1) SCADA systems are used to monitor and control critical infrastructure through networks of sensors and programmable logic controllers.
2) These systems were traditionally isolated but are now increasingly connected to external networks, making them vulnerable to attacks.
3) Common vulnerabilities of SCADA systems include weak passwords, unencrypted network traffic, and lack of input validation. Improving SCADA security is challenging due to the operational needs of control systems and lack of security experience among operators.
2. Infrastructure classes
• Physical infrastructure
– Physical facilities and assets such as pumping
stations, pipelines, railways, roads, etc.
• Digital infrastructure
– Networks, software and physical facilities required for their
operation, such as data centres
• Organisational infrastructure
– Services such as emergency services, medical
services, government
• Focus in this lecture will be on physical infrastructure
and critical control systems for that infrastructure
Critical Infrastructure 2,, 2013 Slide 2
3. Control Systems
• IT is used for monitoring
and controlling
infrastructure in almost all
industries in the developed
world
– Oil and Gas
– Railways
– Power Generation and
Transmission
– Water Management
– Manufacturing
– Production Plants
Critical Infrastructure 2,, 2013 Slide 3
4. Infrastructure control
• Infrastructure equipment is
usually controlled using
special-purpose hardware and
software
• PLCs (Programmable Logic
Controllers) are associated
with specific components such
as valves and switches
• A SCADA (Supervisory
Control and Data Acquisition)
system is used to monitor and
coordinate individual
controllers
Critical Infrastructure 2,, 2013 Slide 4
6. Programmable Logic Controllers
• Stand-alone units which are associated with a
controlled element or a group of controlled elements.
• Send signals to actuators associated with that
element e.g. to motors that can open or close a valve
• Usually have associated sensors that determine the
state of the element itself as well as sensors that
sense whatever is being controlled (e.g. gas flow)
• Can act autonomously – e.g. to shut down an
element or (more frequently) connected to a SCADA
system that manages and controls all system
elements
Critical Infrastructure 2,, 2013 Slide 6
7. What is SCADA?
• An architectural pattern for industrial control systems
with many components that are often distributed over
a wide area
• A configurable software system that is used to
implement large-scale control systems where:
– Programmable logic units control infrastructure components
– Data acquisition by remote terminal units (RTUs)
– Data sent to control centre, running the SCADA system
– Control Centre monitors system,displays system status and
issues commands
• Based on standard industrial communication
protocols
Critical Infrastructure 2,, 2013 Slide 7
8. SCADA functionality
• A SCADA
system performs
four functions:
– Data acquisition
– Unit control
– Networked data
communications
– Data presentatio
A SCADA system controlling an
electricity distribution network
Critical Infrastructure 2,, 2013 Slide 8
10. SCADA system components
• Remote stations with sensors (either digital or analog) and PLCs
that directly interface with the managed system.
• Remote telemetry units (RTUs). These are small computerized
units deployed in the field at specific sites and locations. RTUs
(Remote Telemetry Units) serve as local collection points for
gathering reports from sensors and delivering commands to
control relays.
• SCADA master units. These are larger computer consoles that
serve as the central processor for the SCADA system. Master
units provide a human interface to the system and automatically
regulate the managed system in response to sensor inputs.
• The communications network that connects the SCADA master
unit to the RTUs in the field.
Critical Infrastructure 2,, 2013 Slide 10
11. SCADA application areas
• Electric power
generation, transmission
and distribution
• Water and sewage
• Buildings, facilities and
environments
• Manufacturing
• Mass transit
• Traffic signals
Critical Infrastructure 2,, 2013 Slide 11
12. Critical SCADA systems
• Failure of controlled systems can lead to direct loss of
life due to equipment failure or indirect losses does to
failure of critical infrastructure controlled by SCADA
systems
• SCADA issues are therefore
– Safety and reliability
– Security
• SCADA safety and reliability
– Needs specific safety analysis techniques for PLCs because
they are programmed in a different way (ladder logic)
– SCADA systems usually have redundancy and
backup, which contributes to the availability of these systems
Critical Infrastructure 2,, 2013 Slide 12
13. SCADA generations
• 1st generation (1970s). Co-located control
– Controlled units were on the same site as the controlling
computer with hard-wired connections between them
– No network so no potential for external attack. Very limited
chance of insider attack because operation by teams rather
than individuals
• 2nd generation (1980s/90s) Distributed control
– SCADA systems networked with devices using special-
purpose protocols
– No external network connection
– Vulnerable to insider attacks because of distributed sites
Critical Infrastructure 2,, 2013 Slide 13
14. SCADA generations
• 3rd generation (2000s). Networked systems
– SCADA systems no longer isolated but connected to external
networks
– External connection through computers (particularly PCs)
that are directly connected to the Internet
– May also interface with other Internet-connected systems
such as manufacturing control systems
– More use of standard protocols such as TCP/IP for
communications
– Remote system monitoring and upgrades from providers
requires network connection
Critical Infrastructure 2,, 2013 Slide 14
15. SCADA security
• Security is a particular
concern for SCADA
systems
– Considerable potential for
large-scale damage to critical
infrastructure by attacker
– Security through isolation.
SCADA
systems, historically, were
unconcerned with security
because they were isolated
systems
– Security through obscurity.
Critical Infrastructure 2,, 2013
Non-standard programming15
Slide
languages and protocols
16. Security through isolation
• If a system is not connected to the Internet, then it
cannot be penetrated by attacks from the Internet
• Until recently, SCADA systems were isolated
networks. But now:
• Direct connections to vendors for maintenance, stock
ordering etc.
• Connected to enterprise systems, which in turn are on the
Internet.
• PCs used by operators may be multi-functional and
internet connected
• Operators transfer information using USB drives
Critical Infrastructure 2,, 2013 Slide 16
17. Security through obscurity
• Approach to security that is based on the fact that
information about a system is not widely known or
available so few people can successfully attack
system
– Susceptible to insider attack – those who know the
information
– SCADA systems are sold globally – therefore information is
available to other countries who may be potentially hostile
– Information on SCADA systems can be stolen and used by
attackers
Critical Infrastructure 2,, 2013 Slide 17
18. SCADA connectivity
• SCADA systems are now
progressively reliant on
standard IT technologies and
protocols(Microsoft
Windows, TCP/IP, web
browsers, wireless
technologies, etc.)
• No longer able to rely on
security by isolation and
security through obscurity
Critical Infrastructure 2,, 2013 Slide 18
19. SCADA legacy systems
• There are a huge number of 2nd generation SCADA
systems that are still in use and are likely to remain in
use for many years
– Infrastructure systems can have a 20+ year lifetime
• However, these are now being ‘updated’ with new
equipment which is network-connected
• These older legacy systems were developed without
security awareness and so are particularly vulnerable
to attack
Critical Infrastructure 2,, 2013 Slide 19
20. Common SCADA vulnerabilities
• Weak passwords
• Open to port
scanning to
discover SCADA
systems on
network
• Lack of input
validation –buffer
overflow and SQL
poisoning
• Unencrypted
Critical Infrastructure 2,, 2013 network traffic Slide 20
21. SCADA security challenges
• Infrastructure providers and SCADA developers have no
background in IT security
• Not always possible to use standard security tools and
techniques:
– For example, It may not be possible to install anti-virus
protection on process control systems, owing to the lack of
processor power on legacy systems, the age of operating
systems or the lack of vendor certification.
– Security testing on process control systems must also be
approached with extreme caution – security scanning can
seriously affect the operation of many control devices.
– There are sometimes few opportunities to take the systems
off-line for routine testing, patching and maintenance.
Critical Infrastructure 2,, 2013 Slide 21
22. Improving SCADA security
• Government and industry
reports to raise awareness of
SCADA security issues
• Establishment of bodies
(CPNI) specifically
concerned with infrastructure
protection
• Need for regulators to
become involved – security
certification
• Better security education and
Critical Infrastructure 2,, 2013 training for SCADA Slide 22
24. Key Points
• SCADA systems are the most common control systems
for large-scale national infrastructure
• These systems coordinate and communicate with a
network of sensors and actuators that control
equipment such as valves and pumps
• SCADA systems are often old systems that were built
without security concerns – therefore are vulnerable to
external attack
• Government organisations are seriously concerned
about the vulnerability of these systems to failures and
attack
Critical Infrastructure 2,, 2013 Slide 24