Building Cybersecure Offshore Platforms with Smart Design Strategies

Gabriel Albuquerque, Automation and Instrumentation Design Manager, Petrobras

Gabriel Albuquerque is an Automation and Instrumentation Design Manager with extensive experience in offshore oil and gas projects. He specializes in IEC 62443 compliance, cybersecurity, and leading engineering teams through design, execution, and operational support phases.

In an exclusive interview with Applied Technology Review, Albuquerque shared his thoughts on driving design excellence in offshore automation systems, addressing cybersecurity challenges, and applying IEC 62443 standards to enhance project safety and performance.

Driving Design Excellence for Offshore Projects

As Automation and Instrumentation Design Manager, I lead a team focused on engineering design for offshore oil and gas production units, particularly in newbuild projects. My key responsibilities span the conceptual and basic design phases, where we develop specifications and perform preliminary calculations to support the FEED, defining the automation architecture and instrumentation strategy in line with project requirements and international standards.

Once the EPC contractor is appointed, my team monitors the detailed engineering to ensure technical compliance and proper interface management. We also provide technical support throughout construction, commissioning, and the start of operations. Our goal is to deliver safe, reliable, and optimized automation and instrumentation systems that support overall project performance.

Dealing With Gaps in Certified Vendor Hardware

One of the main challenges in applying IEC 62443 to surface system projects, particularly in the oil and gas sector, is that certain aspects of the standard are still subject to interpretation and evolving industry consensus. For example, it’s not always clear whether a minimum Security Level (SL) should be defined for the entire system or if it can vary across subsystems.

“Enhancing guest experience is very important for hospitality business which not only improves guest satisfaction but also fosters brand loyalty and increases competitive advantage”

Another challenge is that not all major automation vendors have SL-certified hardware, which makes it harder to align with the standard’s recommendations. In addition, when working with the requirements of IEC 62443-3-3, a key difficulty lies in determining which requirements should be selected and applied to the specific project context.

Maintaining cybersecurity governance after system handover—especially in complex and dynamic operational environments—is also a significant challenge.

Embracing IEC 62443 Amid Rising Cybersecurity Risks

With the increasing risks related to cybersecurity and the growing complexity of automation systems, implementing the recommendations of IEC 62443 has become essential. While cybersecurity is often perceived as a way to protect against external hackers, its scope is much broader. The standard helps reduce risks from unauthorized or unintended access—even from within the facility—by individuals who may not have malicious intent but can still compromise system integrity.

By applying IEC 62443 principles, we’ve improved the safety and reliability of our engineering deliverables. It has enabled better access control, clearer system segmentation, and more structured specification of cybersecurity requirements across project phases.

Applying Best Practices on Operational Assets

The projects currently being developed with the latest cybersecurity requirements are still in the detailed design and risk assessment phases, so we have not yet adopted specific tools tailored for IEC 62443 compliance during engineering.

However, in operational assets, we apply several best practices aligned with the standard. These include the use of network sniffers to monitor automation traffic, access control via jump servers for external connections, internal access management through Active Directory integration, and system hardening based on vendor guidelines.

Avoiding the Pitfalls of Over-Segmentation

A solid understanding of the automation architecture is essential when implementing cybersecurity measures. One common pitfall is over-segmenting the automation network— creating too many zones and conduits, which can unnecessarily complicate operations and increase long-term costs.

In many cases, evaluating which systems can operate more independently and ensuring the implementation of fundamental security measures—such as access control and physical port restrictions—can achieve a sufficient level of protection without adding excessive complexity. Focusing on the basics and aligning security design with operational reality often leads to more sustainable and effective outcomes.

Let Risk Assessment Drive Cybersecurity Decisions

There is no one-size-fits-all solution when applying IEC 62443 to surface system projects. The more cybersecurity countermeasures you implement, the higher the cost and the greater the operational complexity. For this reason, it’s essential to focus on the risk assessment phase and carefully define which measures truly add value to the system.

My advice is to avoid applying controls or technologies that do not offer a clear benefit in terms of risk reduction. A well-structured threat and risk analysis should guide all decisions, ensuring that resources are allocated efficiently and that the security architecture remains manageable and effective.