SCADA Articles on SCADA World

SCADA security: understanding your risks

2010-08-26 15:54:38views: 1112Marcel Van Helten, Global Industry Director, Infra

SCADA security: understanding your risks

Being at the hubs of today`s transmission and distribution grids, SCADA systems have received a great deal of attention. The focus on infrastructure security has grown exponentially in the last decade due to various cyber threats and other vulnerabilities—casting a microscope onto an industry to which, since inception of mass power generation and distribution, has never had such scrutiny. The SCADA market has been evolving over the last 20+ years with functionality, scalability and interoperability at the forefront. For example, SCADA Software has evolved from being a programming package that enables quick development of an application to visualize data within a PLC to being a development suite of products that delivers powerful 3D visualizations, intelligent control capabilities, data recording functions, and networkability. With SCADA systems advancing technologically and implementations becoming increasingly complex, it’s difficult to know where to start in securing the entire system. NERC standards have taken aim at ensuring that critical SCADA systems are more secure, and companies are reviewing their information security systems and standards to conform to these new regulations. Yet what many companies fail to realize is that these regulations are designed to ensure reliability—not to secure the entire system.

Vulnerabilities of a SCADA system

To minimize existing security gaps, companies need to first understand where potential vulnerabilities typically lie within the system. Powerful software features, along with the advancements in automation hardware and industrial communications, have made power and energy control systems multi-layered, complex and susceptible to threats. A SCADA system’s level of security is best understood if broken down into two major elements: Communication and Software Technology.


Communication advancements have made large-scale SCADA system implementations successful for electrical generation, distribution and transmission applications. There are two levels of communication that exist within the system—information technology (IT) and the field, which have notable security level differences. IT – Components of the SCADA system are modular, not only to allow for easy troubleshooting but also to distribute the computing load and eliminate a single point of failure. It is not uncommon to have multiple thick, thin, web and mobile runtime clients connected to the main SCADA server hub over an internal Ethernet-based network, but in some cases, systems may use external leased lines, modems, wireless, cellular, or satellite technologies in order to cover the vast distances that a power grid SCADA system demands. The main SCADA server hub also consists of multiple networked servers to distribute the load, ensure uptime and store the mass amount of data. With these components all networked in some way, they use standardized common protocols to transfer data—all of which are largely unencrypted, requiring weak or no authentication. Field – With the industry adopting standardized communication protocols such as DNP3 and IEC61850, a wide variety of SCADA software can communicate with remote substations, devices and RTUs with minimal effort. This communication is typically two way and facilitates the system’s ability to perform binary functions such as the opening and closing of switchgear, relays, diverters and more. The general ideology when these communication protocols were developed was to keep it simple with a high level of reliability, which left the integration of data encryption out of the design.

Software Technology

Software has largely become feature-bloated as companies keep adding new features while maintaining all of the existing ones, increasing the complexity of software security. There are two separate but interdependent software technologies in the system, the SCADA software and the Platform Operating System, which have distinct differences when it comes to security. SCADA Software - Most SCADA software installations have either external network connections or direct Internet-based connectivity to perform simple remote maintenance functions and or connect up to enterprise systems. While these types of connections help companies reduce labor costs and increase the efficiency of their field technicians, it is a key entry point for anyone attempting to access with a malicious intent. Platform Operating System – More and more utilities choose to utilize operating systems that employ elements of consumer or “open” source operating systems such as Windows Server, Linux and Unix variants to reduce costs. This trend toward consumer-based technologies has made proprietary custom, closed, highly secure systems a direction of the past, but it increases the risks. Also, due to the fact that SCADA systems are complex and contain multiple layers of technology, even a simple system patch is a major undertaking that requires planning, funding and time. The risk elements are also substantial because many systems now rely solely on their SCADA system for visualization, data recording and some control elements. And to this point, some utilities hold back on patches, service packs and upgrades, while others choose not to apply any new patches, employing a “it works, don’t touch it” policy. Some would say that even if utilities could keep their platforms current, with the fast pace of consumer-based operating systems and large number of system exploits, platform operating systems connected to the internet are the single largest security risk in the system.

The inherent security of system designs minimizes some risks

The good news is that some vulnerabilities are minimized by the nature of the electrical system and their SCADA software designs, whereby the fundamental principles and canons of engineering mandate safe and reliable systems and provide a level of security against terrorism. Looking closely at a sample design ideology, the general design rule can be surmised by “if a single point of failure exists, protect it or provide secondary means,” and system design engineers use this rule for all levels of the system.

• Software: With many viewing SCADA software as a visualization tool that provides a means for dynamic operator input and visualization as a flexible information terminal, the reality is that software capabilities are much more exhaustive. When elements are added such as control and logic capabilities, system engineers must examine the risk from a potential failure standpoint and the extent of control that is allowed without being in sight of the component(s) being controlled.

Software is also developed from the operator’s perspective and uses company guidelines throughout the application to ensure the operator is controlling with intent. For example, the “select before operate” design philosophy is typically used in SCADA applications, which requires the operator to select an item on the screen, pull up the controlling elements, then operate the item and finally confirm in order to send the command. While this may seem like a simple ideology or a drawn out process, the intentional design ensures an operator’s actions are deliberate as opposed to hastily reacting to an urgent situation.

• Hardware: At this level, design engineers employ many techniques to ensure safe control, either physically or by the SCADA software. Thousands of individual devices & remote terminal units (RTUs) can exist in a system and are typically implemented with an area-based manual or automatic control selection; field technicians use manual control to perform maintenance or to address a software failure—locking out the software control and establishing local control.

Additionally, when engineers and electricians design and install this level of the system, many hardware-based fail-safes are built in. Items such as fusing or interlock logic to which examine the local situation so when the electrical components are commanded by the software, there is a hardware level of checks to ensure it can be executed. This protects the system from unsafe or even incorrect software control. Furthermore, many critical applications use triple and quad redundant logic controllers to ensure continuous operations. The design philosophies drive a holistically safe and secure environment, which can severely impede an intruder’s ability at the SCADA software level to trigger a massive destructive event like surges, explosions or overloading.

Be proactive: Enhance your security with software capabilities

Even the safest system design and NERC standards cannot secure a system 100%, and therefore, companies should not rely on them wholly to protect their systems. Those that make this realization today can take a proactive approach to enhancing security in their new systems upfront rather than retrofitting them later.

Off-the-shelf SCADA vendors offer software security-based elements that companies can leverage in their systems to minimize the security gaps, including:

  • Biometrics – When bio-security elements are integrated to the system, customers can program their system to require finger scans to perform specific functions such as switching on and off the grid’s main switchgears, which ensures that the appropriate person be physically present to execute the order. This type of integration eliminates the possibility of a hacker performing the same operation virtually—reducing the overall potential impact and enhancing the overall system security.
  • Electronic Signature – Many view this option as a simple reporting tool, however the features are much more comprehensive. For example, it can introduce authentication potential at the command level to verify the user performing the operation with a user name and password as well as a separate authentication, typically a manager, for verification. The information is then stored in a system audit trail that can be recalled in the future; some customers also choose to integrate this feature with biometrics to eliminate the use of a single, widely known user name and password.
  • Trusted Connections & Client/Server Data Encryption – Some off-the-shelf SCADA software products now have built-in features that limit the allowable client connections to known computers and use integrated data encryption for client communications. This eliminates the possibility of a terrorist or hacker simply loading the SCADA client and connecting over the network.
  • Domain Authentication – To leverage complex alphanumeric passwords at the SCADA level, some software packages offer an add-on capability that introduces Windows Domain Authentication security integration. The application maps group memberships to the SCADA roles and when integrated, the users and subsequent passwords are managed at the IT level. This allows for the SCADA application to leverage existing group IT level policies, which are typically very stringent and can exceed NERC requirements.

Funding in today’s business climate

Improving an overall system’s security can be a costly endeavor, and companies must find the right balance between spend, design and process to make their systems safe. This is especially true as companies face increasing cost reductions mandated in today’s challenging economic environment. In response, off-the-shelf SCADA vendors have developed industry solution packs that include specifically tailored tools to help reduce development and overall system costs. For example, GE Fanuc Intelligent Platforms’ iPower offering provides complete pre-developed SCADA drag-and-drop elements, graphics, toolsets and configuration tools that significantly reduce both the initial and ongoing costs associated with SCADA software. As a result, these packs enable cost savings that companies can re-route into additional security software and hardware to augment the inherent safety of their systems—reducing overall vulnerability.


The vulnerabilities of SCADA systems pose a serious threat, and the complex nature of the multiple technologies make it difficult to completely secure our utility infrastructures. But companies can minimize their security gaps if they better understand where vulnerabilities exist and what options are available to address those susceptible areas. They must also realize that NERC standards are a step in the right direction toward critical infrastructure protection—and that the inherent safe design of most SCADA systems offer some protection—but are by no means enough to fully protect their systems. A proactive approach, which can include the implementation of off-the-shelf enhanced security capabilities, can significantly minimize risks and costs for a sustainable competitive advantage.

Contact details: Marcel Van Helten, Global Industry Director, Infrastructure E:, W:


SCADA Articles

Using Free Tools To Detect Attacks On SCADA Networks
2015-05-09 14:28:25views: 1864

ICS/SCADA experts say open-source network security monitoring software is a simple and cheap way to catch hackers targeting plant operations. Operators at Natanz nuclear facility in Iran might well have caught Stuxnet before it spread and sabotaged operations at the plant if they had been watching the wires for anomalous network traffic, a pair of ICS/SCADA experts say.

Hackers gain full control of critical SCADA systems
2015-05-09 14:04:07views: 1964

Russian researchers have found vulnerabilities in industrial control systems that they say grant full control of systems running energy, chemical and transportation systems. The vulnerabilities were discovered by researchers who over the last year probed popular and high-end ICS and SCADA systems used to control everything from home solar panel installations to critical national infrastructure.

SCADA Attacks Double in 2014
2015-05-06 07:17:15views: 1731

Annual threat report from Dell Security shows not only a significant surge in the number of attacks on retail credit card systems, but industrial SCADA systems as well, which are much more likely to go unreported.
For Dell to report an annual surge in point-of-sale (POS) attacks aimed at payment card infrastructures might not be such a surprise to people who pay any attention to the news.

The Industrial Software Revolution Begins Now
2013-10-16 11:33:59views: 2311

Invensys is kicking off the conference “The Industrial Software Revolution Begins Now” and underscoring the ‘revolution’ concept with the release of its Wonderware InTouch 2014 and Wonderware System Platform 2014 software.

Integrating Video into HMI/SCADA
2012-06-29 10:19:55views: 2594

The useful integration of video with industrial control systems has been a reality for a few years, but a burst of applications and installations is on the horizon. Cheaper bandwidth, wide availability of Internet protocol (IP) cameras, and greater familiarity with industrial Ethernet networks seem to be driving user interest.

AdvancedHMI - a different approach to HMI development
2012-06-14 10:46:48views: 1857

AdvancedHMI base package is a free software used to build HMIs that display information residing in a PLC. You will find it to be one of the fastest platforms to build an HMI with. The software takes advantage of the Visual Basic .NET development environment so effort is focused on the core software and not reinventing a development environment.

Web Services and SCADA
2012-06-12 23:06:33views: 1414

Web services can be another method for connectivity to SCADA and MES systems. They can retrieve tomorrow's weather, the price of stocks or commodities, the time of sunrise and sunset, and a slew of other publicly-available resources.

SCADA virtualisation with WinCC Version 7
2011-12-21 12:01:11views: 1353

As automation solutions become increasingly complex, it follows that the effort required to maintain both hardware and software will also increase. PCs must be provided with suitable specification and operating systems to support the applications.

Cloud-Based SCADA Systems: The Benefits and Risks
2011-12-20 22:57:31views: 970

Cloud computing is a hot topic. As people become increasingly reliant on accessing important information through the Internet, the idea of storing or displaying vital real-time data in the cloud has become more commonplace. With tech giants like Apple, Microsoft, and Google pushing forward the cloud computing concept, it seems to be more than just a passing trend.

An alternative to DCS or PLC/SCADA
2011-10-04 13:46:22views: 922

Traditionally, users have had a choice between a DCS or a PLC/SCADA approach when selecting a control system for use in process control applications. A key benefit of traditional DCSs was that the suppliers took a ‘systems approach’ and it was designed for large scale applications.