SCADA Systems

Critical infrastructures are vital assets for the public safety, economic welfare and national security of countries. Infrastructures are large scale, man-made systems that function interdependently to produce and distribute essential goods (such as energy, water and data) and services (such as transportation, banking and health care). The Department of Homeland Security defines critical infrastructures as assets that provide “the essential services that underpin American society and serve as the backbone of our nation’s economy, security and health. The vulnerabilities associated with critical infrastructure systems have become higher than ever. Vulnerabilities are characteristics of an system, asset, or applications, that could cause it to suffer a degradation or loss. An example of this can be lack of encryption. Legacy SCADA controllers and industrial protocols lack the ability to encrypt communication. Attackers use sniffing software to discover username and passwords. Another example of a vulnerability is remote acess policies, SCADA systems connected to unaudited dial-up lines or remote-access servers give attackers convenient backdoor access to the OT network as well as the corporate LAN. A systems needs to be in place to advise us of current or potential vulnerabilities like general administrative information, management awareness and control programs identification of hazards/potential crises, business characterization.

Cyber systems, especially SCADA systems and distributed control systems, are widely used to monitor and control critical infrastructures. The role SCADA applications play in mitigating those risks are important. SCADA uses mitigation techniques designed to thwart attacks, eliminating or minimizing the consequences. For example, the system will quickly alert an operator if a batch or product is showing unusual high number errors. This notification of an error allows the operator to resolve the issue quickly and prevent further loss of problems.