Case Study: Remote Support Saves OEM $1.2M in Annual Site Visits

Executive Summary

A global gas turbine OEM providing lifecycle support to more than 200 power plants worldwide was spending over $1.2 million annually on on-site service visits. The barrier to remote support was not technology; it was trust. Utility and IPP customers systematically blocked VPN-based remote access, citing NERC CIP compliance requirements and lack of visibility into OEM sessions. Meanwhile, the OEM juggled multiple customer-specific access tools, creating tool sprawl, credential sharing risks, and inconsistent security.

By standardizing on Xona Systems, the OEM achieved what neither side could accomplish independently: a single secure platform that satisfied the most demanding utility compliance requirements while enabling the remote support capability the OEM needed. The result was $1.2M+ in eliminated site visit costs, support response reduced from days to minutes, and a new premium remote monitoring revenue stream. OEM technicians interact with plant systems in real time, but their endpoints are never connected to the OT network.

The Challenge

Power generation OEMs depend on providing lifecycle support, including maintenance, optimization, firmware updates, and diagnostics, to installed equipment at customer sites worldwide. A single domestic site visit averages $2,000+; international visits to remote locations can exceed $5,000 to $10,000. For an OEM supporting 200+ plants, 600+ annual visits adds up to over $1.2M in direct travel costs before accounting for engineer productivity or delayed response.

Urgent issues wait 24 to 72 hours for a qualified engineer to arrive. For plant outages costing $50,000 to $200,000 per hour in lost generation revenue, this delay is extraordinarily expensive.

Utility customers were not being unreasonable when they blocked remote access. They faced genuine compliance requirements that legacy tools could not satisfy: NERC CIP-005 requires all interactive remote access to BES Cyber Systems to go through an Intermediate System with MFA (standard VPN connections do not qualify); CIP-003-9 requires utilities to preauthorize vendor access, monitor sessions in real time, maintain full recordings, and retain instant revocation capability; and utilities cannot share plant credentials with OEM technicians and maintain CIP-004 compliance.  

The Xona Solution

Xona's Critical System Gateway deploys at each customer plant site as a NERC CIP-compliant Intermediate System. OEM technicians connect from anywhere via browser over HTTPS port 443 only. The CSG terminates OT protocol sessions inside the plant's trusted network and streams only encrypted pixel images back: no direct OEM-to-plant connectivity, no VPN, no agents.

Plant credentials are stored in an encrypted vault within the CSG at the customer site. When an authorized OEM technician initiates a session, the CSG injects credentials automatically. The technician works through the browser session without ever seeing or handling the password. Utilities no longer need to share plant credentials with OEM personnel, which had been the issue blocking remote access for years.

When an OEM technician requests access, the plant operator receives a real-time notification and must approve the session before it begins. During the session, operators can shadow the OEM's work live and terminate it instantly via the Kill Button. This transformed the dynamic from adversarial to collaborative: 'we can see everything, so connect anytime.

The Results:

Annual site visit reduction: 600+ visits eliminated, approximately 85% reduction. Direct travel cost savings: $1.2M+ per year. Engineer productivity gain: approximately 4,800 recovered travel hours per year. Support response time: from 24 to 72 hours down to under 15 minutes. Tool sprawl: multiple customer-specific tools consolidated to one platform.

Beyond cost savings, the OEM now offers premium remote monitoring and predictive maintenance subscriptions as a new revenue tier. Remote-first service contracts are priced competitively while maintaining margins. Competitors relying on site visits cannot match the economics. Session recordings resolve warranty disputes objectively, reducing reserves and accelerating claims.