VIEWS: 6 PAGES: 23 POSTED ON: 2/13/2012
SCADA Security Supervisory Control and Data Acquisition Mr Mark Rydell SCADA Lesson What is SCADA? Why is SCADA Security important? How SCADA Systems Evolved SCADA systems SCADA – Supervisory Control and Data Acquisition SCADA systems are vital components of most nation’s critical infrastructures SCADA systems control: • Gas pipelines • Water and wastewater systems • Transportation systems • Electrical Utilities • Refineries and chemical plants • Manufacturing operations SCADA Systems SCADA systems are intended to provide a human operator with updated real-time information about the current state of the remote process being monitored, as well as the ability to manipulate the process remotely. William T. Shaw SCADA Systems Used to monitor and remotely control critical industrial processes Industrial control systems (ICS) • SCADA systems • Distributed Control Systems (DCS) • Programmable Logic Controllers (PLC) SCADA Components • Master Terminal Unit (Architecture unique) • Human Machine Interface • Remote Terminal Unit • Communications SCADA Systems Highly distributed Geographically separated assets Centralized data acquisition and control are critical • Oil and gas pipelines • Electrical power grids • Railway transportation systems Field devices control local operations Distributed Control System Supervisory control of multiple integrated systems responsible for a local process DCSs used extensively in process-based industries Examples: • Oil and gas refineries • Electrical power generation • Automotive production Feedback loops maintain set points Programmable logic controllers used in the field Programmable Logic Controllers Computer based solid state devices Control industrial equipment and processes Regulate process flow • Automobile assembly line SCADA, DCS or PLC Compare and Contrast Location • SCADA – geographically dispersed • DCS and PLC – factory centered Communications • SCADA – long distance, slow speed • DCS and PLC – LAN, high speed Control • SCADA – supervisory level • DCS and PLC – closed feedback loops SCADA – Why the emphasis? SCADA Supports Critical Infrastructures 80-90% of critical infrastructures (CI) are privately owned and operated Critical to National survival and prosperity, yet dependent on industries driven by profit, not security SCADA – Why the emphasis? Many challenges exist when securing SCADA • Complex systems…patching, rebooting, authentication • Preponderance of legacy hardware, software and transmission protocols ($) • Multiple and divers access points…by design…radio, wireless, phone • The need to connect to business network The Cyberwar Plan. Article by Shane Harris, Saturday, Nov. 14, 2009: President Obama confirmed that cyber-warriors have aimed at American networks. "We know that cyber-intruders have probed our electrical grid," he said at the White House in May, when he unveiled the next stage of the national cyber-security strategy. The president also confirmed, for the first time, that the weapons of cyberwar had claimed victims. "In other countries, cyberattacks have plunged entire cities into darkness." Video SCADA Evolution 1960s – Integrated Circuit led to minicomputers capable of computer control of processes • Confined to one physical location • Not connected to an external network • Local area network • Closed loop control • Proprietary protocols SCADA Evolution 1960 -1980s – Central Architectures • Single powerful computer performing all functions • 2nd identical computer for redundancy SCADA Evolution 1980s to present – Distributed Architectures • Multiple computers networked together with each performing a specific function • LAN improvements – practical and possible • Functions: Remote terminal polling Complex applications processing Historian – data archiving and trending • Graceful degradation SCADA Evolution 1990s to present – Client/Server • Powerful PCs • TCP/IP networking • High speed Ethernet • Commercial real-time operating systems Looking more like IT systems • Scalable and fault tolerant • Smart software makes redundancy easy SCADA Evolution Human Machine Interface • Printouts • Map board • Mimic panel • Video projection technology SCADA Evolution HMI Example SCADA Evolution Remote Terminal Unit • Electronic devices located at key measurement and control points • Originally hardwired devices with limited capabilities and one proprietary communications protocol • Modern RTUs contain their own microprocessors and can support multiple sophisticated protocols SCADA Evolution Communications • Initially used telephone systems and radio transmitters designed for voice Slow Some remote areas had to build their own communication systems • Latest systems are digital networks designed to transfer data TCP/IP Wireless including cellular and satellite SCADA Evolution Summary SCADA systems are based on computer technology so they have evolved with computer technology New technologies have also been introduced to SCADA systems Huge decreases in proprietary nature SCADA Evolution Summary The Good News • Cheaper • Interoperable between vendors • Larger pool of available workers The Bad News • Susceptible to malware, hackers and cyber attacks We can’t go back. We must provide secure designs for now & the future And Finally…. (CBS Transcript) Nothing has ever changed the world as quickly as the Internet has. Less than a decade ago, "60 Minutes“ went to the Pentagon to do a story on something called information warfare, or cyber war as some people called it. It involved using computers and the Internet as weapons. Much of it was still theory, but we were told that before too long it might be possible for a hacker with a computer to disable critical infrastructure in a major city and disrupt essential services, to steal millions of dollars from banks all over the world, infiltrate defense systems, extort millions from public companies, and even sabotage our weapons systems. Today it's not only possible, all of that has actually happened, plus a lot more we don't even know about. It's why President Obama has made cyber war defense a top national priority and why some people are already saying that the next big war is less likely to begin with a bang than a blackout. "Can you imagine your life without electric power?" Retired Admiral Mike McConnell asked correspondent Steve Kroft. Until February of this year, McConnell was the nation's top spy. As chief of national intelligence, he oversaw the Central Intelligence Agency, the Defense Intelligence Agency and the National Security Agency. Few people know as much about cyber warfare, and our dependency on the power grid, and the computer networks that deliver our oil and gas, pump and purify our water, keep track of our money, and operate our transportation systems. "If I were an attacker and I wanted to do strategic damage to the United States, I would either take the cold of winter or the heat of summer, I probably would sack electric power on the U.S. East Cost, summer, I probably would sack electric power on the U.S. East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of those things are in the art of the possible from a sophisticated attacker," McConnell explained. And Finally…. "Do you believe our adversaries have the capability of bringing down a power grid?" Kroft asked. "I do," McConnell replied. Asked if the U.S. is prepared for such an attack, McConnell told Kroft, "No. The United States is not prepared for such an attack."