SCADA (supervisory control and data acquisition) refers to industrial control systems; computer systems that monitor and control industrial, infrastructure, or facility-based processes. With SCADA, industrial processes include those of manufacturing, production, power generation, and refining, and typically functions in continuous, batch, repetitive or discrete modes. Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution wind farms, solar power plants, civil defense siren systems and large communication systems. Facility processes occur both in public facilities and private ones, including buildings, airports and sea ports. They monitor and control HVAC, access, and energy consumption.

SCADA systems have evolved through three generations;

  • First generation – Monolithic, computing was done by mainframe computers. Networks did not exist at the time SCADA was developed. Thus SCADA systems were independent systems with no connectivity to other systems. The communication protocols used were often proprietary at that time. The first-generation SCADA system was redundant since a back-up mainframe system was connected at the bus level and was used in the event of failure of the primary mainframe system.
  • Second generation – Distributed, compute processing was distributed across multiple stations which were connected through a LAN and they shared information in real time. Each station was responsible for a particular task thus making the size and cost of each station less than the one used in First Generation. The network protocols used were still mostly proprietary, which led to significant security problems for any SCADA system that received attention from a hacker. Since the protocols were proprietary, very few people beyond the developers and hackers knew enough to determine how secure a SCADA installation was. Since both parties had invested interests in keeping security issues quiet, the security of a SCADA installation was often badly overestimated, if it was considered at all.
  • Third generation – Networks, these are the current generation SCADA systems which use open system architecture rather than a vendor-controlled proprietary environment. The SCADA system utilizes open standards and protocols, thus distributing functionality across a WAN rather than a LAN. It is easier to connect third party peripheral devices like printers, disk drives, and tape drives due to the use of open architecture. WAN protocols such as Internet Protocol (IP) are used for communication between the master station and communications equipment. Due to the usage of standard protocols and the fact that many networked SCADA systems are accessible from the Internet, the systems are potentially vulnerable to remote cyber-attacks. On the other hand, the usage of standard protocols and security techniques means that standard security improvements are applicable to the SCADA systems, assuming they receive timely maintenance and updates.

The move from proprietary technologies to more standardized and open solutions together with the increased number of connections between SCADA systems and office networks and the Internet has made them more vulnerable to attacks. Consequently, the security of some SCADA-based systems has come into question as they are increasingly seen as extremely vulnerable to cyberwarfare / cyberterrorism attacks – most recently the Stuxnet worm specifically targeted towards SCADA networks .

DTS Solution brings practical SCADA security solutions to the regional market space through unique understanding of SCADA systems, processes and critical integration requirements. SCADA Security for PLC (Progammable Logic Controller) and DCS (Distributed Control Systems) controllers or RTU (Remote Terminal Unit) and protecting interaction from HMI (Human Machine Interface) terminals. Whilst SCADA security is unique and different from IT Security, it needs to be managed from a common risk perspective.

Contact DTS sales team to schedule a practical SCADA security workshop and how the solution offering can overall improve security processes and control functions within your environment.