Control monitoring and data collection(SCADA systems) is a management system architecture that uses computers, network data transfer facilities, and graphical user interfaces for managing high-level processes. Other peripheral devices are also used, such as programmable logic controllers and discrete PID controllers to interact with a process unit or equipment. Operator interfaces that allow monitoring and issuing process commands (changes to the control point of the controller) are processed via the SCADA computer system. However, real-time control logic or controller calculations are performed by network modules that connect to field sensors and actuators.
The SCADA concept
The SCADA concept was developed as aa universal way to remotely access a variety of local control modules that can be from different vendors that provide access through standard automation protocols. An overview of SCADA systems shows that this software is very similar to distributed control systems, but using a variety of ways to interact with the installation. They can manage large-scale processes that can include multiple sites, and work at great distances. This is one of the most commonly used types of industrial control systems, but there are concerns that SCADA executive systems are vulnerable to cyberwar / cyberterrorism attacks.
SCADA systems - what is it?
The key attribute of the SCADA system is itsthe ability to perform supervisory operations on many other proprietary devices. The accompanying diagram is a general model that shows the functional levels of production using computerized control.
Functional levels of the operation of production management:
- Level 0 - field devices (flow and temperature sensors) and final control elements (control valves).
- Level 1 - industrial I / O modules (I / O) and associated distributed electronic processors.
- Level 2 - control computers that collect information from the processor nodes in the system and provide operator control screens.
- Level 3 is the level of production control that does not directly control the process, but it monitors production and objectives.
- Level 4 - level of production planning.
Examples of using
Both large and small SCADA intouch systems can be built using the SCADA concept.
These systems can vary from severaldozens to several thousand control loops depending on the application. The development of SCADA-systems includes industrial, infrastructure and object-oriented processes:
- Industrial processes includeproduction, process control, power generation, fabrication and refining, and can operate in continuous, periodic, repetitive or discrete modes.
- Infrastructure processes can bepublic or private, and also include water purification and distribution, sewage collection and treatment, oil and gas pipelines, transmission and distribution of electricity and wind power plants.
- The process of the facility, including buildings, airports, ships and space stations. They control the heating, ventilation and air conditioning systems, access and energy consumption.
However, SCADA systems may have security vulnerabilities, therefore, risks and solutions that increase the level of security must be evaluated.
An important part of most implementations of SCADA systemsIs the processing of alarms. The system monitors whether certain alarm conditions are met to determine when an event occurred. Once an event is detected, one or more actions are taken (for example, activation of one or more alarm indicators and, possibly, the generation of e-mail or text messages to inform management operators or remote SCADA operators). In many cases, the SCADA operator will have to admit a violation or failure.
Anxiety conditions may be explicit - for example,The alarm point is a digital state point, which has either the NORMAL value or ALARM, which is calculated using a formula based on values from other analog and digital points — or implicitly: the SCADA system can automatically control whether the value at the analog point is out of high and low. values associated with this point.
Examples of alarm indicators include a siren,a pop-up window on the screen or a colored or flashing area on the screen (which can act similarly to the light of the “fuel tank in the car”). In each case, the role of the alarm indicator is to draw the operator’s attention to a part of the system “in alarm” so that appropriate action can be taken.
Commercial integration and the prospect of SCADA systems
Since 1998, almost all major manufacturersoffer integrated SCADA systems, many of which use open and non-proprietary communication protocols. Many specialized third-party packages offering built-in compatibility with most large systems have also entered the market, allowing mechanical engineers, electrical engineers and technicians to independently configure protocols without the need for a special program written by a programmer. The remote terminal connects to the physical equipment and converts the electrical signals from the equipment to digital values, such as an open / closed state from a switch or valve, or measurement (pressure, flow, voltage or current).
Communication infrastructure and methods
Supervisory Control and Data Acquisition SystemsScada has traditionally used combinations of radio and direct wiring, although SONET / SDH is also often used for large systems such as railways and power stations. The remote control or monitoring function of the Scada executive is often referred to as telemetry. Some users want SCADA data to travel over pre-established corporate networks or share the network with other applications. However, the legacy of early low-bandwidth protocols remains.
SCADA protocols are very compact.Typical legacy SCADA protocols include Modbus RTU, RP-570, Profibus, and Conitel. These communication protocols, with the exception of Modbus (Modbus was discovered by Schneider Electric), are specific to SCADA providers, but are widely used. The standard protocols are IEC 60870-5-101, 104, IEC 61850 and DNP3. These communication protocols are standardized and recognized by all major SCADA suppliers. Many of these protocols now contain extensions to work over TCP / IP. Although the use of conventional network specifications, such as TCP / IP, blurs the line between traditional and industrial networks, each of them implements fundamentally different requirements. Network modeling can be used in conjunction with SCADA simulators to perform various analyzes.
SCADA at the present stage
With increasing security requirements, increasinglysatellite communication is used. This has the key advantages that the infrastructure can be autonomous (without using schemes from the public telephone system), it can have built-in encryption and can be designed taking into account the availability and reliability required by the operator of the SCADA system. Earlier consumer experience was unsatisfactory. Modern carrier-class systems provide the quality of service required for SCADA.
SCADA systems that integratedecentralized facilities, such as energy, oil, gas pipelines, water distribution and sewage collection systems, were designed to be open, reliable, and easily manageable. The transition from proprietary technologies to more standardized and open solutions together with an increase in the number of connections between SCADA systems, office networks and the Internet made them more vulnerable to types of network attacks that are relatively common in computer security. A vulnerability alert was published that contained information that non-authenticated users could download confidential configuration information, including password hashes, from an inductive auto-ignition system using a standard type of attack that provides access to Tomcat Embedded. Thus, the security of some SCADA-based systems was questioned because they were considered potentially vulnerable to cyber attacks.
The increased interest in SCADA vulnerabilities has led tothe fact that researchers have discovered problems in the commercial design of SCADA systems and more general offensive methods presented to the general security community. In SCADA systems with electrical and gas utilities, the vulnerability of a large installed base of wired and wireless serial communication channels is sometimes eliminated by using spiked devices on the wired network that use extended encryption authentication and encryption, rather than replacing all existing nodes.
In June 2010, anti-virus protection VirusBlokAdaannounced the first detection of malware that attacks SCADA systems (Siemens WinCC / PCS 7 systems) running on Windows operating systems. The malware is called Stuxnet and uses four zero-day attacks to install the rootkit, which, in turn, enters the SCADA database and steals the design and management files. The malware can also change the control system and hide these changes. In October 2013, National Geographic released the documentation called American Blackout, which dealt with a large-scale cyber attack on SCADA and the United States electrical network.
SCADA systems are used to control andmonitoring of physical processes, examples of which are electricity transmission, transportation of oil and gas products, water distribution, traffic lights and other systems used as the basis of modern society. The safe operation of these SCADA systems is very important, since compromise or the destruction of them will affect many areas of society that are far from the original compromise. For example, blackout caused by a compromised electrical SCADA system will result in financial losses for all customers who received electricity from this source.