SlideShare ist ein Scribd-Unternehmen logo
1 von 4
Downloaden Sie, um offline zu lesen
International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019
Available at www.ijsred.com
ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 121
Protection Trends in Scada Cyber Threats
Anusha H S1
, Amulya C T2
, Annapoorneshwari M R3
, Monisha Krishna D S4
,
Mohammed Elahi5
1, 2, 3, &4
Students, Dept of ECE, Ghousia College of Engineering, Ramanagaram, Karnataka
5
Asst. Professor, Dept. of ECE, Ghousia College of Engineering, Ramanagaram, Karnataka
Abstract:
The answer to the existing threat issues in SCADA is that these types of threats are becoming more likely,
as current SCADA systems and networks increasingly utilize commercially off-the-shelf (COTS) software, connect
to the enterprise layer and move toward IP connectivity. These recent changes have contributed to higher threat
levels and increased vulnerability. A few short years ago, the chances of someone finding these vulnerabilities and
exploiting them were very slim. This was due to the fact that process control systems and SCADA networks were
unheard of by the general population and systems were based on specialized platforms that were segregated from the
enterprise layer. In recent years, industrial systems have begun to take a front seat in the spot light, due to the focus
by the Department of Homeland Security on national critical infrastructure and some unfortunate media coverage.
Despite current efforts, there is a high probability that something bad is eventually going to happen. In addition, the
number of "SCADA hacking" presentations is increasing at security and "hacker" conventions, with the number of
vulnerabilities discovered within these systems increasing. Bottom line, our little corner of industry is no longer
isolated and the word is now out. While cyber security is being given the lion's share of attention, with "hackers"
already attracting premature blame from a few recently publicized incidents, the widespread disregard for physical
and operational security within many organizations has become a huge concern. Many companies are heavily
focused on shoring up their cyber security, with little or no regard for physical security.
Index Term: Commercially off the shelf (COTS), SCADA hacking
I. INTRODUCTION
SCADA stands for Supervisory Control And Data Acquisition.
It generally refers to an industrial control system: a computer
system monitoring and controlling a process. The process can
be industrial, infrastructure or facility based as described
below:
Industrial processes include those of manufacturing,
production, power generation, fabrication, and refining,
and may run in continuous, batch, repetitive, or discrete
modes.
Infrastructure processes may be public or private, and
include water treatment and distribution, wastewater
collection and treatment, oil and gas pipelines, electrical
power transmission and distribution, and large
communication systems.
Facility processes occur both in public facilities and
private ones, including buildings, airports, ships, and space
stations. They monitor and control HVAC, access, and
energy consumption.
SCADA systems are used to control and monitor physical
processes, examples of which are transmission of electricity,
transportation of gas and oil in pipelines, water distribution,
traffic lights, and other systems used as the basis of modern
society. The security of these SCADA systems is important
because compromise or destruction of these systems would
impact multiple areas of society far removed from the original
RESEARCH ARTICLE OPEN ACCESS
International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019
Available at www.ijsred.com
ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 122
compromise. For example, a blackout caused by a
compromised electrical SCADA system would cause financial
losses to all the customers that received electricity from that
source. How security will affect legacy SCADA and new
deployments remains to be seen.
Many vendors of SCADA and control products have begun to
address these risks by developing lines of specialized industrial
firewall and VPN solutions for TCP/IP-based SCADA
networks. Additionally, application white listing solutions are
being implemented because of their ability to prevent malware
and unauthorized application changes without the performance
impacts of traditional antivirus scans. Also, the ISA Security
Compliance Institute (ISCI) is emerging to formalize SCADA
security testing starting as soon as 2009. ISCI is conceptually
similar to private testing and certification that has been
performed by vendors since 2007. The increased interest in
SCADA vulnerabilities has resulted in vulnerability
researchers discovering vulnerabilities in commercial SCADA
software and more general offensive SCADA techniques
presented to the general security community.
II. PROBLEM STATEMENT
The move from proprietary technologies to more standardized
and open solutions together with the increased number of
connections between SCADA systems and office networks and
the Internet has made them more vulnerable to attacks.
Consequently, the security of SCADA-based systems has come
into question as they are increasingly seen as extremely
vulnerable to cyberwarfare/cyberterrorism attacks.
In particular, security researchers are concerned about:
The lack of concern about security and authentication in
the design, deployment and operation of existing SCADA
networks.
The mistaken belief that SCADA systems have the benefit
of security through obscurity through the use of
specialized protocols and proprietary interfaces.
The mistaken belief that SCADA networks are secure
because they are purportedly physically secured.
The mistaken belief that SCADA networks are secure
because they are supposedly disconnected from the
Internet.
III. METODOLOGY
1. Systems concepts
The term SCADA usually refers to centralized systems which
monitor and control entire sites, or complexes of systems
spread out over large areas (anything between an industrial
plant and a country). Most control actions are performed
automatically by remote terminal units ("RTUs") or by
programmable logic controllers ("PLCs"). Host control
functions are usually restricted to basic overriding or
supervisory level intervention. For example, a PLC may
control the flow of cooling water through part of an industrial
process, but the SCADA system may allow operators to change
the set points for the flow, and enable alarm conditions, such as
loss of flow and high temperature, to be displayed and
recorded. The feedback control loop passes through the RTU
or PLC, while the SCADA system monitors the overall
performance of the loop.
Fig. Basic SCADA System
Data acquisition begins at the RTU or PLC level and includes
meter readings and equipment status reports that are
communicated to SCADA as required. Data is then compiled
and formatted in such a way that a control room operator using
the HMI can make supervisory decisions to adjust or override
normal RTU (PLC) controls. Data may also be fed to a
Historian, often built on a commodity Database Management
System, to allow trending and other analytical auditing.
International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019
Available at www.ijsred.com
ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 123
SCADA systems typically implement a distributed database,
commonly referred to as a tag database, which contains data
elements called tags or points. A point represents a single input
or output value monitored or controlled by the system. Points
can be either "hard" or "soft". A hard point represents an actual
input or output within the system, while a soft point results
from logic and math operations applied to other points. (Most
implementations conceptually remove the distinction by
making every property a "soft" point expression, which may, in
the simplest case, equal a single hard point.) Points are
normally stored as value-timestamp pairs: a value, and the
timestamp when it was recorded or calculated. A series of
value-timestamp pairs gives the history of that point. It's also
common to store additional metadata with tags, such as the
path to a field device or PLC register, design time comments,
and alarm information.
A SCADA System usually consists of the following
subsystems:
• A Human-Machine Interface or HMI is the apparatus
which presents process data to a human operator, and
through this, the human operator, monitors and controls
the process.
• A supervisory (computer) system, gathering (acquiring)
data on the process and sending commands (control) to the
process.
• Remote Terminal Units (RTUs) connecting to sensors in
the process, converting sensor signals to digital data and
sending digital data to the supervisory system.
• Programmable Logic Controller (PLCs) used as field
devices because they are more economical, versatile,
flexible, and configurable than special-purpose RTUs.
• Communication infrastructure connecting the supervisory
system to the Remote Terminal Units.
2. Human Machine Interface
A Human-Machine Interface or HMI is the apparatus which
presents process data to a human operator, and through which
the human operator controls the process.
The HMI system usually presents the information to the
operating personnel graphically, in the form of a mimic
diagram. This means that the operator can see a schematic
representation of the plant being controlled. For example, a
picture of a pump connected to a pipe can show the operator
that the pump is running and how much fluid it is pumping
through the pipe at the moment. The operator can then switch
the pump off. The HMI software will show the flow rate of the
fluid in the pipe decrease in real time. Mimic diagrams may
consist of line graphics and schematic symbols to represent
process elements, or may consist of digital photographs of the
process equipment overlain with animated symbols.
An important part of most SCADA implementations are
alarms. An alarm is a digital status point that has either the
value NORMAL or ALARM. Alarms can be created in such a
way that when their requirements are met, they are activated.
An example of an alarm is the "fuel tank empty" light in a car.
The SCADA operator's attention is drawn to the part of the
system requiring attention by the alarm. Emails and text
messages are often sent along with an alarm activation alerting
managers along with the SCADA operator.
3. Hardware solutions
SCADA solutions often have Distributed Control System
(DCS) components. Use of "smart" RTUs or PLCs, which are
capable of autonomously executing simple logic processes
without involving the master computer, is increasing. A
functional block programming language, IEC 61131-3 (Ladder
Logic), is frequently used to create programs which run on
these RTUs and PLCs. Unlike a procedural language such as
the C programming language or FORTRAN, IEC 61131-3 has
minimal training requirements by virtue of resembling historic
physical control arrays. This allows SCADA system engineers
to perform both the design and implementation of a program to
be executed on an RTU or PLC. Since about 1998, virtually all
major PLC manufacturers have offered integrated
HMI/SCADA systems, many of them using open and non-
proprietary communications protocols.
International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019
Available at www.ijsred.com
ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 124
4. Remote Terminal Unit (RTU)
The RTU connects to physical equipment. Typically, an RTU
converts the electrical signals from the equipment to digital
values such as the open/closed status from a switch or a valve,
or measurements such as pressure, flow, voltage or current. By
converting and sending these electrical signals out to
equipment the RTU can control equipment, such as opening or
closing a switch or a valve, or setting the speed of a pump.
IV. DISTRIBUTED CONTROL SYSTEM
A distributed control system (DCS) refers to a control system
usually of a manufacturing system, process or any kind of
dynamic system, in which the controller elements are not
central in location (like the brain) but are distributed
throughout the system with each component sub-system
controlled by one or more controllers. The entire system of
controllers is connected by networks for communication and
monitoring.
DCS is a very broad term used in a variety of industries, to
monitor and control distributed equipment.
• Electrical power grids and electrical generation plants
• Environmental control systems
• Traffic signals
• Water management systems
• Oil refining plants
V.CONCLUSION
• Chemical plants
• Pharmaceutical manufacturing
• Sensor networks
• Dry cargo and bulk oil carrier ships
The preceding discussion does not constitute a formal threat
assessment. It merely presents a listing of trends affecting
CS development and a number of factors requiring
monitoring and research. On the other hand, this discussion
does project that the operational environment in 2010-2015
will likely see an increase in Capability and Opportunity
available to threat sources. Coupled with the broader
presence and exposure of control systems, this suggests the
future operational environment will be bothmore congested
and more vulnerable. Should a threat actor emerge that has
the Intent the equation Threat = Capability + Intent+
Opportunity will be complete.
REFERENCES
1. SONG X P, LIAO M F.design of internet based scada System frame for
wind power plant[J]. automation of electric power system 2006.
2. CHONG C Y, KUMAR S P.sensor networks:
Proceedings of the IEEE,2003.
3. C. M. Davis, J. E. Tate, H. Okhravi, C. Grier, T. J. Overbye, and D.
Nicol, “SCADA Cyber Security Testbed Development”, Power Symposium,
2006. NAPS 2006.
4. Ronald L. Krutz,Securing SCADA systems,Willey,2006.
5. Josh Siegle, Motorola Solutions. “Cyber Security for SCADA and ICS
Systems”, in Entelec Fall eminar Series, 2014.
6. T. Paukatong,SCADA Security: A New Concerning Issue of an In-house
EGAT-SCADA 2005 IEEE/PES Transmission and Distribution Conference
& Exhibition:Asia and Pacific Dalian,China.
7. American Petroleum Institute, API 1164:SCADA Security,
Washington,DC,2004.
8. D. Kilman and J. Stamp, Framework for SCADA security policy,
Technical Repot SAND2005-1002C, Sandia National Laboratories,
Albuquerque, New Mexico, 2005.
9. K. Stouffer, J. Falco and K. Kent, Guide to Supervisory Control and
Industrial Control Systems Security-Initial Public Draft, National Institute
of Standards and Technology, Gaithersburg, Maryland, 2006.
10. Pollet J. Developing a solid SCADA security strategy. In: Second
ISA/IEEE sensors for industry conference, 19-21 November 2002.

Weitere ähnliche Inhalte

Was ist angesagt?

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution briefNozomi Networks
 
Secure architecture-industrial-control-systems-36327
Secure architecture-industrial-control-systems-36327Secure architecture-industrial-control-systems-36327
Secure architecture-industrial-control-systems-36327vimal Kumar Gupta
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationSchneider Electric
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01RoutecoMarketing
 
SCADA Exposure Will Short-Circuit US Utilities
SCADA Exposure Will Short-Circuit US UtilitiesSCADA Exposure Will Short-Circuit US Utilities
SCADA Exposure Will Short-Circuit US UtilitiesFitCEO, Inc. (FCI)
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Priyanka Aash
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiClubHack
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 

Was ist angesagt? (20)

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 
The Best Measure of SCADA Success
The Best Measure of SCADA SuccessThe Best Measure of SCADA Success
The Best Measure of SCADA Success
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Nozomi networks-solution brief
Nozomi networks-solution briefNozomi networks-solution brief
Nozomi networks-solution brief
 
Secure architecture-industrial-control-systems-36327
Secure architecture-industrial-control-systems-36327Secure architecture-industrial-control-systems-36327
Secure architecture-industrial-control-systems-36327
 
Understanding Open Protocols in Building Automation
Understanding Open Protocols in Building AutomationUnderstanding Open Protocols in Building Automation
Understanding Open Protocols in Building Automation
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
 
RF_NEC
RF_NECRF_NEC
RF_NEC
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security   tom hammond10. industrial networks safety and security   tom hammond
10. industrial networks safety and security tom hammond
 
SCADA Exposure Will Short-Circuit US Utilities
SCADA Exposure Will Short-Circuit US UtilitiesSCADA Exposure Will Short-Circuit US Utilities
SCADA Exposure Will Short-Circuit US Utilities
 
Substation Cyber Security
Substation Cyber SecuritySubstation Cyber Security
Substation Cyber Security
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Nist.sp.800 82r2
Nist.sp.800 82r2Nist.sp.800 82r2
Nist.sp.800 82r2
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
 
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
Defcon 22-aaron-bayles-alxrogan-protecting-scada-dc101
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 

Ähnlich wie IJSRED-V2I2P15

SCADA Systems Vulnerabilities and Blockchain Technology
SCADA Systems Vulnerabilities and Blockchain TechnologySCADA Systems Vulnerabilities and Blockchain Technology
SCADA Systems Vulnerabilities and Blockchain Technologyijtsrd
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
Power system automation
Power system automationPower system automation
Power system automationAbbas Ali
 
SCADA_SYSTEM in industrial automation .pptx
SCADA_SYSTEM in industrial automation .pptxSCADA_SYSTEM in industrial automation .pptx
SCADA_SYSTEM in industrial automation .pptxViju Jigajinni
 
SCADA_SYSTEM in Industrial Autiomation.pptx
SCADA_SYSTEM in Industrial Autiomation.pptxSCADA_SYSTEM in Industrial Autiomation.pptx
SCADA_SYSTEM in Industrial Autiomation.pptxViju Jigajinni
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack  on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack  on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
 
Industrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptIndustrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptDelforChacnCornejo
 
Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...redpel dot com
 
Scada system architecture, types and applications
Scada system architecture, types and applicationsScada system architecture, types and applications
Scada system architecture, types and applicationsUchi Pou
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
Training manual on scada
Training manual on scadaTraining manual on scada
Training manual on scadabhavuksharma10
 
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADARITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADAcsandit
 
SCADA - Wikipedia, the free encyclopedia
SCADA - Wikipedia, the free encyclopediaSCADA - Wikipedia, the free encyclopedia
SCADA - Wikipedia, the free encyclopediaRaj Bakshi
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfPrabaKaran649935
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 

Ähnlich wie IJSRED-V2I2P15 (20)

SCADA Systems Vulnerabilities and Blockchain Technology
SCADA Systems Vulnerabilities and Blockchain TechnologySCADA Systems Vulnerabilities and Blockchain Technology
SCADA Systems Vulnerabilities and Blockchain Technology
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems
 
Scada slide
Scada slideScada slide
Scada slide
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016
 
Power system automation
Power system automationPower system automation
Power system automation
 
SCADA_SYSTEM in industrial automation .pptx
SCADA_SYSTEM in industrial automation .pptxSCADA_SYSTEM in industrial automation .pptx
SCADA_SYSTEM in industrial automation .pptx
 
SCADA_SYSTEM in Industrial Autiomation.pptx
SCADA_SYSTEM in Industrial Autiomation.pptxSCADA_SYSTEM in Industrial Autiomation.pptx
SCADA_SYSTEM in Industrial Autiomation.pptx
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack  on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack  on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
 
Industrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.pptIndustrial control systems cybersecurity.ppt
Industrial control systems cybersecurity.ppt
 
Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...Cloud assisted io t-based scada systems security- a review of the state of th...
Cloud assisted io t-based scada systems security- a review of the state of th...
 
Scada system architecture, types and applications
Scada system architecture, types and applicationsScada system architecture, types and applications
Scada system architecture, types and applications
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
 
Training manual on scada
Training manual on scadaTraining manual on scada
Training manual on scada
 
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADARITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
RITA SECURE COMMUNICATION PROTOCOL: APPLICATION TO SCADA
 
Scada pdf
Scada pdfScada pdf
Scada pdf
 
SCADA - Wikipedia, the free encyclopedia
SCADA - Wikipedia, the free encyclopediaSCADA - Wikipedia, the free encyclopedia
SCADA - Wikipedia, the free encyclopedia
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdf
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Scada & hmi
Scada & hmiScada & hmi
Scada & hmi
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 

Mehr von IJSRED

IJSRED-V3I6P13
IJSRED-V3I6P13IJSRED-V3I6P13
IJSRED-V3I6P13IJSRED
 
School Bus Tracking and Security System
School Bus Tracking and Security SystemSchool Bus Tracking and Security System
School Bus Tracking and Security SystemIJSRED
 
BigBasket encashing the Demonetisation: A big opportunity
BigBasket encashing the Demonetisation: A big opportunityBigBasket encashing the Demonetisation: A big opportunity
BigBasket encashing the Demonetisation: A big opportunityIJSRED
 
Quantitative and Qualitative Analysis of Plant Leaf Disease
Quantitative and Qualitative Analysis of Plant Leaf DiseaseQuantitative and Qualitative Analysis of Plant Leaf Disease
Quantitative and Qualitative Analysis of Plant Leaf DiseaseIJSRED
 
DC Fast Charger and Battery Management System for Electric Vehicles
DC Fast Charger and Battery Management System for Electric VehiclesDC Fast Charger and Battery Management System for Electric Vehicles
DC Fast Charger and Battery Management System for Electric VehiclesIJSRED
 
Growth Path Followed by France
Growth Path Followed by FranceGrowth Path Followed by France
Growth Path Followed by FranceIJSRED
 
Acquisition System
Acquisition SystemAcquisition System
Acquisition SystemIJSRED
 
Parallelization of Graceful Labeling Using Open MP
Parallelization of Graceful Labeling Using Open MPParallelization of Graceful Labeling Using Open MP
Parallelization of Graceful Labeling Using Open MPIJSRED
 
Study of Phenotypic Plasticity of Fruits of Luffa Acutangula Var. Amara
Study of Phenotypic Plasticity of  Fruits of Luffa Acutangula Var. AmaraStudy of Phenotypic Plasticity of  Fruits of Luffa Acutangula Var. Amara
Study of Phenotypic Plasticity of Fruits of Luffa Acutangula Var. AmaraIJSRED
 
Understanding Architecture of Internet of Things
Understanding Architecture of Internet of ThingsUnderstanding Architecture of Internet of Things
Understanding Architecture of Internet of ThingsIJSRED
 
Smart shopping cart
Smart shopping cartSmart shopping cart
Smart shopping cartIJSRED
 
An Emperical Study of Learning How Soft Skills is Essential for Management St...
An Emperical Study of Learning How Soft Skills is Essential for Management St...An Emperical Study of Learning How Soft Skills is Essential for Management St...
An Emperical Study of Learning How Soft Skills is Essential for Management St...IJSRED
 
Smart Canteen Management
Smart Canteen ManagementSmart Canteen Management
Smart Canteen ManagementIJSRED
 
Gandhian trusteeship and Economic Ethics
Gandhian trusteeship and Economic EthicsGandhian trusteeship and Economic Ethics
Gandhian trusteeship and Economic EthicsIJSRED
 
Impacts of a New Spatial Variable on a Black Hole Metric Solution
Impacts of a New Spatial Variable on a Black Hole Metric SolutionImpacts of a New Spatial Variable on a Black Hole Metric Solution
Impacts of a New Spatial Variable on a Black Hole Metric SolutionIJSRED
 
A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...
A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...
A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...IJSRED
 
Inginious Trafalgar Contrivition System
Inginious Trafalgar Contrivition SystemInginious Trafalgar Contrivition System
Inginious Trafalgar Contrivition SystemIJSRED
 
Farmer's Analytical assistant
Farmer's Analytical assistantFarmer's Analytical assistant
Farmer's Analytical assistantIJSRED
 
Functions of Forensic Engineering Investigator in India
Functions of Forensic Engineering Investigator in IndiaFunctions of Forensic Engineering Investigator in India
Functions of Forensic Engineering Investigator in IndiaIJSRED
 
Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....
Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....
Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....IJSRED
 

Mehr von IJSRED (20)

IJSRED-V3I6P13
IJSRED-V3I6P13IJSRED-V3I6P13
IJSRED-V3I6P13
 
School Bus Tracking and Security System
School Bus Tracking and Security SystemSchool Bus Tracking and Security System
School Bus Tracking and Security System
 
BigBasket encashing the Demonetisation: A big opportunity
BigBasket encashing the Demonetisation: A big opportunityBigBasket encashing the Demonetisation: A big opportunity
BigBasket encashing the Demonetisation: A big opportunity
 
Quantitative and Qualitative Analysis of Plant Leaf Disease
Quantitative and Qualitative Analysis of Plant Leaf DiseaseQuantitative and Qualitative Analysis of Plant Leaf Disease
Quantitative and Qualitative Analysis of Plant Leaf Disease
 
DC Fast Charger and Battery Management System for Electric Vehicles
DC Fast Charger and Battery Management System for Electric VehiclesDC Fast Charger and Battery Management System for Electric Vehicles
DC Fast Charger and Battery Management System for Electric Vehicles
 
Growth Path Followed by France
Growth Path Followed by FranceGrowth Path Followed by France
Growth Path Followed by France
 
Acquisition System
Acquisition SystemAcquisition System
Acquisition System
 
Parallelization of Graceful Labeling Using Open MP
Parallelization of Graceful Labeling Using Open MPParallelization of Graceful Labeling Using Open MP
Parallelization of Graceful Labeling Using Open MP
 
Study of Phenotypic Plasticity of Fruits of Luffa Acutangula Var. Amara
Study of Phenotypic Plasticity of  Fruits of Luffa Acutangula Var. AmaraStudy of Phenotypic Plasticity of  Fruits of Luffa Acutangula Var. Amara
Study of Phenotypic Plasticity of Fruits of Luffa Acutangula Var. Amara
 
Understanding Architecture of Internet of Things
Understanding Architecture of Internet of ThingsUnderstanding Architecture of Internet of Things
Understanding Architecture of Internet of Things
 
Smart shopping cart
Smart shopping cartSmart shopping cart
Smart shopping cart
 
An Emperical Study of Learning How Soft Skills is Essential for Management St...
An Emperical Study of Learning How Soft Skills is Essential for Management St...An Emperical Study of Learning How Soft Skills is Essential for Management St...
An Emperical Study of Learning How Soft Skills is Essential for Management St...
 
Smart Canteen Management
Smart Canteen ManagementSmart Canteen Management
Smart Canteen Management
 
Gandhian trusteeship and Economic Ethics
Gandhian trusteeship and Economic EthicsGandhian trusteeship and Economic Ethics
Gandhian trusteeship and Economic Ethics
 
Impacts of a New Spatial Variable on a Black Hole Metric Solution
Impacts of a New Spatial Variable on a Black Hole Metric SolutionImpacts of a New Spatial Variable on a Black Hole Metric Solution
Impacts of a New Spatial Variable on a Black Hole Metric Solution
 
A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...
A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...
A Study to Assess the Effectiveness of Planned Teaching Programme on Knowledg...
 
Inginious Trafalgar Contrivition System
Inginious Trafalgar Contrivition SystemInginious Trafalgar Contrivition System
Inginious Trafalgar Contrivition System
 
Farmer's Analytical assistant
Farmer's Analytical assistantFarmer's Analytical assistant
Farmer's Analytical assistant
 
Functions of Forensic Engineering Investigator in India
Functions of Forensic Engineering Investigator in IndiaFunctions of Forensic Engineering Investigator in India
Functions of Forensic Engineering Investigator in India
 
Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....
Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....
Participation Politique Feminine En Competition Électorale Au Congo-Kinshasa....
 

Kürzlich hochgeladen

Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...Apollo Techno Industries Pvt Ltd
 
Pioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future OutlookPioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future Outlooksoginsider
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...sahb78428
 
Dev.bg DevOps March 2024 Monitoring & Logging
Dev.bg DevOps March 2024 Monitoring & LoggingDev.bg DevOps March 2024 Monitoring & Logging
Dev.bg DevOps March 2024 Monitoring & LoggingMarian Marinov
 
SUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docx
SUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docxSUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docx
SUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docxNaveenVerma126
 
Basic Principle of Electrochemical Sensor
Basic Principle of  Electrochemical SensorBasic Principle of  Electrochemical Sensor
Basic Principle of Electrochemical SensorTanvir Moin
 
cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabusViolet Violet
 
Phase noise transfer functions.pptx
Phase noise transfer      functions.pptxPhase noise transfer      functions.pptx
Phase noise transfer functions.pptxSaiGouthamSunkara
 
How to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfHow to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfRedhwan Qasem Shaddad
 
nvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxnvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxjasonsedano2
 
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratoryدليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide LaboratoryBahzad5
 
Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)Bahzad5
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfodunowoeminence2019
 
Test of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptxTest of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptxHome
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...amrabdallah9
 
ASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entenderASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entenderjuancarlos286641
 
Modelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsModelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsYusuf Yıldız
 
Guardians and Glitches: Navigating the Duality of Gen AI in AppSec
Guardians and Glitches: Navigating the Duality of Gen AI in AppSecGuardians and Glitches: Navigating the Duality of Gen AI in AppSec
Guardians and Glitches: Navigating the Duality of Gen AI in AppSecTrupti Shiralkar, CISSP
 

Kürzlich hochgeladen (20)

Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...
 
Pioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future OutlookPioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future Outlook
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...
 
Dev.bg DevOps March 2024 Monitoring & Logging
Dev.bg DevOps March 2024 Monitoring & LoggingDev.bg DevOps March 2024 Monitoring & Logging
Dev.bg DevOps March 2024 Monitoring & Logging
 
SUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docx
SUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docxSUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docx
SUMMER TRAINING REPORT ON BUILDING CONSTRUCTION.docx
 
Basic Principle of Electrochemical Sensor
Basic Principle of  Electrochemical SensorBasic Principle of  Electrochemical Sensor
Basic Principle of Electrochemical Sensor
 
Lecture 2 .pdf
Lecture 2                           .pdfLecture 2                           .pdf
Lecture 2 .pdf
 
cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabus
 
Phase noise transfer functions.pptx
Phase noise transfer      functions.pptxPhase noise transfer      functions.pptx
Phase noise transfer functions.pptx
 
How to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfHow to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdf
 
nvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxnvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptx
 
Présentation IIRB 2024 Chloe Dufrane.pdf
Présentation IIRB 2024 Chloe Dufrane.pdfPrésentation IIRB 2024 Chloe Dufrane.pdf
Présentation IIRB 2024 Chloe Dufrane.pdf
 
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratoryدليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
دليل تجارب الاسفلت المختبرية - Asphalt Experiments Guide Laboratory
 
Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
 
Test of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptxTest of Significance of Large Samples for Mean = µ.pptx
Test of Significance of Large Samples for Mean = µ.pptx
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
 
ASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entenderASME BPVC 2023 Section I para leer y entender
ASME BPVC 2023 Section I para leer y entender
 
Modelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsModelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovations
 
Guardians and Glitches: Navigating the Duality of Gen AI in AppSec
Guardians and Glitches: Navigating the Duality of Gen AI in AppSecGuardians and Glitches: Navigating the Duality of Gen AI in AppSec
Guardians and Glitches: Navigating the Duality of Gen AI in AppSec
 

IJSRED-V2I2P15

  • 1. International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019 Available at www.ijsred.com ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 121 Protection Trends in Scada Cyber Threats Anusha H S1 , Amulya C T2 , Annapoorneshwari M R3 , Monisha Krishna D S4 , Mohammed Elahi5 1, 2, 3, &4 Students, Dept of ECE, Ghousia College of Engineering, Ramanagaram, Karnataka 5 Asst. Professor, Dept. of ECE, Ghousia College of Engineering, Ramanagaram, Karnataka Abstract: The answer to the existing threat issues in SCADA is that these types of threats are becoming more likely, as current SCADA systems and networks increasingly utilize commercially off-the-shelf (COTS) software, connect to the enterprise layer and move toward IP connectivity. These recent changes have contributed to higher threat levels and increased vulnerability. A few short years ago, the chances of someone finding these vulnerabilities and exploiting them were very slim. This was due to the fact that process control systems and SCADA networks were unheard of by the general population and systems were based on specialized platforms that were segregated from the enterprise layer. In recent years, industrial systems have begun to take a front seat in the spot light, due to the focus by the Department of Homeland Security on national critical infrastructure and some unfortunate media coverage. Despite current efforts, there is a high probability that something bad is eventually going to happen. In addition, the number of "SCADA hacking" presentations is increasing at security and "hacker" conventions, with the number of vulnerabilities discovered within these systems increasing. Bottom line, our little corner of industry is no longer isolated and the word is now out. While cyber security is being given the lion's share of attention, with "hackers" already attracting premature blame from a few recently publicized incidents, the widespread disregard for physical and operational security within many organizations has become a huge concern. Many companies are heavily focused on shoring up their cyber security, with little or no regard for physical security. Index Term: Commercially off the shelf (COTS), SCADA hacking I. INTRODUCTION SCADA stands for Supervisory Control And Data Acquisition. It generally refers to an industrial control system: a computer system monitoring and controlling a process. The process can be industrial, infrastructure or facility based as described below: Industrial processes include those of manufacturing, production, power generation, fabrication, and refining, and may run in continuous, batch, repetitive, or discrete modes. Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, and large communication systems. Facility processes occur both in public facilities and private ones, including buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption. SCADA systems are used to control and monitor physical processes, examples of which are transmission of electricity, transportation of gas and oil in pipelines, water distribution, traffic lights, and other systems used as the basis of modern society. The security of these SCADA systems is important because compromise or destruction of these systems would impact multiple areas of society far removed from the original RESEARCH ARTICLE OPEN ACCESS
  • 2. International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019 Available at www.ijsred.com ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 122 compromise. For example, a blackout caused by a compromised electrical SCADA system would cause financial losses to all the customers that received electricity from that source. How security will affect legacy SCADA and new deployments remains to be seen. Many vendors of SCADA and control products have begun to address these risks by developing lines of specialized industrial firewall and VPN solutions for TCP/IP-based SCADA networks. Additionally, application white listing solutions are being implemented because of their ability to prevent malware and unauthorized application changes without the performance impacts of traditional antivirus scans. Also, the ISA Security Compliance Institute (ISCI) is emerging to formalize SCADA security testing starting as soon as 2009. ISCI is conceptually similar to private testing and certification that has been performed by vendors since 2007. The increased interest in SCADA vulnerabilities has resulted in vulnerability researchers discovering vulnerabilities in commercial SCADA software and more general offensive SCADA techniques presented to the general security community. II. PROBLEM STATEMENT The move from proprietary technologies to more standardized and open solutions together with the increased number of connections between SCADA systems and office networks and the Internet has made them more vulnerable to attacks. Consequently, the security of SCADA-based systems has come into question as they are increasingly seen as extremely vulnerable to cyberwarfare/cyberterrorism attacks. In particular, security researchers are concerned about: The lack of concern about security and authentication in the design, deployment and operation of existing SCADA networks. The mistaken belief that SCADA systems have the benefit of security through obscurity through the use of specialized protocols and proprietary interfaces. The mistaken belief that SCADA networks are secure because they are purportedly physically secured. The mistaken belief that SCADA networks are secure because they are supposedly disconnected from the Internet. III. METODOLOGY 1. Systems concepts The term SCADA usually refers to centralized systems which monitor and control entire sites, or complexes of systems spread out over large areas (anything between an industrial plant and a country). Most control actions are performed automatically by remote terminal units ("RTUs") or by programmable logic controllers ("PLCs"). Host control functions are usually restricted to basic overriding or supervisory level intervention. For example, a PLC may control the flow of cooling water through part of an industrial process, but the SCADA system may allow operators to change the set points for the flow, and enable alarm conditions, such as loss of flow and high temperature, to be displayed and recorded. The feedback control loop passes through the RTU or PLC, while the SCADA system monitors the overall performance of the loop. Fig. Basic SCADA System Data acquisition begins at the RTU or PLC level and includes meter readings and equipment status reports that are communicated to SCADA as required. Data is then compiled and formatted in such a way that a control room operator using the HMI can make supervisory decisions to adjust or override normal RTU (PLC) controls. Data may also be fed to a Historian, often built on a commodity Database Management System, to allow trending and other analytical auditing.
  • 3. International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019 Available at www.ijsred.com ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 123 SCADA systems typically implement a distributed database, commonly referred to as a tag database, which contains data elements called tags or points. A point represents a single input or output value monitored or controlled by the system. Points can be either "hard" or "soft". A hard point represents an actual input or output within the system, while a soft point results from logic and math operations applied to other points. (Most implementations conceptually remove the distinction by making every property a "soft" point expression, which may, in the simplest case, equal a single hard point.) Points are normally stored as value-timestamp pairs: a value, and the timestamp when it was recorded or calculated. A series of value-timestamp pairs gives the history of that point. It's also common to store additional metadata with tags, such as the path to a field device or PLC register, design time comments, and alarm information. A SCADA System usually consists of the following subsystems: • A Human-Machine Interface or HMI is the apparatus which presents process data to a human operator, and through this, the human operator, monitors and controls the process. • A supervisory (computer) system, gathering (acquiring) data on the process and sending commands (control) to the process. • Remote Terminal Units (RTUs) connecting to sensors in the process, converting sensor signals to digital data and sending digital data to the supervisory system. • Programmable Logic Controller (PLCs) used as field devices because they are more economical, versatile, flexible, and configurable than special-purpose RTUs. • Communication infrastructure connecting the supervisory system to the Remote Terminal Units. 2. Human Machine Interface A Human-Machine Interface or HMI is the apparatus which presents process data to a human operator, and through which the human operator controls the process. The HMI system usually presents the information to the operating personnel graphically, in the form of a mimic diagram. This means that the operator can see a schematic representation of the plant being controlled. For example, a picture of a pump connected to a pipe can show the operator that the pump is running and how much fluid it is pumping through the pipe at the moment. The operator can then switch the pump off. The HMI software will show the flow rate of the fluid in the pipe decrease in real time. Mimic diagrams may consist of line graphics and schematic symbols to represent process elements, or may consist of digital photographs of the process equipment overlain with animated symbols. An important part of most SCADA implementations are alarms. An alarm is a digital status point that has either the value NORMAL or ALARM. Alarms can be created in such a way that when their requirements are met, they are activated. An example of an alarm is the "fuel tank empty" light in a car. The SCADA operator's attention is drawn to the part of the system requiring attention by the alarm. Emails and text messages are often sent along with an alarm activation alerting managers along with the SCADA operator. 3. Hardware solutions SCADA solutions often have Distributed Control System (DCS) components. Use of "smart" RTUs or PLCs, which are capable of autonomously executing simple logic processes without involving the master computer, is increasing. A functional block programming language, IEC 61131-3 (Ladder Logic), is frequently used to create programs which run on these RTUs and PLCs. Unlike a procedural language such as the C programming language or FORTRAN, IEC 61131-3 has minimal training requirements by virtue of resembling historic physical control arrays. This allows SCADA system engineers to perform both the design and implementation of a program to be executed on an RTU or PLC. Since about 1998, virtually all major PLC manufacturers have offered integrated HMI/SCADA systems, many of them using open and non- proprietary communications protocols.
  • 4. International Journal of Scientific Research and Engineering Development-– Volume 2 Issue 1, Mar-Apr 2019 Available at www.ijsred.com ISSN : 2581-7175 ©IJSRED: All Rights are Reserved Page 124 4. Remote Terminal Unit (RTU) The RTU connects to physical equipment. Typically, an RTU converts the electrical signals from the equipment to digital values such as the open/closed status from a switch or a valve, or measurements such as pressure, flow, voltage or current. By converting and sending these electrical signals out to equipment the RTU can control equipment, such as opening or closing a switch or a valve, or setting the speed of a pump. IV. DISTRIBUTED CONTROL SYSTEM A distributed control system (DCS) refers to a control system usually of a manufacturing system, process or any kind of dynamic system, in which the controller elements are not central in location (like the brain) but are distributed throughout the system with each component sub-system controlled by one or more controllers. The entire system of controllers is connected by networks for communication and monitoring. DCS is a very broad term used in a variety of industries, to monitor and control distributed equipment. • Electrical power grids and electrical generation plants • Environmental control systems • Traffic signals • Water management systems • Oil refining plants V.CONCLUSION • Chemical plants • Pharmaceutical manufacturing • Sensor networks • Dry cargo and bulk oil carrier ships The preceding discussion does not constitute a formal threat assessment. It merely presents a listing of trends affecting CS development and a number of factors requiring monitoring and research. On the other hand, this discussion does project that the operational environment in 2010-2015 will likely see an increase in Capability and Opportunity available to threat sources. Coupled with the broader presence and exposure of control systems, this suggests the future operational environment will be bothmore congested and more vulnerable. Should a threat actor emerge that has the Intent the equation Threat = Capability + Intent+ Opportunity will be complete. REFERENCES 1. SONG X P, LIAO M F.design of internet based scada System frame for wind power plant[J]. automation of electric power system 2006. 2. CHONG C Y, KUMAR S P.sensor networks: Proceedings of the IEEE,2003. 3. C. M. Davis, J. E. Tate, H. Okhravi, C. Grier, T. J. Overbye, and D. Nicol, “SCADA Cyber Security Testbed Development”, Power Symposium, 2006. NAPS 2006. 4. Ronald L. Krutz,Securing SCADA systems,Willey,2006. 5. Josh Siegle, Motorola Solutions. “Cyber Security for SCADA and ICS Systems”, in Entelec Fall eminar Series, 2014. 6. T. Paukatong,SCADA Security: A New Concerning Issue of an In-house EGAT-SCADA 2005 IEEE/PES Transmission and Distribution Conference & Exhibition:Asia and Pacific Dalian,China. 7. American Petroleum Institute, API 1164:SCADA Security, Washington,DC,2004. 8. D. Kilman and J. Stamp, Framework for SCADA security policy, Technical Repot SAND2005-1002C, Sandia National Laboratories, Albuquerque, New Mexico, 2005. 9. K. Stouffer, J. Falco and K. Kent, Guide to Supervisory Control and Industrial Control Systems Security-Initial Public Draft, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006. 10. Pollet J. Developing a solid SCADA security strategy. In: Second ISA/IEEE sensors for industry conference, 19-21 November 2002.