Transcript SCADA Security

SCADA Security
Supervisory Control and Data Acquisition
Mr Mark Rydell
SCADA Lesson

What is SCADA?

Why is SCADA Security important?

How SCADA Systems Evolved
SCADA systems



SCADA – Supervisory Control and Data
Acquisition
SCADA systems are vital components of
most nation’s critical infrastructures
SCADA systems control:
•
•
•
•
•
•
Gas pipelines
Water and wastewater systems
Transportation systems
Electrical Utilities
Refineries and chemical plants
Manufacturing operations
SCADA Systems
SCADA systems are intended to provide a
human operator with updated real-time
information about the current state of the
remote process being monitored, as well as
the ability to manipulate the process
remotely.
William T. Shaw
SCADA Systems


Used to monitor and remotely control
critical industrial processes
Industrial control systems (ICS)
• SCADA systems
• Distributed Control Systems (DCS)
• Programmable Logic Controllers (PLC)

SCADA Components
•
•
•
•
Master Terminal Unit (Architecture unique)
Human Machine Interface
Remote Terminal Unit
Communications
SCADA Systems
Highly distributed
 Geographically separated assets
 Centralized data acquisition and
control are critical

• Oil and gas pipelines
• Electrical power grids
• Railway transportation systems

Field devices control local operations
Distributed Control System



Supervisory control of multiple integrated
systems responsible for a local process
DCSs used extensively in process-based
industries
Examples:
• Oil and gas refineries
• Electrical power generation
• Automotive production


Feedback loops maintain set points
Programmable logic controllers used in the
field
Programmable Logic Controllers
Computer based solid state devices
 Control industrial equipment and
processes
 Regulate process flow

• Automobile assembly line
SCADA, DCS or PLC
Compare and Contrast

Location
• SCADA – geographically dispersed
• DCS and PLC – factory centered

Communications
• SCADA – long distance, slow speed
• DCS and PLC – LAN, high speed

Control
• SCADA – supervisory level
• DCS and PLC – closed feedback loops
SCADA – Why the emphasis?



SCADA Supports Critical Infrastructures
80-90% of critical infrastructures (CI) are
privately owned and operated
Critical to National survival and prosperity,
yet dependent on industries driven by
profit, not security
SCADA – Why the emphasis?

Many challenges exist when securing SCADA
• Complex systems…patching, rebooting, authentication
• Preponderance of legacy hardware, software and
transmission protocols ($)
• Multiple and divers access points…by design…radio,
wireless, phone
• The need to connect to business network


The Cyberwar Plan. Article by Shane Harris, Saturday, Nov. 14, 2009:
President Obama confirmed that cyber-warriors have aimed at American
networks. "We know that cyber-intruders have probed our electrical grid,"
he said at the White House in May, when he unveiled the next stage of the
national cyber-security strategy. The president also confirmed, for the first
time, that the weapons of cyberwar had claimed victims. "In other
countries, cyberattacks have plunged entire cities into darkness."
Video
SCADA Evolution

1960s – Integrated Circuit led to
minicomputers capable of computer
control of processes
• Confined to one physical location
• Not connected to an external network
• Local area network
• Closed loop control
• Proprietary protocols
SCADA Evolution

1960 -1980s – Central Architectures
• Single powerful computer performing all
functions
• 2nd identical computer for redundancy
SCADA Evolution

1980s to present – Distributed
Architectures
• Multiple computers networked together
with each performing a specific function
• LAN improvements – practical and possible
• Functions:
Remote terminal polling
 Complex applications processing
 Historian – data archiving and trending

• Graceful degradation
SCADA Evolution

1990s to present – Client/Server
• Powerful PCs
• TCP/IP networking
• High speed Ethernet
• Commercial real-time operating systems

Looking more like IT systems
• Scalable and fault tolerant
• Smart software makes redundancy easy
SCADA Evolution

Human Machine Interface
• Printouts
• Map board
• Mimic panel
• Video projection technology
SCADA Evolution
HMI Example
SCADA Evolution

Remote Terminal Unit
• Electronic devices located at key
measurement and control points
• Originally hardwired devices with limited
capabilities and one proprietary
communications protocol
• Modern RTUs contain their own
microprocessors and can support
multiple sophisticated protocols
SCADA Evolution

Communications
• Initially used telephone systems and
radio transmitters designed for voice
Slow
 Some remote areas had to build their own
communication systems

• Latest systems are digital networks
designed to transfer data
TCP/IP
 Wireless including cellular and satellite

SCADA Evolution Summary



SCADA systems are based on
computer technology so they have
evolved with computer technology
New technologies have also been
introduced to SCADA systems
Huge decreases in proprietary nature
SCADA Evolution Summary

The Good News
• Cheaper
• Interoperable between vendors
• Larger pool of available workers

The Bad News
• Susceptible to malware, hackers and
cyber attacks

We can’t go back. We must provide
secure designs for now & the future
And Finally….
(CBS Transcript) Nothing has ever changed the world as quickly as the Internet has. Less
than a decade ago, "60 Minutes“ went to the Pentagon to do a story on something
called information warfare, or cyber war as some people called it. It involved using
computers and the Internet as weapons. Much of it was still theory, but we were told
that before too long it might be possible for a hacker with a computer to disable
critical infrastructure in a major city and disrupt essential services, to steal millions of
dollars from banks all over the world, infiltrate defense systems, extort millions from
public companies, and even sabotage our weapons systems. Today it's not only
possible, all of that has actually happened, plus a lot more we don't even know about.
It's why President Obama has made cyber war defense a top national priority and why
some people are already saying that the next big war is less likely to begin with a
bang than a blackout. "Can you imagine your life without electric power?" Retired
Admiral Mike McConnell asked correspondent Steve Kroft. Until February of this year,
McConnell was the nation's top spy. As chief of national intelligence, he oversaw the
Central Intelligence Agency, the Defense Intelligence Agency and the National
Security Agency. Few people know as much about cyber warfare, and our dependency
on the power grid, and the computer networks that deliver our oil and gas, pump and
purify our water, keep track of our money, and operate our transportation systems. "If
I were an attacker and I wanted to do strategic damage to the United States, I would
either take the cold of winter or the heat of summer, I probably would sack electric
power on the U.S. East Cost, summer, I probably would sack electric power on the
U.S. East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of
those things are in the art of the possible from a sophisticated attacker," McConnell
explained.
And Finally….
"Do you believe our adversaries have the capability of bringing down a
power grid?" Kroft asked.
"I do," McConnell replied.
Asked if the U.S. is prepared for such an attack, McConnell told Kroft,
"No. The United States is not prepared for such an attack."