Name: Lindsey Lorton

Date: March 12, 2024

Critical Infrastructure and SCADA Systems

The role of supervisory control and data acquisition (SCADA) in industrial control systems (ICS) and in mitigating vulnerabilities in critical infrastructure systems.

The use of SCADA in industrial control systems and its components

SCADA is a system used in controlling critical infrastructure systems. They’re comprised of both hardware and software and can be used in managing practically any industrial control system. The system gathers data, feeding information to field controller systems, and is then provided to  a human machine interface (HMI) (Loshin, 2021). SCADA system HMI can provide information and data, such as logistics, troubleshooting processes, as well as a schematic diagram that can pinpoint any area of the plant. The information from the HMI can then be reported to the operator personnel, who can look at the schematic diagram of the plant and control any processes that need attention (SCADA Systems, n.d.).

Vulnerabilities associated with critical infrastructure systems

There are cybersecurity issues related to SCADA systems, making them vulnerable to cyberattacks and cyberterrorism, and the implications of such attacks would be devastating. One such attack occurred in Ukraine in 2016, caused by a malware known as Industroyer, resulting in power outages (TRENDmicro.com, 2019). Another attack occurred at a petrochemical system in Saudi Arabia in 2017, using Trojan Triton. Hackers could use the malware to remotely control plant safety systems, allowing them to tamper with such controls. There was a flaw in the code, giving away the hackers before they could cause considerable damage, but the attempts caused the plant’s safety controls to shut it down after being triggered. Had tampering occurred, dangerous chemicals could have been released, putting many individuals in harm’s way (Giles, 2019).

The ways that SCADA systems can mitigate vulnerabilities

What is especially interesting is that SCADA systems allow for both on-site and off-site use. This gives operators and even stakeholders a way to monitor performance and mitigate errors and downtime (SCADA International , n.d.). The alarm systems available in SCADA systems also work to alert controllers to any suspicious activity. The use of SCADA systems provides efficiency for industrial plants, allowing for the control of sensors and pumps essential to industrial processes. Monitoring of equipment provides operators with the opportunity to process and analyze data (SCADA International , n.d.).

In conclusion

Critical infrastructure’s use of SCADA systems provides the ability to maintain and control industrial processes. Components of SCADA systems include hardware and software, used in conjunction with HMI to collect and process data, which is then provided to operation personnel. Critical infrastructures are more vulnerable to cyberattacks and cyberterrorism, stressing the importance of SCADA systems in maintaining processes and functioning. While vulnerabilities exist, SCADA systems have been able to mitigate the risks. Alarm systems and enhanced performance capabilities allow SCADA systems to continue assisting in the functioning of critical infrastructure.

Works Cited

Giles, M. (2019, March 5). Triton is the world’s most murderous malware, and it’s spreading. Retrieved from MIT Technology Review: https://www.technologyreview.com/2019/03/05/103328/cybersecurity-critical-infrastructure-triton-malware/

Loshin, P. (2021, December). SCADA (supervisory control and data acquisition). Retrieved from TechTarget : https://www.techtarget.com/whatis/definition/SCADA-supervisory-control-and-data-acquisition

SCADA International . (n.d.). SCADA Systems Explained. Retrieved from SCADA International: https://scada-international.com/what-is-scada/

SCADA Systems. (n.d.). SCADA Systems. Retrieved from SCADA Systems.net: https://www.scadasystems.net/

TRENDmicro.com. (2019, December 16). One Flaw Too Many: Vulnerabilities in SCADA Systems. Retrieved from TRENDmicro: https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/one-flaw-too-many-vulnerabilities-in-scada-systems