Security Aspects of SCADA systems

SCADA systems are highly reliable, high performance and efficient supervisory systems. They are crucial to the public health and safety. Over the recent years, the modern industries have embraced these systems with open arms.

The ease of installation, little or no operational challenges and vast scope of scalability have made these systems most preferred forms of automation. However, the specialists remark that these systems are prone to attack by hackers and other notorious entities which can compromise confidential information stored in the SCADA systems. The reason behind this includes accessibility of these systems over home and office networks and lack of trained personnel.

Keeping the recent events of attempted hacks on these systems, vendors have now begun to address these risks in their SCADA and control products. Some VPN solutions and specialized industrial firewalls are being developed for preventing unauthorized access. These solutions are being deployed in both the SCADA TCP/IP networks and external SCADA recording and monitoring paraphernalia.

ISA’s efforts to formalize the security requirements

ISA (International Society of Automation), in collaboration with WG4, has started formalizing the security requirements in 2007 for SCADA systems and networks. These requirements include measurements, standards and other features which help evaluate security resilience and performance in the control systems and devices of the industry.

Cyber warfare and SCADA security

Alleged attempts to disrupt the water supply in Illinois have raised several eyebrows over the terrorist attempts on remote sites controlled entirely by SCADA. This has led to a heightened sense of awareness about the use of cyber warfare and how it can turn these systems as counterproductive. This has also led to implementing the need for proper countermeasures for mitigating SCADA disasters.

Some of the common SCADA threats include:

a. Affected Screens

In this scenario, the attackers may solicit access to the SCADA systems and alter information send to the control center. The hackers can compromise on the network servers which can cause misinformation amongst the operators.

b. Command Centre Control

If command center is unsecured with firewalls, intrusion prevention techniques and security patches, then an intruder can gain complete control over a network. This will lead to remote controlling of the system by the intruder.

c. Process Disruption

Another scenario which is a threat is the breach of a SCADA system which manages real-time performances. This leads to operational malfunctions. The network vulnerabilities are then utilized for shutdown and power off signals to equipment and paraphernalia, causing a denial of services to processes.

Security Features and Controls

I order to secure SCADA systems; the most important step is to implement all the security measures proposed by the vendors. These are usually in the form of security patches or product updates and can be easily obtained.

Some of the other measures which are crucial to the safety include:

• Identifying all connections to the SCADA networks and disconnecting the unnecessary ones.

• Evaluation and strengthening of the network connections with passwords and recognition mechanisms

• Disabling and removing all unused network services.

• Establishing a media control which can be used as a backdoor in the SCADA networks.

• Performing technical audits of the networks for potential security concerns

• Risk assessment of all the features for eliminating possible breach areas.

 

Related Posts:

SCADA Security 101

SCADA Security: Current Scenario and Present Threats

Understanding SCADA security

SCADA Security Risks and Concerns