SCADA Systems

Posted by bogbo001 on
Basil Ogbomoh
3/17/2024
Write-Up – SCADA Systems

Supervisory control and data acquisition – SCADA refers to ICS used to control infrastructure processes, facility based processes or industrial processes. The system is being questioned, as they are potential targets of cyberterrorism/cyberwarfare attacks. My position on this topic is that I think we should leave the system as is because the security behind it is tight and reliable.

SCADA system concepts
SCADA refers to the centralized systems that control and monitor the entire sites, or they are complex systems spread out over large areas. The system controls objects like water treatment, wastewater treatment, gas pipelines, wind farms, airports, space stations, ships etc.(SCADA systems). Obviously people will be concerned about the security of this system in hopes that it will not get caught up in cyber attacks. Questions arise as to if this system is being watched and is secured enough so that this system is safe and nothing will happen. The restrictions to the host control function are supervisory level intervention or basic overriding. For example, the PCL controls the flow of cooling water, the SCADA system allows any changes related to the alarm conditions and setpoints for the flow to be recorded or displayed(SCADA systems).Many critical infrastructure systems are interconnected and reliant on each other. For example, a disruption in the energy sector could impact transportation and telecommunications. This interconnectedness increases the potential impact of a cyberattack or physical disruption, as a single attack could have cascading effects across multiple sectors

Human Machine Interface
The HMI, or human machine interface, is an apparatus that gives the processed data to the human operator. A human uses HMI to control processes. The HMI is linked to the SCADA systems databases to provide the diagnostic data, management information, and trending information such as logistic information and detailed schematics for certain machine or sensor and troubleshooting guides. One example of an HMI can be a keyboard or anything that you are using to connect with a machine. A pump that is connected to a pipe can be switched off by the operator in real time.



Vulnerabilities
The initial purchase price of a SCADA system can range from 10,000 dollars to millions. It ranges depending on its complexity, the number of devices it needs to connect to, the hardware required, and the type of software licenses you’ll need. Maintenance is also an important factor to the price of upholding a SCADA system. (Erickson, 2023). The costs resulting from the control system failures are very high. Even lives may be lost. For a few SCADA systems, hardware is ruggedized to withstand temperature voltage and vibration extremes. A part that is failing can be identified and the functionality is taken over automatically through backup hardware. It can be replaced without any interruption of the process.(SCADA systems) There are two major vulnerabilities. The first one is unauthorized access to software, be it human access or internationally induced changes, virus infections, or other problems that can affect the control host machine. The second threat is related to the packet access to network segments that host SCADA devices.
How to fix vulnerabilities
SCADA vendors are addressing these risks by developing specialized industrial VPN and firewall solutions for SCADA networks that are based on TCP/IP. Also whitelisting solutions have been implemented due to their ability to prevent unauthorized application changes(SCADA systems). Another way to fix an ongoing problem would be to divide the SCADA network into segments based on function or criticality and implement network segmentation to isolate critical assets from less critical ones. This will help contain the impact of a cyberattack and prevent lateral movement by attackers within the network. By implementing these security measures, organizations can enhance the resilience of SCADA based systems against cyber attacks and minimize the risk of disruption to critical infrastructure operations.


References
(n.d.). SCADA Systems – SCADA Systems. Retrieved March 17, 2024, from https://www.scadasystems.net/
Erickson, A. (2023, June 17). SCADA Prices and Maintenance Costs. DPS Telecom. Retrieved March 17, 2024, from https://www.dpstele.com/blog/scada-price-maintenance-cost.php
US Pricing Small to Medium Systems. (n.d.). VTScada. Retrieved March 17, 2024, from https://www.vtscada.com/documents/pricing/VTScada_US_Pricing_Web.pdf

Leave a Reply

Your email address will not be published. Required fields are marked *