cs 5032 l18 critical infrastructure 2: scada systems

Critical Infrastructure 2,, 2013 Slide 1

Critical infrastructure 2

SCADA systems


Infrastructure classes

• Physical infrastructure– Physical facilities and assets such as pumping

stations, pipelines, railways, roads, etc.

• Digital infrastructure– Networks, software and physical facilities required for

their operation, such as data centres

• Organisational infrastructure– Services such as emergency services, medical

services, government

• Focus in this lecture will be on physical infrastructure and critical control systems for that infrastructure


Control Systems

• IT is used for monitoring and controlling infrastructure in almost all industries in the developed world

– Oil and Gas

– Railways

– Power Generation and Transmission

– Water Management

– Manufacturing

– Production Plants


Infrastructure control

• Infrastructure equipment is usually controlled using special-purpose hardware and software

• PLCs (Programmable Logic Controllers) are associated with specific components such as valves and switches

• A SCADA (Supervisory Control and Data Acquisition) system is used to monitor and coordinate individual controllers


Infrastructure control elements

PLC PLC

To SCADA system

Water pipelineMotorised

valveMotorised

valveFlowsensor


Programmable Logic Controllers

• Stand-alone units which are associated with a controlled element or a group of controlled elements.

• Send signals to actuators associated with that element e.g. to motors that can open or close a valve

• Usually have associated sensors that determine the state of the element itself as well as sensors that sense whatever is being controlled (e.g. gas flow)

• Can act autonomously – e.g. to shut down an element or (more frequently) connected to a SCADA system that manages and controls all system elements


What is SCADA?

• An architectural pattern for industrial control systems with many components that are often distributed over a wide area

• A configurable software system that is used to implement large-scale control systems where:

– Programmable logic units control infrastructure components

– Data acquisition by remote terminal units (RTUs)

– Data sent to control centre, running the SCADA system

– Control Centre monitors system,displays system status and issues commands

• Based on standard industrial communication protocols


SCADA functionality

• A SCADA system performs four functions:

– Data acquisition

– Unit control

– Networked data communications

– Data presentatio

A SCADA system controlling an electricity distribution network

Critical Infrastructure 2,, 2013 Slide 9SCADA system architecture


SCADA system components

• Remote stations with sensors (either digital or analog) and PLCs that directly interface with the managed system.

• Remote telemetry units (RTUs). These are small computerized units deployed in the field at specific sites and locations. RTUs (Remote Telemetry Units) serve as local collection points for gathering reports from sensors and delivering commands to control relays.

• SCADA master units. These are larger computer consoles that serve as the central processor for the SCADA system. Master units provide a human interface to the system and automatically regulate the managed system in response to sensor inputs.

• The communications network that connects the SCADA master unit to the RTUs in the field.


SCADA application areas

• Electric power generation, transmission and distribution

• Water and sewage

• Buildings, facilities and environments

• Manufacturing

• Mass transit

• Traffic signals


Critical SCADA systems

• Failure of controlled systems can lead to direct loss of life due to equipment failure or indirect losses does to failure of critical infrastructure controlled by SCADA systems

• SCADA issues are therefore– Safety and reliability

– Security

• SCADA safety and reliability– Needs specific safety analysis techniques for PLCs

because they are programmed in a different way (ladder logic)

– SCADA systems usually have redundancy and backup, which contributes to the availability of these systems


SCADA generations

• 1st generation (1970s). Co-located control– Controlled units were on the same site as the

controlling computer with hard-wired connections between them

– No network so no potential for external attack. Very limited chance of insider attack because operation by teams rather than individuals

• 2nd generation (1980s/90s) Distributed control– SCADA systems networked with devices using

special-purpose protocols

– No external network connection

– Vulnerable to insider attacks because of distributed sites


SCADA generations

• 3rd generation (2000s). Networked systems– SCADA systems no longer isolated but connected to

external networks

– External connection through computers (particularly PCs) that are directly connected to the Internet

– May also interface with other Internet-connected systems such as manufacturing control systems

– More use of standard protocols such as TCP/IP for communications

– Remote system monitoring and upgrades from providers requires network connection


SCADA security

• Security is a particular concern for SCADA systems

– Considerable potential for large-scale damage to critical infrastructure by attacker

– Security through isolation. SCADA systems, historically, were unconcerned with security because they were isolated systems

– Security through obscurity. Non-standard programming languages and protocols used.


Security through isolation

• If a system is not connected to the Internet, then it cannot be penetrated by attacks from the Internet

• Until recently, SCADA systems were isolated networks. But now:

• Direct connections to vendors for maintenance, stock ordering etc.

• Connected to enterprise systems, which in turn are on the Internet.

• PCs used by operators may be multi-functional and internet connected

• Operators transfer information using USB drives


Security through obscurity

• Approach to security that is based on the fact that information about a system is not widely known or available so few people can successfully attack system

– Susceptible to insider attack – those who know the information

– SCADA systems are sold globally – therefore information is available to other countries who may be potentially hostile

– Information on SCADA systems can be stolen and used by attackers


SCADA connectivity

• SCADA systems are now progressively reliant on standard IT technologies and protocols(Microsoft Windows, TCP/IP, web browsers, wireless technologies, etc.)

• No longer able to rely on security by isolation and security through obscurity


SCADA legacy systems

• There are a huge number of 2nd generation SCADA systems that are still in use and are likely to remain in use for many years

– Infrastructure systems can have a 20+ year lifetime

• However, these are now being ‘updated’ with new equipment which is network-connected

• These older legacy systems were developed without security awareness and so are particularly vulnerable to attack


Common SCADA vulnerabilities

• Weak passwords

• Open to port scanning to discover SCADA systems on network

• Lack of input validation –buffer overflow and SQL poisoning

• Unencrypted network traffic


SCADA security challenges

• Infrastructure providers and SCADA developers have no background in IT security

• Not always possible to use standard security tools and techniques:

– For example, It may not be possible to install anti-virus protection on process control systems, owing to the lack of processor power on legacy systems, the age of operating systems or the lack of vendor certification.

– Security testing on process control systems must also be approached with extreme caution – security scanning can seriously affect the operation of many control devices.

– There are sometimes few opportunities to take the systems off-line for routine testing, patching and maintenance.


Improving SCADA security

• Government and industry reports to raise awareness of SCADA security issues

• Establishment of bodies (CPNI) specifically concerned with infrastructure protection

• Need for regulators to become involved – security certification

• Better security education and training for SCADA developers


Key Points

• SCADA systems are the most common control systems for large-scale national infrastructure

• These systems coordinate and communicate with a network of sensors and actuators that control equipment such as valves and pumps

• SCADA systems are often old systems that were built without security concerns – therefore are vulnerable to external attack

• Government organisations are seriously concerned about the vulnerability of these systems to failures and attack

cs 5032 l18 critical infrastructure 2: scada systems

Documents

scada systems scada

scada generations

scada supervisorycontrol

scada masterunit

scada functionality

scada systemslide

scada master units

critical control systems