SCADA is an industrial control system used to control infrastructure, facility-based processes, and industrial processes. It consists of subsystems including human operators, supervisory systems, Remote Terminal Units, Programmable Logic Controllers, and communication infrastructure. These systems convert sensor signals into digital data and send it to the supervisory stream. SCADA systems are centralized systems that control and monitor sites, often using remote terminal units or programmable logic controllers. They allow for supervisory level intervention or basic overriding, recording and displaying changes related to alarm conditions and setpoints for flow. Data acquisition starts at the PLC or RTU level, including equipment status reports and meter readings.
The operator uses HMI to make supervisory decisions. SCADA systems use tag databases, which contain data elements called points, which are single output or input values controlled or monitored by the system. A system’s output is represented by a hard point, while its soft point is a result of mathematical and logic operations. These points are stored as timestamp-value pairs, providing a history of the point. Additional metadata, such as design time, alarm information, and PLC register, is also stored. The Human Machine Interface is a device that provides data to a human operator, enabling them to control processes. It is linked to SCADA systems, providing diagnostic data, management information, and trending information. The HMI provides graphical information in the form of mimic diagrams, allowing operators to view the plant being controlled. For example, a pump’s running status and fluid flow rate can be shown, allowing operators to switch off the pump. The software also shows a decrease in fluid flow rate in real-time. Mimic diagrams can be digital photographs or schematic symbols.
The HMI package of SCADA systems includes a drawing program for system maintenance personnel to alter the representation of points in the interface. These can range from simple on-screen traffic lights to complex multi-projector displays. SCADA systems are commonly used in alarm systems, with two digital status points: ALARM and NORMAL. When alarm requirements are met, operators and managers are alerted via text messages and emails, such as when a car’s fuel tank is empty. SCADA systems use Distributed Control Systems components, enabling easy logic processes without a master computer. Smart PLCs or RTUs enable execution of these processes. IEC61131-39 is used for creating programs on these systems, with minimal training required. SCADA engineers can implement and design programs on PLCs or RTUs. Programmable automation controllers combine PC-based control system features with PLCs. Distributed RTUs communicate with PACs, protective relays, and other I/O devices. Since 1998, most major PLC manufacturers have integrated HMI/SCADA systems using non-proprietary protocols. Skilled third-party packages offer compatibility with major PLCs, enabling engineers and technicians to configure HMIs independently without requiring custom-made programs. The RTU connects to physical equipment and converts electrical signals into digital values, such as valve status or flow measurements. This allows RTU to control the equipment, such as closing or opening valves or setting pump speed. A supervisory station is software and servers responsible for communication with field equipment and HMI software.
The main vulnerability of this system is that it has a lack of monitoring, this makes the system fail to detect suspicious activities and provide a good reaction when an attack happens. There are 10 other vulnerabilities to this system, and they are legacy software, DDoS attacks, lack of network segmentation, malware, web application attacks, policies and procedures, command injection and parameters manipulation, remote access policies, lack of encryption and default configuration. When systems become more and more advanced, they can have more vulnerabilities, and to keep them under control the company must do updates regularly in the software and hardware. There is some lack of knowledge about the systems that are connected to the SCADA system, because some people assume that all devices have the same capabilities when it is not.
Citations
“Check Point Software Technologies LTD” https://www.checkpoint.com/downloads/products/top-10-cybersecurity-vulnerabilities-threat-for-critical-infrastructure-scada-ics.pdf