SCADA System

Component and Function

Agenda
Evolution

of Communication System
SCADA Overview
Power System Protocols
Is the Cyber threat real?
Recommendations for SCADA
security R&D

PSTI\SDP\AD

Supervisory Control and Data

Acquisition (SCADA)
General Definition
Industrial measurement and control system
consisting of:

Generally cover larger geographic areas

Predominantly open-loop control characteristics

central host or master (MTU);

one or more field data gathering and control units or remotes
(RTU's)
collection of standard and/or custom software used to
monitor and control remotely located field data elements.

(may have some elements of closed-loop control and/or

short distance communications)

Use variety of communications systems (LAN,

wireless, microwave, bus, point-to-point)
PSTI\SDP\AD

Distributed Control Systems

(DCS)
General Definition
Similar to SCADA systems, used predominately in
factories, treatment plants etc.
Similar functions to SCADA, but the field data
gathering or control units are usually located within a
more confined area.
Communications often via a reliable and high speed
local area network (LAN).
DCS system usually employs significant amounts of
closed loop control.

PSTI\SDP\AD

Secure SCADA and beyond

We think that there is a great deal to be done in

terms of operationalizing secure versions of SCADA
(Supervisory Control And Data Acquisition) and DCS
(Digital Control Systems) for the infrastructures
considered, especially power, natural gas, chemical
and process control, etc.
However, the sense was that this infrastructure was
going to be gradually replaced by networked
embedded devices (possibly wireless) as computing
and communication devices become more user
friendly and prevalent. Thus, the major research
recommendations were for an area that we named
Secure Networked Embedded Systems (SENSE).

PSTI\SDP\AD

SCADA of the Future

Current SCADA
Closed systems, limited coordination, unprotected cyberinfrastructure
Local, limited adaptation (parametric), manual control
Static, centralized structure
Future requirements
Decentralized, secure open systems (peer-to-peer, mutable
hierarchies of operation)
Direct support for coordinated control, authority restriction
Trusted, automated reconfiguration
Isolate drop-outs, limit cascading failure, manage regions
under attack
Enable re-entry upon recovery to normal operation
Coordinate degraded, recovery modes
Diagnosis, mitigation of combined physical, cyber attack
Advanced SCADA for productivity, market stability,
manageability

PSTI\SDP\AD

Secure Network Embedded Systems

Embedded Software prevalent in all critical infrastructures.
Critical to high confidence embedded software are open
source techniques for
Automated Design, Verification and Validation

Verified design in a formal, mathematical sense

Validated design in an engineering sense
Certifiable design to allow for regulatory and certification input

High Confidence Systems

Narrow waisted middleware

Trusted abstractions, limited interfaces

Algorithms and protocols for secure, distributed coordination and
control

Security and composable operating systems

Tamper Proof Software

Generative Programming
Intelligent Microsystems: infrastructure of the future with
security co-design with hardware and software.
PSTI\SDP\AD

Layers of Secure Network

Embedded Systems
Physical

Attacks: jamming, tampering

Defenses: spread spectrum, priority messages,
lower duty cycle, region mapping, mode change,
tamper proofing, hiding.

Link

Layer

Layer

Attacks: collision, exhaustion, unfairness

Defenses: error correcting code, rate limitation,
small frames

PSTI\SDP\AD

Layers of Secure Network Embedded Systems

Network and Routing Layer

Attacks: neglect and greed, homing, misdirection, black
holes
Defenses: redundancy, probing, encryption, egress filtering,
authorization, monitoring, authorization, monitoring,
redundancy
Transport Layer
Attacks: flooding, desynchronization
Defenses: client puzzles, authentication
Embedded System/Application Layer
Attacks: insider misuse, unprotected operations, resource
overload attacks, distributed service disruption
Defenses: authority management (operator authentication,
role-based control authorization), secure resource
management, secure application distribution services

PSTI\SDP\AD

Is the SCADA Cyber threat

real?
The threat is real and proven:

A disgruntled ex-employee used a port scan and ping-sweep program to

identify active system ports and network IP addresses belonging to an oil
company. On finding an active connection and an open port, he initiated
communication using various software tools downloaded from the Internet.
He subsequently issued instructions to the remote system and deleted
sensitive system related to process control flow.

Australia March 2000, a failure at a pumping station caused up to 264,000

gallons of raw sewage to flow onto the grounds of a local tourist resort and
eventually into a storm sewer. The problems were traced to disruptions in
the communitys new computerized sewage control system. On 23 April
2000, police intercepted former employee Vitek Boden, less than an hour
after another control system malfunction. A search of his vehicle found a
two-way radio and antennae, a remote telemetry system, and a laptop
computer.

PSTI\SDP\AD

Is the SCADA Cyber threat

real?
In August 2003, the Nuclear Regulatory
Commission confirmed that in January
2003, the Microsoft SQL Server worm
known as Slammerinfected a private
computer network at the Davis-Besse
nuclear power plant in Oak Harbor, Ohio,
disabling a safety monitoring system for
nearly 5 hours. Note: the plant was offline at the time.

PSTI\SDP\AD

Time & Money

The Bad News

Difficulty in
Hacking a
System

Sophistication of Cyber Defenses

It is only a matter of time and money, they will get in!

PSTI\SDP\AD

Source : http://standeyo.com/News_Files/NBC/Terrorist_cells.html

Terrorist Cells
in the US
Updated September 3, 2003

PSTI\SDP\AD

DEYO NOTE: Terrorists are a very real and growing

threat in America and to American interests around
the world. It should be assumed these are not the
only cell locations within the US and that they are
subject to change.

Is the Terrorist Threat Real?

Yes, the Terrorist threat is real!
The mid-East Terrorist have:
Means to carry out an attack
Motivation
Ability to access our systems
Access to technical documentation
Low barriers to success

PSTI\SDP\AD

Cyber Trends

Policy vs. Cyber Attacks

Sound policy is a core element of the cyber security management

system. Without it, extensive implementations of routers, firewalls
and intrusion detection systems are misguided..
80% of attacks show weakness in internal processes

Unauthorized modems
Disgruntled employee
You hired a terrorist
Unauthorized access
In-sufficient attention to security (leave the door open)

Security assessment is viewed as a one-time-event that lacks a

metric to allow comparison over time nor assess readiness

Initial vigilance degrades over time

Doesnt keep up with changing cyber threats

No amount of technology will make up for lack of

sound policy.
PSTI\SDP\AD

Recommended Long Term

R&D for SCADA

Needed SCADA R&D

Standards and Methodology:
Issue: Inability to test the security of
infrastructure systems and to describe the
industrys security readiness in a consistent
manner.
R&D Focus: Develop SCADA/process control
security standards and methodologies to
enable assessment of security readiness over
time.
PSTI\SDP\AD

Needed SCADA R&D

Modeling and Analysis:
Issue: Inability to model the entire infrastructure
and represent the interdependences
R&D Focus : Develop scalable and extensible
models of the critical infrastructure to enable
planning, simulation, and predictions of
response to changes. Models should enable
analysis of the impacts of:
economics,
human interaction,
organizational structure,
technology development
accidental & malicious faults
PSTI\SDP\AD

Needed SCADA R&D

Next Generation SCADA Platforms:
Issue: Multiple generation of legacy systems
control the Nations infrastructures. Realities of
low industrial investments in both capital
improvements and research and development
(R&D).
R&D Focus: Develop strategies to drive the
rapid evolution of SCADA/process control
solutions. R&D must provide a robust, scalable,
evolvable and secure solution.

PSTI\SDP\AD

Thank You
By
SANJAY D. PATIL
Assistant Director
NPTI

PSTI\SDP\AD