Consultancy Support Services

The Project Support Package is a service aimed at first-time users of System Platform and/or other AVEVA products.

It aids and assists you in achieving your project delivery aims and timescales by ensuring that your design and system implementation follows best practice guidelines, and results in a flexible, scalable system that can form a stable platform for future development.

An experienced SolutionsPT Consultant will be assigned to the project, and after an initial kick-off meeting to understand the high-level project requirements and project timescales, a number of consultancy days will be made available to the customer for use at strategic points in the project.

There are three package sizes, with each including a project review resource and a dedicated Consultant assigned to the project.

The Standby Project Support is a package that allows you to have extremely short notice access to a consultant to assist with critical software or application problems during an important phase of a project such as commissioning. Assistance can be based on product or application issues.

A consultant will be available on request for a chosen period of time to assist with problems arising during your project implementation.

The consultant will be available for email response, telephone calls and screen sharing sessions within 30 minutes up to 7.5 hours a day.

Ad-hoc consultancy, also known as call-off consultancy, is a mechanism through which you have dynamic availability of a SolutionsPT resource to assist with a changing or developing situation.

You can purchase an amount of time to be used over the next three months. The intention is to make sure that you can call on an expert for a situation that hasn’t been anticipated without the typical consultancy lead times.

You can call upon the consultant for anything from design, implementation, testing or documentation as required providing the subject matter is within the SolutionsPT sphere of products and expertise.

After notifying the consultant that their assistance is required, the consultant will then confirm their availability within your agreed time frame.

Break-fix consultancy is required when you need a SolutionsPT consultant to assist you in resolving a problem with the system.

This problem can be either related to your application or to your product functionality. Our SolutionsPT consultant will assist you on a reasonable endeavours basis to resolve problems with supported products on a chosen project.

For Break-Fix Consultancy orders, a consultant is allocated to the work for the agreed dates. Our consultant will either attend site or work remotely from our SolutionsPT office if desirable to assist with any problems. The work takes place in a continuous block and is followed up by a report.

Break-Fix consultancy is sold by the number of days you require assistance for and a follow up period for a report to be written and reviewed. You would need to request a number of days on site (up to 5 as larger projects than this will be scoped with more understanding of the requirements). 

A System Platform Health Check is a review of the current state of your system from the information provided by the operating system and recorded into the log files.

This exercise can be used for the following purposes:

• Identifying any legacy products
• Identifying systems that could be seeing resource issues
• Understanding any errors or warnings that the system is currently recording
• Understanding any related Windows error messages on the system

The report will make recommendations, where appropriate, and highlight any messages that are thought to have the potential to cause serious problems with your operation of the software. This information can be used to inform maintenance or engineering works on the system or provide a baseline understanding of the systems state before engineering work is undertaken.

A SolutionsPT consultant will attend your site or connect remotely to a system and gather the information from each machine that is to have their health examined. This will involve collecting System Information, Windows Event Logs and Wonderware Software Logs. The consultant will then review the logs and write a report with recommendations based on what is found in the logs.

The amount of time required for the exercise depends on the number of machines that are to be reviewed. For larger systems, SolutionsPT recommends focusing efforts on reviewing the core servers in the system or distributing the checks over servers that share the same role in the environment.

Core servers could be; IO Servers, InTouch Tag Servers, AOS Servers, MES Database Servers, Historian Nodes, Remote Desktop Services Servers.

Template Library Management is a set of backups and procedures that allow for the maintenance and distribution of a set of standards developed using AVEVA System Platform across multiple systems and projects.

When you wish to standardise your SCADA systems across multiple implementations, within the site or across a network of sites SolutionsPT can assist you through setting up a “Master” for your standards.

The Master Template Library allows you to ensure consistent implementation of the standards of the system. This is achieved through using System Platform’s ability to “protect” templates to prevent unwanted edits and by maintaining an editable library on a separate system.

Development teams are provided with “Read-only” copies of the standards from which to begin their work. Change control, documentation and release procedures are created to allow new work to be incorporated into the standards and existing standards to be edited.

This approach allows multiple development teams to work independently with the same standards library and produce applications that adhere to the same design standards, from the back-end engineering work to the front-end visualisation. It also allows you the assurance that other teams are not going to make changes that would negatively impact your project.

There are two parts to the Template Library Management.

• The first is the setup of the Master Template Library and the definition of the original standards.
  
  
• The second is the development of the procedures to work with the Master Template Library and training your team on how to use them. SolutionsPT creates procedures to fit your project requirements. Training is delivered through a workshop to those who will be working with the library.

• AVEVA provided out of the box OMI Apps
• AVEVA provided sample OMI Apps
• How to import existing .NET Controls as OMI Apps
• Pre-Requisites for developing OMI Apps
• Best practice for developing and using OMI Apps
• SDK Libraries that can be used when developing OMI Apps
• Step by Step process for creating a new OMI App
• Half a day show me, tell me questions.

No training machines are required as this is a demonstration only course. If you require assistance with issues relating to OMI Apps following the mini-training session then additional ad hoc support is also optionally offered in three sizes: Small (up to 2 days), Medium (up to 5 days) and Large (up to 7 days). 

Historian Upgrade Consultancy is the process of upgrading a “simple” Historian system, usually, one that is running independently of other “System Platform” components on a system. We will do a test run of the migration to detect problems in an offline environment first and work with your in-house support team to resolve any problems that are found.

We will also assess the communications routes and handle any intermediate migration steps. If required, SolutionsPT can assist with the installation pre-requisites of your system and install the software with the migrated database. SolutionsPT will also assess whether or not the communications drivers need updating and if major changes are needed. We will use our office systems to test the migration of the database.

The consultant will raise any errors found during the migration to the Customer FIRST support team for resolution.

If required, we will install your new Historian node and the migrated database and test the functionality and data acquisition. This can be done on-site or remotely. 

The InTouch upgrade assessment is a review exercise. The aim is to discover and highlight any parts of your InTouch application that might lead to an unexpected problem should the application be migrated. The aim is to ensure that the migration project can be accurately costed, and any major issues can be found and dealt with before it is undertaken to add certainty to critical and time sensitive activities.

The key areas that are being searched for are:

• Errors during migration
• Use of legacy components.
• Poor scripting practices
• Interaction with external systems
• Communications Routes

The InTouch assessment is delivered as an offline review. You will need to provide a backup of the InTouch application to the our consultant and they will review the application and provide a report on the recommendations. You and the consultant can also discuss any changes to the architecture that are being made so that any scripts that might interact with this can be identified.

The amount of time required is estimated based on the number of tags in the application.

The Citect upgrade assessment is a review exercise. This is because there are several risks when upgrading an old application to run on newer software and hardware, regarding the compatibility of the existing system with the new environment.

The higher risk points include the upgrade of communications drivers, the use of legacy or custom ActiveX controls and obsolete Cicode functions. The aim is to discover and highlight any parts of your Citect SCADA that might lead to an unexpected problem should the application be migrated. It allows the migration project to be accurately costed, and any major issues found and dealt with before it is undertaken to add certainty to critical and time-sensitive activities.

This is a review that takes place offline and a report is delivered to you. The consultant will perform a “Test Run” migration of the Citect application and identify any issues/error that are critical to a successful migration. Analysis of any errors produced during the test run and recoding of the solution will be provided in the report. If you have any questions about the report, you can contact the consultant.

The System Platform Design Workshop is a deep dive into the design and development of a specific part of your system. This can be the design of the user interface and display or the templates that represent the equipment on site.

There are two main aims. Firstly, to ensure the best design possible for the core components of the system that are critical to the success of the project going forward. Secondly, to establish a standard of design going forward that other parts of the system can reflect. Other areas such as navigation, connectivity and external system integration can also be discussed.

A SolutionsPT Consultant is assigned to the project. You will need to share the requirements that form the request for the workshop. This can be for a combination of templates and user interfaces.

The time allocation is based on the number of objects, graphics or screens or concepts that will be covered in the design workshop.

• A small package will cover 1-3 templates, graphics or screens.
• A medium package will cover 4-6 templates, graphics or screens.
• A large package will cover 7-9 templates, graphics or screens.

System Governance is a methodology and service of protecting a live system that is undergoing development and expansion by managing the changes of multiple development parties over their projects’ life cycles. System governance manages the process of transitioning new templates and instances from a development to the live environment. The aim of System Governance is to ensure that the live system is protected from unexpected changes while allowing new components to be added to the system.

System Governance facilitates multiple stakeholders, i.e. developers, application support engineers working on the same system during a rollout process that will be staged across multiple phases staggered over time.

The first part of System Governance is setting up the procedures required to facilitate the transition between two systems. This is done by first holding a workshop between SolutionsPT and the team in charge of Change Control on the live system. The second part of the governance is the ongoing service of managing the imports to the live environment and then the incorporation of “signed off” templates into the standards library. SolutionsPT will review any packages that will be imported into the live environment, ensure the change control procedures have been followed and then complete the import in the live environment to allow the System Integrator to proceed with the appropriate testing.

When new templates are released SolutionsPT will update the “Master Template Library” and reissue the standards to the System Integrators working on the system.

Effort estimates for this service will be delivered after reviewing your requirements.

A galaxy assessment is an offline review of the customer’s System Platform project galaxy against known best practice. A galaxy review would normally take place at a crucial moment in the lifecycle of a project. The aim is to reduce risk for the next stages and ensure a successful project going forward:

The most likely scenarios for review are:

• A new project that has reached a design milestone.
• Version upgrade.
• An existing Galaxy that is being expanded.

The Galaxy Assessment consists of:

• A meeting to understand the customer’s goals and points of concern
  An offline review of the galaxy by the consultant
• Creation of a report detailing recommendations in the Galaxy
• A follow up discussion after the customer has had the opportunity to review the report.
• Review and answer to questions the customer might have in terms of changing environment, migration or upgrading a system as applicable.

The time allocation is based on the number of automation object templates that are to be reviewed. You can specify which templates are to be reviewed or ignored. If you would like the InTouch HMI or InTouch OMI applications reviewing then this work will be undertaken separately.

The InTouch upgrade is a migration of Standalone or “Modern” InTouch application from older version to higher/latest version. This covers installation of InTouch development and runtime, Installation of communication software, migration of InTouch application, testing and commissioning.

InTouch upgrade assessment is a pre-requisite for InTouch upgrade, the aim here is to upgrade the InTouch application and test it based on the findings in InTouch upgrade assessment for smooth migration of the application.

Standalone InTouch upgrade consist of the following elements:

• Attendance of consultant at kick-off meeting to understand the change and agree points.
• Migration of InTouch application and testing at SolutionsPT office.
• Changes in the application and communication software configuration as recommended in InTouch upgrade assessment report and test changes at SolutionsPT office.
• InTouch development and runtime installation at workstation.
• AVEVA License server Installation.
• AVEVA communication driver installation.
• InTouch runtime installation at client nodes (up to two clients).

• • Basic tests of software product functionality.
  • Communication driver’s configuration testing.

• • SolutionsPT consultant will be available during the functional testing defined by you.

• • Details result of any test done during commissioning.
  • Details problems encountered during commissioning and steps to resolution.

2-3 days are required to migrate the application to the latest version without making any changes in the application. The SolutionsPT consultant will provide an estimate for implementing the agreed changes based on the InTouch Upgrade Assessment. You can request additional “Go-Live” support at your discretion.

The InBatch upgrade is a two-part exercise. Part 1 is an offline test of the migration process for the software configuration (Config_A) and the historical data (BatchHistory database). Part 2 is an optional exercise of installing the upgraded InBatch components on the new system either in an office or at site. The aim of the InBatch Upgrade is to minimise the amount of downtime and risk that’s required to move the system from the existing version to the current version.

The package consists of an offline test migration of the Batch Management application and history subsystem and an optional installation of the InBatch components in your environment. If desirable the SolutionsPT consultant can also be available for assistance during testing of the upgraded version in the live environment.

Core Service

• Migration of the Config_A (Batch Management Configuration)
• Migration of BatchHistory and BatchArchive databases
• InTouch/Batch Management integration check
• This is a check for InBatch components within the InTouch application which could inform the customer of additional steps required for the successful migration of the system.

Comms Migration

• Configuring new communication drivers
• Updating the Batch Management tagname dictionary (TagLinker) if applicable
• Limitations in “Out of Scope”

System Installation

• Installation of one Batch Server or Redundant Pair of Batch Servers
• Installation of one Batch History Server
• Installation of one Reporting Server
• Configuration of prerequisites as required.
• SQL Server
• Microsoft IIS

Client Installation

• Installation of InBatch Runtime and Development Components

“Go-Live” support

• SolutionsPT Consultant available for “Just in Time” migration of History content
• SolutionsPT Consultant available to troubleshoot issues during system testing

With connectivity being central to the Industrial Internet of Things (IIoT), the demands on security are only set to increase.

Our Cisco/Hirschmann-certified engineers can carry out a thorough industrial network audit to determine any weaknesses or security vulnerabilities that exist. We’ll use this detailed information to help you stabilise and secure your network and then prioritise and plan the move towards a managed network.

Network Topology

• Your entire network can be physically mapped. Where practical, it can also be mapped through switch management features, to create a high-level topology diagram.

Network Device Entry

• Using a combination of network scanning tools and physical audits, each network connection will be checked to identify the device and the port that it is connected to.

Switch, Router and Firewall Device Audit

• Providing access is permitted to the network devices, configurations can be reviewed, and recommendations made relating to security, resilience and performance.

Security Posture Assessment

• The Claroty Security Posture Analysis is an offline assessment product that provides security teams with visibility and insights into the OT network’s security risk posture.

SPA from Claroty is the ideal tool for strengthening your industrial cybersecurity posture and increasing resilience within your operational environment.

SPA ingests a network capture file and generates a comprehensive report detailing the industrial network, its assets and deep insights including CVEs, configuration and other weaknesses. It’s perfect for consulting and security teams who want to conduct an assessment of a plant or operational environment and it’s available through SolutionsPT.

What is an SPA?

• An SPA gives you full insight into the internal and external industrial security capabilities at your plant. Everything from the networks and systems you rely on, to the industrial cybersecurity solutions you have in place.
• It brings together all aspects of your cybersecurity to help you to identify any possible gaps that might need to be addressed. You can use it to develop a roadmap within a security program and to maximise the ROI of cybersecurity-related expenses.

A Consolidated View of Cybersecurity Risks

• Claroty provides security teams with insights into the security risk posture of your OT network by running a comprehensive analysis of a packet capture (PCAP) file.
• With a detailed analysis of the assets and network communication patterns discovered and deep insights about weaknesses in your OT network, your teams have the information they need to fix hidden issues that may give an attacker a foothold or impact critical processes.
• With Claroty SPA, you can identify the true value of your data and define the risks that threaten it. It’s an effective way of evaluating the security measures that are in place and deciding whether or not they’re substantial enough. With a cybersecurity roadmap in place, you can collaborate across teams to ensure you control your exposure and solidify defences.

Asset Inventory

• Automatically identify and classify assets across the entire ICS network so you have an in-depth picture of the network and can address regulatory and internal audit requirements.

In today’s Operational Technology (OT) environment, cyber security plays a critical part to ensuring the safe and reliable operation of Industrial Automation and Control Systems (IACS). Legislators and regulators are enforcing companies to take preventative action and provide evidence that protective measures and robust governance is in place to mitigate the risk of a cyber incidents. To identify, understand and reduce cyber security risks, all organisations should have implemented an ongoing Cyber Security Management System (CSMS).

SolutionsPT can help you meet compliance standards with the following frameworks:

NIS Directive:

• The Network and Information Systems (NIS) directive. The NIS directive is an EU wide legislation to raise the overall resilience of the EU to cyber security threats on critical infrastructure. The deadline for adoption was May 2018, so the NIS directive is now a legal requirement. The NIS directive applies to all network and information systems that are deemed to be Operators of Essentials Services (OES), for example Utilities or Transportation.
• Non-compliance with the NIS directive leads not only to unacceptable business and safety risks but could also lead to financial penalties with a maximum fine of £17M. The applicability of the NIS directive is not limited to OES, this is comprehensive framework that can scale to other non-regulated sectors.

• IEC 62443 is a series of requirements and best practices related to cyber security of Industrial Automation and Control System (IACS). IEC 62443 provides a comprehensive framework for all aspects of an Operational Technology network relating an IACS. Multiple countries, such as the UK with OG86, have implemented legislation based upon IEC 62443. A gap assessment against IEC 62443 is therefore an excellent choice for companies who wish to assess their assets against an internationally recognised standard for cyber security.

• The UK’s National Cyber Security Centre (NCSC) developed the Cyber Assessment Framework (CAF) as a tool for Competent Authorities (CA) to assess Operators of Essential Services against the requirements of the NIS directive. If you are an OES then compliance with the CAF is mandatory and non-compliance can result in a fine. A gap assessment against the CAF framework can also be beneficial for those who wish to adhere to the same strict standard to mitigate business and safety risks posed by a cyber incident.

• If your site is exposed to major hazard risk, for example Control of Major Accident Hazards Regulations (COMAH) sites, you are required to demonstrate that you are effectively managing your cyber security risk. The HSE have published OG86 based upon industry standards such as ISO27001, IEC 62443 and the UK’s National Cyber Security Centre’s CAF to guide operators on how to implement a CSMS to manage risk.
• For those operating a COMAH site, compliance with OG86 is a mandatory requirement and the HSE are routinely inspecting sites for compliance. SolutionsPT has significant experience and expertise in this field and offers a comprehensive gap analysis program to aid your company in becoming compliant with OG86