Supervisory Control and Data Acquisition (SCADA) systems are used to control infrastructure processes such as water treatment and gas pipelines, facility-based processes such as airports and space stations, and industrial processes like manufacturing and power generation. A SCADA system typically includes an apparatus used by a human operator  that receives processed data, a supervisory system that gathers all the required data about the process, Remote Terminal Units (RTUs) that help convert the sensor signals to digital data that is sent to the supervisory stream, Programmable Logic Controllers (PLC) used as field devices, and communication infrastructure that connects the RTUs to the supervisory system.  The SCADA systems used today are considered third generation and communicate between the system and master station through Wide Area Network (WAN) protocols. However, having this communication accessible through the internet increases the vulnerability of the system (SCADA, n.d). Other security concerns with SCADA systems include unauthorized access to software and packet access to network segments that host SCADA devices (SCADA, n.d).

These vulnerabilities are mitigated by implementing security protocols such as network segmentation, access control and authentication, device hardening & secure communication, and continuous monitoring (Virkkula, 2025). Network segmentation involves dividing the network into isolated segments to reduce the system’s attack surface and contain potential damage. This can be achieved with the use of firewalls and Virtual Local Area Networks (VLANs). Access control and authentication measures ensure that only authorized users have access to the information they are supposed to have. Examples of such measures include Principle of Least Privilege (POLP), which involves only granting users the minimum amount of access to do their jobs and Multi-Factor Authentication (MFA), which requires two verification methods. Device hardening and secure communication with SCADA systems includes disabling unnecessary services, modifying default usernames and passwords, and using encryption protocols. Continuous monitoring of SCADA systems is often done with Security Information and Event Management (SIEM) systems that aggregate data from various subsystems of the SCADA system to deliver real-time insights and early warnings. All of these protocols work together to mitigate the risks associated with SCADA systems.

References

(n.d.). SCADA Systems [Review of SCADA Systems]. Retrieved April 5, 2025, from http://www.scadasystems.net

Virkkula, J. (2025, January 15). SCADA Security Essentials: Your Need-to-Know Guide. Ssh.com; SSH Communications Security. https://www.ssh.com/academy/operational-technology/scada-security-essentials-need-to-know-guide