The supervisory control and data acquisition systems or “SCADA” are used to monitor and control many infrastructures and industrial processes. SCADA systems use several hardware and software elements to collect and relay information to a human interface where the information can be evaluated. Human interfacing is usually very basic and includes monitoring and overriding or confirming warnings. Human interaction is done through a Human machine interface or HMI. HMIs take the data relayed from the PLCs and RTUs and convert into a graphical display used for monitoring or simple command inputs. Remote terminal Units or “RTUs” are used by SCADA to collect sensor information and convert it to readable data by a computer or any human controllable monitoring device. This could be a temperature reading or fluid level gauge readout, which would then be converted to data readable by software and converted to a readable output for human evaluation. Programmable logic controllers or “PLCs” are used to interface with hardware and control operations or relay warnings and alarms to the RTUs for translation. Most of the PLC’s functions are automated and are programmed to provide a standard operating environment for the equipment only reporting when something is out of standard settings.
SCADA systems are used in very important infrastructure processes and exploitation or a single system being compromised could have very bad consequences. SCADA systems communications can include text messages, emails, alarm signals and others. The interfacing of the systems between hardware and monitoring is currently through WAN/IP protocols. The use of this type of interface and the connection of protocols being accessible over the internet increases the possibility of attacks. Most SCADA systems are connected and controlled through VPNs. While the VPNs are specifically made for these systems and utilize firewalls, another common threat found through information security is human error or security failures. A disgruntled employee could be used to exploit a system by accessing an unauthorized system and installing malware or other means of exploitation through the Human machine interface. The SCADA networks are based on TCP/IP so the possibility of packets being intercepted or unauthorized access to the VPN could allow someone to exploit and even control the infrastructure through the use of packets. SCADA systems are specifically designed to remove a lot of human interaction which removes some security issues. Even when human interaction is prompted the privileges and input measures are very minimal, though this type of operation means the functioning of the hardware and systems relies on the programming of the PLCs and interactions of the RTUs. Having backup hardware on site or already in place helps mitigate false readings and downtime associated with eventual hardware failure. SCADA systems are also utilizing mobile devices and web-based clients for control and information relay. Because of the wide variety of uses, hardware and software being used in the operation of a SCADA systems are some of the most important systems to secure which makes them a valuable target with many avenues of approach. SCADA systems are always assessing threats and developing counter measures to help secure the most important infrastructures in our lives. SCADA breaches have resulted in destroyed water pumps, pipelines being shut down and subject to ransom. Other breaches have involved power grids, water supplies, dams, transportation systems and the ransom of city archives. Many malwares and viruses have attacked and compromised SCADA systems in the past, such as “Stuxnet” and ”flame”. Due to the value and operation, SCADA systems are some of the most important and valuable targets for attackers, which also makes SCADA a high priority for security professionals to continually develop and secure its systems.
References
SCADA Systems (2022). SCADA Systems.
Info Security Group (2013). 25 New SCADA flaws Emerge in Critical Infrastructure
Kovacs, Eduard (2021). Ransomware Hit SCADA Systems at 3 Water Facilities in U.S.
Ewing, John (2021) What SCADA breaches have taught us about Enhancing Security