Improving Security for SCADA Control Systems

Hentea, Mariana, Interdisciplinary Journal of Information, Knowledge and Management

Introduction

Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other smaller control system configurations including skid-mounted Programmable Logic Controllers (PLC) are often found in the industrial sectors and critical infrastructures. These are also known under a general term, Industrial Control System (ICS). A control system is a device or set of devices to manage, command, direct, or regulate the behavior of other devices or systems. ICSs are typically used in industries such as electrical, water, oil and gas, and chemical including experimental and research facilities such as nuclear fusion laboratories. The reliable operation of modern infrastructures depends on computerized systems and SCADA systems.

The Presidential Decision Directive 63 document established the framework to protect the critical infrastructure and the Presidential document of 2003, the National Strategy to Secure Cyberspace stated that securing SCADA systems is a national priority.

The critical infrastructure includes telecommunication, transportation, energy, banking, finance, water supply, emergency services, government services, agriculture, and other fundamental systems and services that are critical to the security, economic prosperity, and social well-being of the public. The critical infrastructure is characterized by interdependencies (physical, cyber, geographic, and logical) and complexity (collections of interacting components). Cyber interdependencies are a result of the pervasive computerization and automation of infrastructures (Rinaldi, Peerenboom, & Kelly, 2001). The critical infrastructure disruptions can directly and indirectly affect other infrastructures, impact large geographic regions, and send ripples throughout the national and global economy. For example, under normal operating conditions, the electric power infrastructure requires fuels (natural gas and petroleum), transportation, water, banking and finance, telecommunication, and SCADA systems for monitoring and control.

There is a growing concern about the security and safety of the SCADA control systems in terms of vulnerabilities, lack of protection, and awareness (Byres & Franz, 2005; Byres, Hoffman & Kube, 2006). Therefore, information security management principles and processes need to be applied to SCADA systems without exception.

This paper provides a relevant analysis of most important issues and a perspective on enhancing security of these systems. The rest of this paper is organized in sections as follows: next section provides an overview of the SCADA architecture. Then, in the following section, we describe key developments that mark the evolution of the SCADA control systems along with the increase of potential vulnerabilities and security concerns. In the next section, we provide recommendations toward an enhanced security for SCADA control systems. We describe key requirements and features needed to improve the security of the current SCADA control systems. We conclude with a thought about the future of SCADA control systems.

SCADA Architecture

A SCADA system is a common process automation system which is used to gather data from sensors and instruments located at remote sites and to transmit data at a central site for either control or monitoring purposes. The collected data is usually viewed on one or more SCADA host computers located at the central or master site. Based on information received from remote stations, automated or operator-driven supervisory commands can be pushed to remote station control devices, which are often referred to as field devices.

Generally, a SCADA system includes the following components:

* Instruments that sense process variables

* Operating equipment connected to instruments

* Local processors that collect data and communicate with the site's instruments and operating equipment called Programmable Logic Controller (PLC), Remote Terminal Unit (RTU), Intelligent Electronic Device (IED), or Process Automation Controller (PAC)

* Short range communications between local processors, instruments, and operating equipment

* Host computers as central point of human monitoring and control of the processes, storing databases, and display of statistical control charts, and reports. Host computers are also known as Master Terminal Unit (MTU), the SCADA server, or a PC with Human Machine Interface (HMI)

* Long range communications between local processors and host computers using wired and/or wireless network connections.

SCADA systems differ from DCSs (Distributed Control Systems) which are generally found in plant sites. While DCSs cover the plant site, SCADA systems cover much larger geographic areas. Also, due to the remoteness many of these often require the use of wireless communications. Figure 1 shows an integrated SCADA architecture.

SCADA architecture supports TCP/IP, UDP or other IP-based communications protocols as well as strictly industrial protocols such as Modbus TCP, Modbus over TCP or Modbus over UDP, all working over private radio, cellular or satellite networks.

[FIGURE 1 OMITTED]

In complex SCADA architectures, there is a variety of both wired and wireless media and protocols involved in getting data back to the central monitoring site. This enables implementation of powerful IP-based SCADA networks over mixed cellular, satellite, and landline systems. SCADA communications can employ a diverse range of both wired (lease line, dialup line, fiber, ADSL, cable) and wireless media (licensed radio, spread spectrum, cellular, WLAN, or satellite). The choice depends on a number of factors that characterize the existing communication infrastructure. Factors such as existing communications infrastructure, available communications at the remote sites, data rates and polling frequency, remoteness of site, installation budget and ability to accommodate future needs, all impact the final decision for SCADA architecture. In the following section, we discuss key issues in the development of SCADA systems. Therefore, a review of SCADA systems evolution allows us to better understand many security concerns.

SCADA Evolution and Security Issues Escalation

A …

Questia, a part of Gale, Cengage Learning. www.questia.com
Publication information: Article title: Improving Security for SCADA Control Systems. Contributors: Hentea, Mariana - Author. Journal title: Interdisciplinary Journal of Information, Knowledge and Management. Volume: 3. Publication date: Annual 2008. Page number: 73+. © 2008 Informing Science Institute. COPYRIGHT 2008 Gale Group.

This material is protected by copyright and, with the exception of fair use, may not be further copied, distributed or transmitted in any form or by any means.