Supervisory control and data acquisition (SCADA) systems are supervisory systems that are used to monitor and control critical infrastructure systems, being able to control entire sites even, including physical infrastructure processes like traffic lights, distribution of water, electricity transmissions, gas transportation and oil pipelines, production and manufacturing, power generation and many other systems used in our society. They are centralized systems made up of subsystems, with almost all control actions automatically performed by remote terminal units (RTUs) or programmable logic controllers (PLCs). RTUs are connected to the sensors of these processes, helping to convert sensor signals to the digital data and sending it to the supervisory stream in digital values such as the status- open/closed – from a valve or switch, or measurements such as the flow, pressure, voltage or current, allowing the RTU to even control the equipment in ways such as opening or closing a switch or valve or setting the speed of the pump. The data is then sent to an apparatus called the Human Machine Interface (HMI), which gives the data in graphical form to a human operator, providing management and logistic information, maintenance procedures, detailed diagrammatic for a certain sensor or machines, and troubleshooting guidelines and allowing the operator to control these processes.
SCADA systems have gone through many different forms over the years, from being independent systems that couldn’t connect to other systems to stations that were able to connect and communicate with RTUs, with vendors creating and implementing Local and Wide Area networks (LAN and WAN) to assist with the communication process. Today, SCADA systems are networked and can be accessed through the internet. The system and the master station communicate through the WAN protocols like Modbus TCP and Internet protocols (IP), as well as Ethernet protocols, with Ethernet networks being accepted by most of the markets for HMI SCADA. Some vendors have even started offering application-specific SCADA systems that are hosted on remote platforms all over the internet, getting rid of the need to install systems at the user-end facility. However, because the standard protocols and the SCADA systems can be accessed through the internet, the vulnerability of the system gets worse. There are issues with security, as well as concerns over internet connection reliability and latency. This makes SCADA-based systems potential targets of cyberterrorism/cyberwarfare attacks.
There are two major threats, with the first being unauthorized access to software in any form, whether it be human access or in other forms such as virus infections and deliberate changes, and the second being related to the packet access to network segments that host SCADA devices, with many cases of less or no security on packet control protocol, giving any person sending packets to a SCADA device a chance to control it. If access and control of these critical infrastructure systems fall into the wrong hands, the situation can be devastating, even deadly, making it imperative to maintain the best security. The concern about the level of security in these systems is valid, but security improvements can be made to further secure these systems. SCADA vendors are tackling these issues by developing specialized industrial VPN and firewall solutions for SCADA networks that are based on TCP/IP.
https://docs.google.com/document/d/1DvxnWUSLe27H5u8A6yyIS9Qz7BVt_8p2WeNHctGVboY/edit#heading=h.lf2r8uhfuyv7