Supervisory Control and Data Acquisition (SCADA) systems control many of the crucial services our modern society depends upon such as electric power distribution, water treatment, natural gas and oil pipelines, hydroelectric dams, traffic lights, train switching systems, building controls, and many others.
Because of its critical role in controlling these systems, security for SCADA systems is a high priority, but many legacy SCADA devices that were designed without security measures are now being connected to the Internet. These devices also lack the ability to detect and report traffic abnormalities, probes or attacks, or to manage and control security policies. While newer systems may include improved security, many SCADA devices remain deployed for 10 years or more, often in remote areas, resulting in very slow migration to newer, more secure devices.
In addition to system level security issues, SCADA protocols themselves are often inherently insecure. They may lack basic security measures. Instead they often rely on “security by obscurity” or on isolation from public networks for security. Without security measures such as authentication and encryption, the underlying protocols provide an easy avenue for hackers wishing to attack SCADA devices.
SCADA networks
SCADA systems are often complex networks with multiple components. These systems may be fully automated, where all control is performed by computers, fully manual, where control is performed by human operators, or a hybrid system, where some control is performed automatically and some is performed by human operators. To perform all of these functions, many SCADA systems include:
Field interface devices – Sensors detecting and reporting power levels, flow rates, temperature, pressure, and local control devices such as motor controls, valve actuators, and control switchboxes.
Operating equipment – Motors, pumps, automated factory systems, and valves controlled by the SCADA network.
Control computers – Embedded computers or dedicated PCs receiving information from the sensor networks, reporting this information to the management systems and controlling the associated operating equipment. These computers may make decisions automatically based on the information derived from sensors, or may relay commands received from management computers.
Management computers – Computer terminals with an HMI (Human Machine Interface) connected to the SCADA network. These computers provide an interface for operators to monitor and control the devices on the SCADA network.
Networked communication (local and remote) – SCADA networks use a variety of communication technologies. Serial communication, USB or proprietary wired networks are used for short range communication. Ethernet, TCP/IP, Wi-Fi, dial-up networking, cellular packet data and other methods are used for long range communication. Increasingly, SCADA networks utilize the Internet for long range communications and remote access.
Interconnection to business process systems – Frequently, SCADA networks are connected to corporate networks to allow them to interconnect with business process systems.