The Biostream is a fully containerized biogas upgrading system designed to produce renewable natural gas (RNG). It upgrades biogas from sources including agricultural waste, animal waste, wastewater, and foodF waste to RNG with over 97% purity and a 99% recovery rate.

Each Biostream unit is equipped with over 150 sensors that collect data. This sensor and equipment data provide extensive information about the performance of the Biostream, enabling remote monitoring. Remote monitoring is facilitated through the integration of Industrial Internet of Things (IIoT) technologies. While offering many benefits, it also introduces new cybersecurity threats.

Curious about how cybersecurity and remote monitoring are shaping the future of biogas?

Check out our article: IIoT, Cybersecurity and Remote Monitoring – Essential Considerations in Biogas Production

In this article, we will discuss the remote monitoring and reporting capabilities of the Biostream, along with the cybersecurity system designed to prevent unauthorized access, support rapid recovery after natural disasters, and ensure compliance with international standards.

One of the key features of the Biostream is remote monitoring. This feature enables an operator to remotely manage a Biostream or a fleet of Biostreams at multiple sites.

The over 150 sensors in the Biostream report back information on the inlet flow rate, product flow rate, recovery rate, RNG purity, CO2 production, and uptime. With this date, reports on Key Performance Indicators can be automated and used for optimisation and to compare production across time and facilities.

Remote monitoring also aids in planning maintenance by tracking all scheduled maintenance requirements, based on usage or time, and reminding users that these supplies need to be ordered and maintenance planned.

If any problems occur with the unit, our service technicians can perform remote monitoring to review any alarms that could cause a shutdown and address them.

Cybersecurity Features

Cybersecurity involves more than just safeguarding systems against unauthorized access. There are various potential risks from a cybersecurity standpoint to networks, equipment, and the operation of a biogas facility, such as operational disruption, safety hazards, environmental harm, reputational damage, and threats to national security. At Ivys, we prioritize cybersecurity. We have

Secure by Design

built a Cybersecurity Management System for the Biostream, a fully containerized biogas upgrading solution, and are expanding it to other systems.

In addressing potential cyber threats to biogas upgrading systems, Ivys designed the following essential cybersecurity features of the Biostream.

Identity and access management (IAM)

Ivys’s Cybersecurity Management System uses a comprehensive Identity and Access Management (IAM) system that manages user accounts—including creation, deactivation, roles, and permissions—while enforcing authentication policies and monitoring activity. Besides digital access control, it also manages physical site access. Proper user management ensures that only authorized individuals can access sensitive data, reducing the risk of data breaches and insider threats. As a key part of the overall security framework, it helps meet security standards and regulatory requirements.

System Hardening

In cybersecurity, system hardening refers to the process of securing a system by reducing its surface of vulnerability. A system’s surface of vulnerability (also known as the attack surface) refers to all the points where an unauthorized user could try to enter or extract data from a system. The goal is to limit opportunities for exploitation by attackers, thereby improving the system’s overall resilience.

In developing Biostream’s Cybersecurity Management System, engineers removed unnecessary software, including deactivating multiple default Windows services, disabling additional unused services, closing open ports, applying security patches, and configuring system settings to minimize vulnerabilities.

Remote acces security

One of the main benefits of Ivys’s Biostream is the ability to control, optimize, and generate reports remotely by a single operator across multiple biogas facilities, significantly lowering operating costs compared to having upgrading operators at each site.However, remote access comes with cybersecurity risks, from weak authentication, outdated software, or unsecured connections that could be exploited to gain entry. Our system incorporates multiple remote access safeguards, including multi-factor authentication (MFA), firewalls, VPN-encrypted tunnels, and endpoint security, to ensure secure and controlled access to sensitive digital environments.

Disaster Recovery Plan

Despite the best protection in place, a disaster recovery plan is also a critical component of cybersecurity systems. Disaster recovery planning (DRP) is the process of preparing for and responding to cyber incidents that disrupt IT infrastructure systems, such as ransomware attacks, data breaches, or system failures.

Additionally, extreme weather poses physical risks to cyber systems by causing power outages, which can shut down data centers and block remote access. Floods, hurricanes, or wildfires may damage communication lines, restricting access to cloud services or backups. During emergencies, employees might be unable to reach secure locations or use secure devices.

To address these risks, Ivys has established a comprehensive disaster recovery plan (DRP) that includes data backups, incident response procedures, recovery time objectives (RTOs), and ongoing testing. The plan features redundancy, with cloud-based, geographically diverse backups that provide off-site access and established protocols for restoring critical operations, recovering data, and minimizing downtime. A well-designed DRP is crucial for minimizing financial losses, protecting reputation, and avoiding regulatory penalties.

Compliance with International Cybersecurity Standards

The Biostream is compliant with all international cybersecurity standards, including the following

ISO/IEC 27001

ISO/IEC 27001 is a global standard for managing information security. It provides a clear method to handle and lower cybersecurity risks. It is used widely in the natural gas industry, where industrial IoT technologies are being used increasingly.

IEC 62443

IEC 62443 is an international standard developed by ISA and IEC to enhance security in Industrial Automation and Control Systems (IACS), including IIoT. It provides a framework for managing cybersecurity from design to operation, focusing on risk assessment, layered defenses, secure architecture, and access control. Divided into four areas—general, policies, system, and component requirements—it helps industries like renewable natural gas build secure, compliant networks.

NIS2 Directive

The NIS2 Directive, applicable to EU countries from October 2024, expands the cybersecurity obligations of energy operators. It requires them to implement risk management practices, report incidents, and enhance supply chain security.

For more information, read the article IIoT, Cybersecurity and Remote Monitoring – Essential Considerations in Biogas Production

Continuous Improvement in Cybersecurity

Cybersecurity is an ongoing process as technology and standards evolve, and our framework is regularly updated. All original software, including previous versions, is stored on our secure server for each unit.

Cybersecurity as a Criterion for Funding, Investment and Acquisitions

As awareness of cybersecurity risks and the impact of severe weather on digital infrastructure increases within the biogas sector, investors and financiers are now insisting that new facilities meet or surpass international cybersecurity standards. During mergers or acquisitions, cybersecurity measures are typically assessed as part of the due diligence process. In some regions, corporate leaders may be held responsible for cybersecurity failures.

Although the biogas industry hasn’t yet experienced a major cyber incident, it’s essential to acknowledge that gas networks have not been immune to cyberattacks.

Is your biogas upgrading solution cybersecure? Ours is!

When developing the Biostream, Ivys put cybersecurity as a critical aspect of the unit. By doing this, we significantly reduce the risk of unauthorized access, damaged equipment, and data loss due to natural disasters, while enabling remote monitoring and real-time KPI reporting.