Ian Waweru
Cyber technology
Dr. Cooper
03/20/2022
SCADA System
SCADA is an abbreviation for Supervisory control and data acquisition. The SCADA system is a beneficial system that helps us monitor our infrastructure processes, facility-based processes, and industrial processes. This system is a software system that requires hardware elements to perform tasks. These tasks are very beneficial, and they work to “Monitor, gather, and process real-time data, control industrial processes locally or remotely, record events into a log file”. Industrial organizations use SCADA to control and monitor entire sites and it can be done so in a couple of ways. The first control is known as the remote terminal unit (RTUs). The RTU is beneficial because it will communicate using sensory signals that are converted into digital data. The second control is known as programmable logic controllers (PLCs). The PLC is another microcomputer that is used as a field device. Both microcomputers communicate with multiple machines and their purpose is to collect data from them. This data can include equipment status reports or meter readings, an operator receiving this data will then make a proper decision on what to do next by using HMI. HMI is an abbreviation for human-machine interface. The HMI’s purpose is to provide feedback to the operating personnel and the ability to control processes. This interface is linked with the SCADA system, and it provides crucial feedback for each machine that is controlled under the PLC and RTU. An operator will be able to see diagnostic data, maintenance procedures, troubleshoot guides, and more important features that will help employees analyze data and make important decisions. An alarm system is available in this interface, and it will send a message to an operator of that machine if necessary. Many machines have this capability, for example, A soda machine is out of syrup, the alarm is active and a light requesting maintenance will blink. There are a few vulnerabilities in the SCADA system that can produce a problem. Human factors prove to be problematic; an unauthorized individual can intentionally or unintentionally infect a system with a virus. The design itself is a vulnerability, researchers are more concerned about the security and authentication of the design. With that being said “security researchers are also concerned with the existing security and authentication protocols in the design”. Another problem would be packet access to the network segment, anyone can access those packets and it leaves a massive security risk. Even with all the vulnerabilities, there are still a few ways to help protect SCADA networks. One important way to protect these networks is by reinforcing security for internal networks and demilitarized zones. Another way we can protect these networks is by having limitations and authority control needed for external connections. Virtual private networks are also known as VPNs, and this can enhance security for extra protection. The SCADA system has come a long way and it is broken down into three different generations. The first generation of this system didn’t connect to any other system because at the time networks did not exist. The second-generation used LANs to send information to multiple stations. The pro for this generation is that it cost less in comparison to the first generation. However, the con is the protocol, there are many security issues in the SCADA systems. The third generation is the generation we are currently in. The communication of the SCADA systems today is through the wan protocol. Vulnerability is still a concern however, there are added security protocols that help improve the security of the system, unlike the first two generations.
References
- https://docs.google.com/document/d/1DvxnWUSLe27H5u8A6yyIS9Qz7BVt_8p2WeNHctGVboY/edit#
- https://inductiveautomation.com/resources/article/what-is-scada
- Kim, HyungJun. “Security and vulnerability of SCADA systems over IP-based wireless sensor networks.” International Journal of Distributed Sensor Networks 8.11 (2012): 268478.