SCADA Systems; mitigating risks in Critical Infrastructure

Posted by jdavi186 on

     Steps must be taken to ensure the security of SCADA systems in order to protect and maintain critical infrastructure in modern society.

Introduction

     In the modern world, critical infrastructure systems are generally automated in order to mitigate the risk of human error. While this helps to ensure that the infrastructure does not get misused by workers, it opens new vulnerabilities, namely cyber threats. These infrastructures are monitored and controlled by SCADA systems. SCADA, standing for “Supervisory Control and Data Acquisition” are systems which can be used to measure important parameters such as water chemistry, power consumption or output, and much more, as well as alter these parameters. 

Vulnerabilities

     The cyber-linked nature of modern infrastructure gives rise to new vulnerabilities. Some of these are the misreading and misinterpretation of critical data, unauthorized access to control systems, and downtime in the control systems – whether through faulty programming or via a malicious attack.

Data misrepresentation and HMIs

     SCADA systems, despite functioning as a mitigator for human error, do not fully eliminate the possibility of misuse. These systems measure data in ways which may not be easy or simple for a worker to understand or interpret, which may lead to incorrect determinations based on misread data. To this end, companies use HMIs, or Human Machine Interfaces, which display data in simpler ways such as charts or graphs. According to scadasystems.net, “These representations can be as simple as an on-screen traffic light that represents the state of the actual traffic light in the area, or complex, like the multi-projector display that represents the position of all the trains on railway or elevators in skyscrapers” (ScadaSystems.net). It is through these Human Machine Interfaces that alterations are made to infrastructure systems.

Unauthorized Access

     Unauthorized access is a major fault in the security of infrastructure in the cyber world. Whether through someone with malicious intent making their way to a physical terminal location, or through social engineering to learn of a worker’s account details, unauthorized access to SCADA systems could be catastrophic to any business or organization in charge of this infrastructure. For example, a major US drinking water treatment facility was victim to a SCADA system hack in February 2021. According to the Cybersecurity & Infrastructure Security Agency, the hackers “used the SCADA system’s software to increase the amount of sodium hydroxide… a caustic chemical, as part of the water treatment process” (CISA). While this specific incident was detected and resolved before causing issues to the public, we must take action to reduce risk of similar incidents occurring in the future. One such action is ensuring the security of the SCADA systems themselves, via enhancing physical security of the terminals such as having security guards and key card locks, and enhancing the online security through ensuring only company devices with secure digital certificates are permitted to access or alter the systems.

Downtime

     The third major risk of SCADA systems in critical infrastructure is the risk of extended downtime. This can occur either through an unforeseen error in the devices’ programming, or through a malicious attack, such as a denial of service attack. The former can be prepared for by ensuring that systems are constantly monitored, baselines are recorded, and aberrant data is investigated. The latter can be addressed by ensuring that proper firewalls are installed, both between the exterior internet and laterally between the devices within the business.

Conclusion

     SCADA systems and HMIs are a great advancement in the modern world’s critical infrastructure. Despite the benefits of these devices, it is always important to understand and address the risks which the devices bring to the table. Businesses employing SCADA systems should ensure that data is interpreted and used properly, that steps are taken to prevent unauthorized access, and that monitoring is maintained to ensure that downtime is minimal.

References

Article provided by Professor Kirkpatrick; “SCADA Systems” https://www.scadasystems.net   

Cybersecurity & Infrastructure Security Agency, “Compromise of U.S. Water Treatment Facility, https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-042a 

Leave a Reply

Your email address will not be published. Required fields are marked *