SCADA Security

Supervisory Control and Data Acquisition

Mr Mark Rydell

SCADA Lesson

What is SCADA?

Why is SCADA Security important?

How SCADA Systems Evolved

SCADA systems

SCADA Supervisory Control and Data

Acquisition
SCADA systems are vital components of
most nations critical infrastructures
SCADA systems control:

Gas pipelines
Water and wastewater systems
Transportation systems
Electrical Utilities
Refineries and chemical plants
Manufacturing operations

SCADA Systems
SCADA systems are intended to provide a
human operator with updated real-time
information about the current state of the
remote process being monitored, as well as
the ability to manipulate the process
remotely.
William T. Shaw

SCADA Systems

Used to monitor and remotely control critical

industrial processes
Industrial control systems (ICS)

SCADA systems
Distributed Control Systems (DCS)
Programmable Logic Controllers (PLC)

SCADA Components

Master Terminal Unit (Architecture unique)

Human Machine Interface
Remote Terminal Unit
Communications

SCADA Systems
Highly distributed
Geographically separated assets
Centralized data acquisition and
control are critical

Oil and gas pipelines

Electrical power grids
Railway transportation systems

Field devices control local operations

Distributed Control System

Supervisory control of multiple integrated

systems responsible for a local process
DCSs used extensively in process-based
industries
Examples:

Oil and gas refineries

Electrical power generation
Automotive production

Feedback loops maintain set points

Programmable logic controllers used in the
field

Programmable Logic Controllers

Computer based solid state devices
Control industrial equipment and
processes
Regulate process flow

Automobile assembly line

SCADA, DCS or PLC

Compare and Contrast

Location
SCADA geographically dispersed
DCS and PLC factory centered

Communications
SCADA long distance, slow speed
DCS and PLC LAN, high speed

Control
SCADA supervisory level
DCS and PLC closed feedback loops

SCADA Why the emphasis?

SCADA Supports Critical Infrastructures

80-90% of critical infrastructures (CI) are
privately owned and operated
Critical to National survival and prosperity,
yet dependent on industries driven by
profit, not security

SCADA Why the emphasis?

Many challenges exist when securing SCADA

Complex systemspatching, rebooting, authentication
Preponderance of legacy hardware, software and
transmission protocols ($)
Multiple and divers access pointsby designradio,
wireless, phone
The need to connect to business network

The Cyberwar Plan. Article by Shane Harris, Saturday, Nov. 14, 2009:
President Obama confirmed that cyber-warriors have aimed at American
networks. "We know that cyber-intruders have probed our electrical grid,"
he said at the White House in May, when he unveiled the next stage of the
national cyber-security strategy. The president also confirmed, for the first
time, that the weapons of cyberwar had claimed victims. "In other
countries, cyberattacks have plunged entire cities into darkness."

Video

SCADA Evolution

1960s Integrated Circuit led to

minicomputers capable of computer
control of processes
Confined to one physical location
Not connected to an external network
Local area network
Closed loop control
Proprietary protocols

SCADA Evolution

1960 -1980s Central Architectures

Single powerful computer performing all
functions
2nd identical computer for redundancy

SCADA Evolution

1980s to present Distributed

Architectures
Multiple computers networked together
with each performing a specific function
LAN improvements practical and possible
Functions:
Remote terminal polling
Complex applications processing
Historian data archiving and trending

Graceful degradation

SCADA Evolution

1990s to present Client/Server

Powerful PCs
TCP/IP networking
High speed Ethernet
Commercial real-time operating systems

Looking more like IT systems

Scalable and fault tolerant
Smart software makes redundancy easy

SCADA Evolution

Human Machine Interface

Printouts
Map board
Mimic panel
Video projection technology

SCADA Evolution
HMI Example

SCADA Evolution

Remote Terminal Unit

Electronic devices located at key
measurement and control points
Originally hardwired devices with limited
capabilities and one proprietary
communications protocol
Modern RTUs contain their own
microprocessors and can support
multiple sophisticated protocols

SCADA Evolution

Communications
Initially used telephone systems and
radio transmitters designed for voice
Slow
Some remote areas had to build their own
communication systems

Latest systems are digital networks

designed to transfer data
TCP/IP
Wireless including cellular and satellite

SCADA Evolution Summary

SCADA systems are based on

computer technology so they have
evolved with computer technology
New technologies have also been
introduced to SCADA systems
Huge decreases in proprietary nature

SCADA Evolution Summary

The Good News

Cheaper
Interoperable between vendors
Larger pool of available workers

The Bad News

Susceptible to malware, hackers and
cyber attacks

We cant go back. We must provide

secure designs for now & the future

And Finally.
(CBS Transcript) Nothing has ever changed the world as quickly as the Internet has. Less
than a decade ago, "60 Minutes went to the Pentagon to do a story on something
called information warfare, or cyber war as some people called it. It involved using
computers and the Internet as weapons. Much of it was still theory, but we were told
that before too long it might be possible for a hacker with a computer to disable
critical infrastructure in a major city and disrupt essential services, to steal millions of
dollars from banks all over the world, infiltrate defense systems, extort millions from
public companies, and even sabotage our weapons systems. Today it's not only
possible, all of that has actually happened, plus a lot more we don't even know about.
It's why President Obama has made cyber war defense a top national priority and
why some people are already saying that the next big war is less likely to begin with
a bang than a blackout. "Can you imagine your life without electric power?" Retired
Admiral Mike McConnell asked correspondent Steve Kroft. Until February of this year,
McConnell was the nation's top spy. As chief of national intelligence, he oversaw the
Central Intelligence Agency, the Defense Intelligence Agency and the National
Security Agency. Few people know as much about cyber warfare, and our dependency
on the power grid, and the computer networks that deliver our oil and gas, pump and
purify our water, keep track of our money, and operate our transportation systems. "If
I were an attacker and I wanted to do strategic damage to the United States, I would
either take the cold of winter or the heat of summer, I probably would sack electric
power on the U.S. East Cost, summer, I probably would sack electric power on the
U.S. East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of
those things are in the art of the possible from a sophisticated attacker," McConnell
explained.

And Finally.
"Do you believe our adversaries have the capability of bringing down a
power grid?" Kroft asked.
"I do," McConnell replied.
Asked if the U.S. is prepared for such an attack, McConnell told Kroft,
"No. The United States is not prepared for such an attack."