Cloud-based apps mitigate water management risk
Water utilities are steadily replacing legacy systems with software-as-a-service applications as confidence in data security builds. As Subject Matter Expert at technology provider Ovarro (formerly Servelec Technologies), Alan Cunningham discusses the latest developments.
What is software as a service (SaaS) and where does it fit with water?
SaaS applications are cloud-based programs and associated operating instructions that can be accessed via any device with an internet connection, as opposed to a software product that is entirely installed on a device or network. A technology such as Google Docs, where documents are stored on a cloud server, is one example that many will be familiar with. There may be a small local installation required, for example, a mobile app, but data and access are largely managed by the supplier on their systems.
Water companies have traditionally used software products installed on their networks. This creates a number of challenges; in particular, it is difficult to install security updates or other upgrades and it is generally harder for suppliers to support the products. Maintaining legacy systems, for which the original technology and infrastructure may be increasingly obsolete, is an expensive business but remains a widespread issue for utilities globally.
SaaS provides a mechanism for suppliers to continually evolve the software offering and meet the changing requirements of water companies. The approach typically includes a relatively low upfront cost with regular subscription costs to fund sustainment of the software and the convenience of ongoing support.
How can utilities’ security concerns be addressed?
It is fair to say that water companies have been reluctant to consider any software product that hosted their data outside of their own corporate network, on the basis that they wanted full control of information security. However, in the last five years there has been a big shift in the adoption and scaling-up of SaaS products.
Now that companies are starting to realise the benefits of a SaaS approach, binding contractual agreements and certified standards are providing the reassurance that their suppliers are doing as much as possible to reduce security risks to an acceptable level and manage them effectively.
The key standard for utilities to look for is ISO 27001, the internationally recognised best practice framework for information security management. While the standard is not new it is now widely implemented and recognised globally.
In what areas should utilities be embedding SaaS solutions?
Water companies should now be looking at SaaS opportunities across the board, whenever they are considering a software purchase. They should be weighing up the pros and cons in every case, looking in particular at ease of integration with other systems and data security requirements.
What operational challenges can SaaS solutions help to solve?
One area where legacy systems can be an issue for water companies is the control room, where a 24/7 response team monitors alarms on the network. We know that in many cases sewer flooding and pollution events can be traced back to an initial alarm that was not effectively dealt with.
The new AlarmVision system from Ovarro is an example of how SaaS can help to solve this challenge. Typically, the number of alarms being raised is too high for staff to investigate fully and action accordingly. They are often swamped by nuisance alarms — for example, a remote device that has an intermittent 4G signal and alerts every time communication is lost — which may mean that a more important alarm is missed.
There are also periods of ‘alarm flood’ where, for example, a power failure at a site results in many alarms being raised due to stopped devices, with a mains failure alarm representing the root cause buried among these.
Systems like AlarmVision can connect to an existing alarm system and help water companies understand whether they are in control and how they can improve if not. It can identify regularly occurring alarms and provide analysis of how the pattern of alarms received matches shift patterns (for example), so these can be adjusted if necessary. All of this helps ensure that when a significant alarm is raised the required action is taken, reducing the risk of customers or the environment being impacted and penalties occurring.
What are the risks of maintaining legacy systems rather than moving to SaaS?
A major issue is the escalating cost and information security risks to water companies of maintaining legacy systems developed using increasingly obsolescent technology. As an example, extended support for Windows XP ended in April 2014, after which users of the operating system ceased receiving further support or security updates from Microsoft.
One Ovarro client requested continued support of a legacy system that was incompatible with later operating systems. To achieve this, we had to take substantial precautions to maintain a secure support environment that significantly impacted on the cost of the support contract.
What steps should the sector be taking now to avoid pitfalls in future?
Companies should be reviewing their existing systems and identifying any that are not using the latest versions of operating systems or other infrastructure such as database management systems. In each case, they should be obtaining costs and timescales from suppliers for upgrade.
Where costs are significant, they should also be looking at SaaS alternatives that may provide a more future-proof solution without necessarily prohibitive upfront costs.
Which sectors should the water industry look to for examples of best practice?
The big tech firms are, of course, leading the way. Google and similarly Microsoft Office documents are increasingly hosted on the cloud with the option to edit in a browser.
More generally, lessons can be taken from any industry that is customer-facing and trying to meet increasing customer expectations. The financial services sector is an interesting case. High street banks have had to play catch-up with mobile app functionality initially offered by emerging financial technology firms, which became challenger banks with measurable market share.
Where is water lacking in comparison?
Water is a naturally conservative industry with a large legacy asset base, focused on keeping the water flowing and maintaining water quality. Globally, the financial incentives to innovate are usually low, particularly where there is risk involved in doing so.
Concerns regarding security of data from a SaaS model remain to varying extents in different parts of the world and there is often a legislative need to retain data within the country, or even state, of origin. A particular issue in the UK historically has been that water companies have been incentivised towards up-front expenditure that can be capitalised, rather than the annual recurring expenditure associated with a SaaS model.
What role does innovation play?
The SaaS approach supports innovation by facilitating incremental product developments at affordable costs. This kind of innovation, and in particular extracting more information from existing datasets, represents huge opportunities for water. AlarmVision is a good example of this, helping companies see a bigger picture than they could previously.
How is Ovarro supporting the water industry in this area?
Our next-generation analytics products are being designed as SaaS products to reduce the costs of configuration, maintenance, support and upgrade. This builds on our expertise from our Primeweb cloud-based system used to manage Ovarro leak detection hardware. Further analytics SaaS products are in the pipeline and in varying stages of trials with water company customers.
How do you see the SaaS landscape developing into the 2025–2030 asset management period (AMP8)?
I believe AMP8 is when the industry will shift from on-premises software being the norm to a substantial preference for SaaS solutions, with a proactive rather than reactive attitude to replacing legacy systems. Water companies are starting to learn the lessons from a short-term attitude to technology and the risks associated with infrastructure obsolescence.
Beyond that, I expect that the industry will start to embrace as-a-service models more generally; for example, leasing hardware with payment models based upon availability of data. This then ensures that the client does not get stranded with legacy hardware assets that are incompatible with future communications technology or software requirements.
Anticipating maintenance problems with predictive analytics
By utilising predictive analytics, process manufacturers can predict failures, enhance...
Air-gapped networks give a false sense of security
So-called 'air-gapped' OT networks can still fall victim to cyber attacks, so what is the...
Maximising automation flexibility: the ISV-driven approach
Vendor lock-in has long been a significant barrier to innovation in the industrial sector, making...