body of Knowledge (AutoBok) and CAP study guide to prepare for the CAP exam. I studied the ISA/IEC 62443 standard to prepare for teaching cybersecurity classes.
One of the things I am most proud to have been involved with is the Automation Competency Model. While this was developed for the U.S. Department of Labor and leveraged much of the work already done by ISA in the Certified Control Systems Technician (CCST), Certified Automation Professional (CAP) certifications, and the AutoBok, this model is applicable to the global automation profession.
And now, as president, I have had the great privilege to watch ISA embark on new learning initiatives in continued support of our automation profession. These new programs (coming out very soon) build on the traditional skills and knowledge required for automation professionals, adding further opportunities to develop. The first is an automation project management certificate, which will allow professionals to demonstrate their competence in managing complex automation projects. The other is the automation digital skills program, which is designed to provide automation professionals with the knowledge they need to work in the Industry 4.0 world and beyond.
With all of this, there is no better time for you to commit (or recommit) yourself to lifelong learning. I encourage you to get more involved with ISA, and in doing so, join a workgroup, become an ISA instructor, write a blog or a book, or see how many ISA certificates or certifications you can achieve. You are never too old to learn something new. Trust me—I am living proof! —By Steve Mustard
We want to hear from you! Please send us your comments and questions about this topic to InTechmagazine@isa.org.