Sunday, September 25, 2016

SCADA Security

 Security for SCADA systems has in recent years become animportant and hotly debated topic. Traditionally SCADA systems were isolated entities that were the relm of operators enginners and technicians. Ths has meant that SCADA Host platforms were not necessarily developed to have protected connections to public networks. This left many SCADA host platforms open to attack as they did not have the toos necessary to protect themselves.

In terms of remote assets communicating back to a SCADA Host, security has been an issue for many years with numerous documented attacks on SCADA systems. However, it's only been in recent years that an open standard has been produced to provide secure encrypted and authenticated data exchanges between remote assets and a SCADA Host platform.

Conclusion of SCADA 
About Slave-to- Slave Messaging SCADA
Programmable Logic Controllers (PLCs)
Terminology of PLCs 
The L3GD203-Axis Gyro

Solutions for remote asset and SCADA host communication security have very different requirements. Security has to also be ciewed overall, and not just in terms of the SCADA system itself. For example, if somebody wanted to disrupt production, they would not necessarily need to access the SCADA system to do this. If a gas wellhead site or a monitoring pont on a gas pipeline is remotely situated, it could be easily compromised by a trespasser. If the asset is critically important, other solutions that may or may nit form part of the SCADA system itself would have to be considered. e.g. camera surveillance security.

A large number of unauthorised accesses to a SCADA system come not from or at the remote assets themselves but through the SCADA Host or coputers used to access the SCADA system for diagnostic or maintenance purposes. For example, the recent attack using the Stuxnet virus was introduced via a thumb drive on a computer used to access a SCADA system.

There are number of standards available that describe how to secure a SCADA system, not just in terms of the tecnology employed, but in terms of practices and procedures. This is very important since the security solution to SCADA is not a tecnological silver bullet, but a series of practices and procedures in conjunction with technologicalsolutions. These practices nd procedures would include items of training, SCADA Host access and procedures to follow when SCADA security has been compromised. In modern SCADA systems IT departements are integral to implementing and maintaining. SCADA security for an organisation and should be included in setting up practoces, procedures and implementing technologies.

Image Saurce: http://www.dts-solution.com
 
Source: Retyped From SCADA Systems White paper (Mrch 2012) by Schneider Electric Tekementry & Remote SCADA Solutions

SCADA Field INstrumentation
PLCs and RTUs
Remote Communications Networks
SCADA Host Sofware
SCADA Security

2 comments:

LinkWithin

Related Posts Plugin for WordPress, Blogger...

Artikel Terbaru