BLUF: In this paper there will be a discussion about the Supervisory Control and Data Acquisition Systems (SCADA). Additionally, there will be an explanation of the vulnerabilities associated with critical infrastructure systems and how the SCADA applications play a role in mitigating the risks that may arise (“SCADA”, 2011).
What are SCADA Systems?
SCADA, which means Supervisory Control and Data Acquisition is a system that collects data from a plethora of sensors in various locations and sends the data to a central computer to then manage and control the data. It is also referred to industrial control systems that control infrastructure processes such as, water treatment and wind farms (“SCADA Systems”, n.d.).
Within the SCADA system there is the Human Machine Interface (HMI), Remote Terminal Units (RTU) and Programmable Logic Controllers (PLC) all of which, contribute to the monitoring of a system in real time. HMI is a user interface where data is processed to reach a human operator (“SCADA Systems”, n.d.). The data is also translated into graphics and mimic diagrams making it easier for the human operator to control the system (“SCADA Systems”, n.d.). Furthermore, Human Machine Interface helps in monitoring multiple RTUs or PLCs at a time (“SCADA”, 2011). Remote Terminal Units converts all electrical signals coming from equipment into values that are easy to control (“SCADA Systems”, n.d.). Programming Logic Controllers are industrial computers that control automated processes in industries. They also have a function to monitor the input and output of data (“The Role of Programmable Logic Controllers in a SCADA System”, n.d.)
Vulnerabilities associated with critical infrastructure systems
Critical infrastructures are assets, systems, and networks that provide functions necessary for our way of life (“Critical Infrastructure Security and Resilience”, n.d.). Some examples include Emergency services and Water supply systems. Therefore, if exposed to any vulnerabilities, it could lead to detrimental effects for many individuals. Vulnerabilities are characteristics of a system that could cause it to suffer a loss as a result of, being subjected to certain threats (Robles, n.d.). The threats are categorized into natural threats, human caused, accidental and or technical all of which, can cause a cyberattack (Robles, n.d.). For example, if someone gains unauthorized access to software this can cause potential malfunctions and viruses (“SCADA Systems”, n.d.). Additionally, unauthorized changes to programmed instructions in the PLC’s or RTUs may occur (Robles, n.d.).
SCADA’s role in mitigating these risks
SCADA can play an important role in mitigating these risks by potentially setting up a SCADA risk management program. This effectively assesses, prioritizes and reduces cyber-attacks (Claroty, 2024). By having a framework of what potential risks may arise and by putting solutions in place, future risks can be prevented. Moreover, there are certain measures that mitigate the risks that may arise in SCADA systems. Initially, it is important to properly manage authorization and user accounts (“One Flaw too Many”, 2019). This is because, by regularly monitoring who has access to the system, one can help to reduce unexpected breaches of privacy. Next, implementing regular system updates are vital for mitigating the risks that may arise in SCADA systems. Finally, prevent any potential future cyber-attacks though the application of strict policies for all connecting devices to SCADA systems.
Conclusion
To conclude there has been a discussion of what SCADA (Supervisory Control and Data Acquisition Systems) is and the components of its systems such as, Human Machine Interface (HMI), Remote Terminal Units (RTU) and Programmable Logic Controllers (PLC). Furthermore, vulnerabilities associated with critical infrastructure systems were mentioned and explained. Finally, the role SCADA applications play in mitigating these vulnerabilities were also discussed.
References
Critical Infrastructure Security and Resilience. n.d. Critical Infrastructure Security and Resilience | Cybersecurity and Infrastructure Security Agency CISA
Claroty. 2024. SCADA Risk Management: Protecting Critical Infrastructure. SCADA Risk Management: Protecting Critical Infrastructure | Claroty
Robles. n.d. Common Threats and Vulnerabilities of Critical Infrastructures. Microsoft Word – rosslin_paper1.doc
Robles. n.d. Common Threats and Vulnerabilities of Critical Infrastructures. Microsoft Word – rosslin_paper1.doc
Robles. n.d. Common Threats and Vulnerabilities of Critical Infrastructures. Microsoft Word – rosslin_paper1.doc
SCADA. (2011). SCADA – Tech-FAQ
SCADA. (2011). SCADA – Tech-FAQ
SCADA Systems. n.d. SCADA Systems – Google Docs
SCADA Systems. n.d. SCADA Systems – Google Docs
SCADA Systems. n.d. SCADA Systems – Google Docs
SCADA Systems. n.d. SCADA Systems – Google Docs
SCADA Systems. n.d. SCADA Systems – Google Docs
The Role of Programmable Logic Controllers in a SCADA System. n.d. Htt.io
One Flaw too Many. 2019. One Flaw too Many: Vulnerabilities in SCADA Systems | Trend Micro (US)