SCADA Systems and the Vulnerability of Critical Infrastructure Systems

               Critical infrastructure systems such as power grids, water supply, communications systems and more are subject to being at risk of cybersecurity attacks. These critical infrastructure systems hold high vulnerability for cybersecurity attacks and systems need to be put in place to protect them from such. These infrastructures are crucial to society and governments and the risk they pose puts not only the systems in jeopardy but the government and possibly society as well. Outdated systems, failed mechanisms, weak signals, unsecure accessing is all things that pose risk due to vulnerability. There are also natural threats such as natural disasters that could weaken or damage these systems. The main cybersecurity threats are those of human threats such as terrorism attacks and cyber-attacks (International Journal of Control and Automation pg.17-20).

            Many of these critical infrastructures now are secured and controlled by controlled systems such as SCADA. SCADA stands for Supervisory Control and Data Acquisition. It is used to control some of these critical infrastructure systems such as water treatment facilities pipelines, wind farms and more. The SCADA system however does not directly control these processes in real time but instead controls and coordinates with the processes. There are many parts to SCADA systems that enable it to control and process data to keep these infrastructure systems operating. These systems communicate with the equipment of these infrastructures to enable it to run properly while also having Human Machine Interface (HMI) that gives data processed form this infrastructure communication back to a human operator.  In a sense, SCADA is the middleman for operations (SCADA Systems pg. 1-4).

            SCADA systems work to enable security through physical and network security. Control system failures are not only detrimental to equipment and systems but also open for vulnerability of cyber security attacks. Some SCADA systems have ruggedized hardware that can withstand physical damage and possible threats to the equipment. This lowers the risk of physical and mostly natural damage to the systems (SCADA Systems pg. 4). 

            While SCADA systems help ensure physical and network security and give these critical infrastructures something to be controlled by, it is not all around secure. Due to the number of things controlled by these SCADA systems, cyber-attacks and other human or natural damages would have extremely bad consequences for many companies and people. SCADA does have two major threats to their systems, one is unauthorized access which can affect SCADA systems’ hosts machines and therefore cause other issues for the systems and infrastructures. The other major threat is related to the network, there is a lack of security of network packets that could allow anyone with the ability to send packets to SCADA systems, access to other controls. SCADA however is developing more security for these threats to help reduce risks (SCADA Systems pg. 6)

            Overall having SCADA systems in place for these critical infrastructures gives control and some more security then if they weren’t controlled all together. Real time monitoring and communication with human operators ensures that if anything fails and goes wrong, someone can acknowledge it and hopefully fix it before it opens vulnerability to the infrastructures. SCADA also helps control who has access and is authorized to be in any sort of access or control of these infrastructures. SCADA systems can also place incident response commands and therefore work to combat a cyber security attack or other threat before it becomes detrimental. SCADA systems are important to have in place for these critical infrastructure systems to reduce risks and vulnerability. 


Sources:

https://www.scadasystems.net 

https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=7098a29a404f8561c7f3c66801b6e1f36f88b7b7

Leave a Reply

Your email address will not be published. Required fields are marked *