BLUF – Critical infrastructure systems can be exposed to a range of vulnerabilities, both digital and physical, and these vulnerabilities need to be addressed and properly mitigated. One system that looks over such vulnerabilities is the SCADA Systems. SCADA stands for Supervisory Control and Data Acquisition, and these systems are used to maintain a variety of infrastructures, such as gas pipelines or
power generators, all from a remote location. Without SCADA systems in place, critical
infrastructure systems would be exploited and tampered with, which could result in costly damages.
Vulnerabilities and Mitigations
Critical infrastructure systems are not built with having strong security as a priority. They often run on outdated systems or legacy technologies in order to stay in operation for long periods of time. It’s these same factors that leave them vulnerable, as outdated systems are not up to date with current security measures, allowing them to be easily compromised. A vulnerability infrastructure can face is lack of redundancy, which can lead to system failure if it were to ever malfunction. SCADA can mitigate this through the use of hot-standby and dual-redundant formation, which provides monitoring and control during system failures (SCADA Systems Article, P.4). Another vulnerability that’s mentioned earlier is the lack of secure communication protocols, which is influenced by how these systems are running on outdated hardware and legacy technologies. SCADA can mitigate this through their own protocols, with IEC 61850, DNP3, and IEC 60870-5-101 all being standardized and used in infrastructure systems (SCADA Systems Article, P.5)
Conclusion: SCADA systems stand as a defense mechanism for critical
infrastructure systems, with a variety of tools to mitigate vulnerabilities.