What is the SCADA System?
The supervisory control and data acquisition system (SCADA) is used in industrial
facilities to control and monitor certain processes like water treatments, pipelines, and in some
facilities production (SCADA Systems). The system includes some human operated equipment,
systems that gather data, programmable controllers, and more. Though many aspects of the
system are automatic or programmed the human machine interface (HMI) allows for schematics,
maintenance procedures, and troubleshooting on the machines used in the system (SCADA
Systems).
Vulnerabilities
In the U.S the critical infrastructure is divided into 16 sectors. Each of these sectors have
numerous risks to security including risks to health care data, transportation, water supply, and
even energy (Labus 2022). These vulnerabilities come from all types of malware such as
phishing attacks, ransomware, or other methods like data exfiltration, industrial system control,
and supply chain compromise. One example of an infrastructure breach being a hack from
January 2021 on a water treatment plant where the chemical levels were raised a dangerous
amount (Fick 2023).
SCADA Mitigations
Ways that the SCADA system mitigates these vulnerabilities in the critical infrastructure
are by having specific and limited communication methods and operational philosophy. As far as
communication goes the SCADA system uses a remote management system called telemetry. Its
protocols have information sent to one master station and the communication protocols are
specific to only SCADA vendors, therefore limited access which lessens the security risk in both
accessing the information and in intercepting while moving from machine to master station. The
SCADA operation philosophy is in place because a failure in the system would be very costly.
So to mitigate loss if there were a failure in part of the system the hardware is built to withstand
high temperatures, voltages, and vibrations increasing its reliability. In the event that a part still
fails, that part can be identified, shut down, and taken over by backup systems and hardware
without stalling any progress (SCADA Systems).
Conclusion
We live in a world dominated by technology and the risks to not only our personal
information but critical infrastructure have been increasing and developing right alongside those
technologies. Using the SCADA system lowers the continuously rising risks to the security of
critical infrastructure by limiting communication vulnerabilities, increasing hardware reliability,
and having backups incase of system failure.
Citations
Fick, Allie, Security Reporter. “Critical Infrastructure Is More Vulnerable than Ever-Your
Industry Could Be a Prime Target.” Lacework, 12 Jan. 2023,
www.lacework.com/blog/critical-infrastructure-is-more-vulnerable-than-ever-your-industry-could-be-a-prime-target/#:~:text=When%20it%20comes%20to%20critical,it%20can%
20be%20very%20dangerous.
Labus, Helga. “The Massive Impact of Vulnerabilities in Critical Infrastructure.” Help Net
Security, 11 Mar. 2022,
www.helpnetsecurity.com/2022/03/15/critical-infrastructure-security/.
“SCADA Systems.” SCADA Systems, www.scadasystems.net/. Accessed 4 Nov. 2023.