Using Free Tools To Detect Attacks On SCADA Networks
2015-05-09

ICS/SCADA experts say open-source network security monitoring software is a simple and cheap way to catch hackers targeting plant operations. Operators at Natanz nuclear facility in Iran might well have caught Stuxnet before it spread and sabotaged operations at the plant if they had been watching the wires for anomalous network traffic, a pair of ICS/SCADA experts say. Rob Caldwell and Chris Sistrunk of Mandiant, a FireEye company, say network security monitoring is a simple and inexpensive technique for detecting attack attempts against power plants and other ICS/SCADA environments. Various free open-source monitoring tools can help spot unusual file traffic or command and control communications.

Hackers gain full control of critical SCADA systems
2015-05-09

Russian researchers have found vulnerabilities in industrial control systems that they say grant full control of systems running energy, chemical and transportation systems. The vulnerabilities were discovered by researchers who over the last year probed popular and high-end ICS and SCADA systems used to control everything from home solar panel installations to critical national infrastructure. Positive Research chief technology officer Sergey Gordeychik and consultant Gleb Gritsai detailed vulnerabilities in Siemens WinCC software which was used in industrial control systems including Iran's Natanz nuclear plant that was targeted by the US Stuxnet program.

SCADA Attacks Double in 2014
2015-05-06

Annual threat report from Dell Security shows not only a significant surge in the number of attacks on retail credit card systems, but industrial SCADA systems as well, which are much more likely to go unreported.
For Dell to report an annual surge in point-of-sale (POS) attacks aimed at payment card infrastructures might not be such a surprise to people who pay any attention to the news. We know that the retail industry was hit hard by cybersecurity attacks in 2014—Target wasn’t the only target, so to speak, though it got the year started, and was the largest breach in the history of U.S. retail until Home Depot was hit even harder later in the year. There were also significant attacks on Michaels, Staples, Goodwill and more.

The Industrial Software Revolution Begins Now
2013-10-16

Invensys is kicking off the conference “The Industrial Software Revolution Begins Now” and underscoring the ‘revolution’ concept with the release of its Wonderware InTouch 2014 and Wonderware System Platform 2014 software. Loaded with new capabilities behind the scenes in its System Platform and upfront in its flagship HMI and supervisory software, these new releases function in tandem to improve operator awareness, optimize performance and minimize disruptions during startup, operation and shutdown. The major focus of this combined software release is “situational awareness.

Integrating Video into HMI/SCADA
2012-06-29

The useful integration of video with industrial control systems has been a reality for a few years, but a burst of applications and installations is on the horizon. Cheaper bandwidth, wide availability of Internet protocol (IP) cameras, and greater familiarity with industrial Ethernet networks seem to be driving user interest. Basic video integration is just easier now, but good use of video takes some planning. “Video integration became economically viable about four years ago,” says Neil Peterson, senior manager, wireless marketing, for Emerson Process Management. “In that time, we’ve been investing in integrated solutions. Price points have come down and availability is up. Supply creates demand, and customers are calling us now.

AdvancedHMI - a different approach to HMI development
2012-06-14

AdvancedHMI base package is a free software used to build HMIs that display information residing in a PLC. You will find it to be one of the fastest platforms to build an HMI with. The software takes advantage of the Visual Basic .NET development environment so effort is focused on the core software and not reinventing a development environment. Since all VB remains accessible, no need to try to accomplish complex things with a crippled scripting language. This gives the most flexible and expandable HMI software available.

No runtime fees! No fees for development environment! No fees for base tool set! The first thing you will notice are the photorealistic graphics. They are the best available.

Web Services and SCADA
2012-06-12

Web services can be another method for connectivity to SCADA and MES systems. They can retrieve tomorrow's weather, the price of stocks or commodities, the time of sunrise and sunset, and a slew of other publicly-available resources. They can also interact with many different ERP and middleware systems, but the problem has been complicated by three factors:

  • There are many web service standards; in fact, too many.
  • Data formats are wildly variable and can include many nested structures.
  • Responses can dynamically return a varied number of data elements every time.

As regards Ignition, the question has always been how to deal with these factors in an elegant way.

SCADA virtualisation with WinCC Version 7
2011-12-21

As automation solutions become increasingly complex, it follows that the effort required to maintain both hardware and software will also increase. PCs must be provided with suitable specification and operating systems to support the applications. Whilein operation, these systems must be constantly reviewed and updated normally through the application of security patches, updates and service packs. This will apply to every installed system and application program during the lifetime of the system.

To reduce the amount of ongoing administration and maintenance effort associated with update issues, the automation world is turning increasingly to virtualisation and the opportunity it provides to decouple applications from hardware.

Cloud-Based SCADA Systems: The Benefits and Risks
2011-12-20

Cloud computing is a hot topic. As people become increasingly reliant on accessing important information through the Internet, the idea of storing or displaying vital real-time data in the cloud has become more commonplace. With tech giants like Apple, Microsoft, and Google pushing forward the cloud computing concept, it seems to be more than just a passing trend. Recently the focus of cloud computing has started to shift from consumer-based applications to enterprise management systems. With the promise of less overhead, lower prices, quick installation, and easy scalability, cloud computing appears to be a very attractive option for many companies.

An alternative to DCS or PLC/SCADA
2011-10-04

Traditionally, users have had a choice between a DCS or a PLC/SCADA approach when selecting a control system for use in process control applications. A key benefit of traditional DCSs was that the suppliers took a ‘systems approach’ and it was designed for large scale applications. Much of the work of integrating different parts of the system was taken care of by the DCS vendor by using a single database for the complete system. The DCS approach is to configure the system using standard control objects and faceplates, reducing engineering and providing standardisation. Most DCSs also offer fieldbus communications, tools for process optimisation and asset management packages to improve maintenance.

Trend Web
2011-05-09

Trend Web allows access to trending information from anywhere in the world and at anytime. Based upon ActiveX technology which can be embedded in a web page, Trend Web is automatically downloaded and installed on a user's computer the first time they bring up the page. No manual install or licensing procedure is required for the end user. Trend Web is suited for the user who needs remote access to view their data in a limited way. For example, a plant manager can receive an automated phone call from the plant if an alarm condition occurs. He can quickly get online to view the data at home before deciding if it is necessary for him to make an emergency trip into work. Another use is to give management or customers an update that is not a static report, but is current and up to date.

Protecting ICONICS GENESIS SCADA HMI System from Security Vulnerabilities
2011-05-09

Luigi Auriemma published thirty-four SCADA product vulnerabilities against four SCADA products (the complete list of vulnerabilities and companies is provided in the earlier article). Eric Byres and Joel Langill have tested the vulnerabilities and today they are releasing a White Paper that analyses the ones regarding ICONICS GENESIS32 and GENESIS64 products. The paper summarizes both the current known facts about the vulnerabilities and the actions that operators of SCADA and ICS systems can take to protect critical systems. While there are no known viruses, worms, attack tools or automated exploit modules using the ICONICS GENESIS vulnerabilities, they do represent a significant threat.

49 CFR 195.446 Control Room Management Regulations
2011-02-24

Choosing a SCADA based only on the human-machine interface (HMI) and a few performance features of the remote terminal unit (RTU) could paint you into an expensive corner when attempting to comply with 49 CFR 195.446. Understanding those regulations and keeping their requirements in mind when evaluating and choosing a SCADA system could save time, money and a lot of headaches.

In developing the new regulations, the U.S. Pipeline and Hazardous Materials Safety Administration (PHMSA) has recognized that pipelines carrying hazardous liquids have unique characteristics as compared to other applications requiring SCADA systems. Regulation 49 CFR 195.446 addresses these by requiring specific improvements in control room management and change management.

Simulating and Modeling the Virtual Plant
2011-02-24

A steel processing plant in South Africa needed to upgrade its Wonderware InTouch 7.0 to version 9.5. Plant operators tried the initial upgrade and no errors were reported. But the implementation on the live system was a disaster. Work-in-process sheet metal ended up in the trash. Because of the plant’s dependency on the supervisory control and data acquisition (SCADA) system, especially the database-logging process of the steel coils’ work-in-process, they had to revert to the old SCADA system. Plant operators brought in system integrator AMR Automation. “They originally tried to do it themselves and they failed,” says Andrew Rennie, president, AMR Automation, in Cape Town South Africa. “We realized they have a 24/7 plant. They don’t stop.

OpteBiz Uses Ignition To Build Standardized Connectivity Package
2010-11-28

Delays. System failure. Maintenance. Miscommunication. What do these all have in common? Downtime and efficiency loss. Reducing downtime pays big dividends for manufacturing companies. Having part of the operations down for even a few hours can result in thousands of dollars in lost revenue. But the biggest hurdle to solving these issues is knowing when and why certain process components are down—whether mechanical, technical or human—and being able to take proactive steps in lessening or foreseeing a factor before it causes a loss of time.

Wireless SCADA
2010-11-17

Wireless SCADA is required in those applications when wireline communications to the remote site is prohibitively expensive or it is too time consuming to construct wireline communications. In particular types of industry like Oil & Gas or Water & Wastewater, wireless SCADA is often the only solution due to the remoteness of the sites. Wireless SCADA systems can be built on private radio (licensed or unlicensed), cellular or satellite communications; each of these has its unique set of characteristics.


Private Licensed (i.e. UHF) Private License-free (i.e. SS) Cellular (i.e.

How To Use the Software Development Kit For Ignition
2010-10-13

The Module SDK is for experienced developers who want to develop modules for Ignition; it is not geared towards beginner users. Proficiency with Java is required and familiarity with Eclipse and Ant are recommended, though you are free to use the IDE and build tools of your choice. The Module SDK is available with the rest of the Ignition downloads at An Ignition module is just a collection of JAR files that can be dynamically loaded and unloaded and an XML descriptor that lets the gateway know how to do so. These files are zipped and given a .modl extension. Vision, SQLBridge and the OPC-UA server that come with Ignition are all simply modules developed using the same APIs that are available in the Module SDK.

Trends in HMI
2010-08-26

What are latest trends in HMI? And what should you look for or be aware of, when you browse the market in search for new HMI solutions? The purpose of this white paper is to outline and describe some of the most recent key trends in software driven industrial HMI solutions. HMI solutions take on inspiration from consumer-oriented products like mobile phones, MP3 players, etc. with advanced graphics resulting in user-friendly and intuitive user interfaces.

Trend 1: HMI as an integrated part of a user experience

The significance of user interfaces has become increasingly clear over the last years. Think of Apple`s products, e.g.

SCADA security: understanding your risks
2010-08-26

Being at the hubs of today`s transmission and distribution grids, SCADA systems have received a great deal of attention. The focus on infrastructure security has grown exponentially in the last decade due to various cyber threats and other vulnerabilities—casting a microscope onto an industry to which, since inception of mass power generation and distribution, has never had such scrutiny. The SCADA market has been evolving over the last 20+ years with functionality, scalability and interoperability at the forefront.

OPC UA and next generation of HMI
2010-08-26

There have been many columns written over the last year regarding the World Wide Web and society’s ever growing reliance on the Internet as an information transfer mechanism. In every aspect of our lives, devices are being interconnected by the Internet and controlled by mobile HMIs (i.e. cell phones, iPhones, and PDAs). Home entertainment systems, security systems and even power systems are now being connected to laptops and mobile devices via the web. As our love for web services sweeps our personal lives, one must consider what impact the desire for web services may have in the automation arena. From the OPC Foundation perspective, plants using OPC UA are now opening devices [on all levels of the enterprise] up to complete and secure interoperable data exchange.

Improving SCADA Operations Using Wireless Instrumentation
2010-07-07

Integrating wireless instrumentation with SCADA systems can drive operational efficiency and reduce deployment costs. The use of wireless instruments in pipelines and gas production operations has been gaining momentum over the past few years. Driven by cost cutting measures and the need to gain more operational visibility to meet regulatory requirements, wireless instruments eliminate expensive trenching and cabling while providing access to hard-to-reach areas using self-contained, battery-powered instruments. However, SCADA engineers and operators are facing the challenge of integrating wireless instrumentation networks with other communication infrastructure available in the field.

Securing SCADA and Control Networks
2010-07-06

Early SCADA (Supervisory Control and Data Acquisition) and control networks consisted primarily of isolated islands of proprietary hardware and software. In recent years however, the availability of control equipment based on open standards such as Ethernet, TCP/IP and Windows PC has led to an explosion in the complexity and 'interconnectedness' of these systems. Tremendous improvements in plant performance and productivity have been realized through these changes; however, these productivity gains will not continue in the future without corresponding security improvements in these systems. In addition, safety-critical plants such as chemical, power, and oil and gas facilities can put human safety at risk if their control networks are not properly secured.

Optimize automation with advanced design HMI and visualization with zenon 6.50
2010-07-06

Modern production processes are, like the machines and systems used in them, characterized by considerably increased complexity. The interface between these complex systems and the people that monitor and control them plays a key role in the management of these processes. From HMIs to fully fledged control room applications, the operator has the same needs in terms of perception and visual guidance: complex control functions must be created in a clear and logical manner, so that the user can work as intuitively and safely as possible. Visualization is, and will, remain a key task of HMI/SCADA. And visualization is the key to optimizing processes.

Web Browser Solution Using ActiveX
2010-06-23

The web browser has become an indispensable part of our lives. This also applies to SCADA/HMI systems, where users want to be able to monitor and control using their favorite browser. However, the security and performance aspects have been major obstacles in obtaining secure and fast supervision. But with the current internet bandwidth and connection speeds, supervision in IGSS with a web browser is feasible, secure and fast.


  • A Terminal Server with the appropriate number of client licenses
  • IGSS must be installed on the Terminal Server
  • The client must have a browser supporting ActiveX

      How it works
      • The client enters the terminal server URL in his browser.
      • The client logs on with his user name and password.

Zenon documents HMI/SCADA projects with 1 click
2010-06-02

Even the smallest project requires documentation, whether it is simply a book explaining the symbols in the HMI/SCADA project (inputs and outputs, colour coding, etc) or a full, picture by picture definition of all symbols and variables. It can take system integrators weeks to document a typical HMI/SCADA system. This represents significant engineering cost and short cuts can result in a lack of proper documentation which leads to future problems.

The solution: Automatic Engineering with zenon. zenon’s system integrators have long enjoyed automatic engineering tools, such as project creation wizards that can save weeks of engineering time by streamlining the design process and automatically defining variables.

Trends in SCADA
2010-06-01

There is a trend for PLC and HMI/SCADA software to be more "mix-and-match". In the mid 1990s, the typical DAQ I/O manufacturer supplied equipment that communicated using proprietary protocols over a suitable-distance carrier like RS-485. End users who invested in a particular vendor's hardware solution often found themselves restricted to a limited choice of equipment when requirements changed (e.g. system expansions or performance improvement). To mitigate such problems, open communication protocols such as IEC870-5-101/104 and DNP 3.0 (serial and over IP) became increasingly popular among SCADA equipment manufacturers and solution providers alike.

Securing a system means a lot more than disconnecting it from the Internet.
2010-06-01

Several people responded on-line to my article about SCADA security vulnerabilities, and others wrote directly to me. A common thread seems to be "disconnect those machines from the Internet!" While I generally agree with the sentiment, there's more to security than installing an air gap.

One reader who wishes to remain anonymous wrote: "A few interesting thoughts, first disrespect leads to carelessness, carelessness leads to very bad things happening. For example 3Mile Island was caused by a person ignoring the warning systems and halting them from scramming the reactor automatically. They said "this can't be happening". [Note from Jack: That was also true at Chernobyl - experts just didn't believe an explosion was possible, even after the event.

Integrating proprietary serial and Ethernet devices with SCADA/HMI systems
2010-06-01

To write a driver, or not to write a driver? Developers dont usually have a choice if a driver is not available, but new tools are making the job easier. An experienced Supervisory Control and Data Acquisition (SCADA) integrator explains how one such tool is speeding up the process of integrating OLE for Process Control (OPC) hardware.

When starting a SCADA project, developers must first identify the installed devices and controllers to determine how they will interface with the SCADA system. Most of the time, a programmable logic controller with one or more I/O drivers will be available. With OPC’s growing popularity, hardware connectivity is becoming less difficult.

However, connecting to devices that lack an available driver often presents the greatest challenge.

GE Intelligent Platforms Unveils Controller Solution
2010-05-31

Using GE Intelligent Platforms' PACSystems RX3i controllers and Series 90 PLCs and coupled with Proficy CIMPLICITY HMI/SCADA software, Bay designs systems that instantaneously respond to the infinitely variable demands and pressure conditions associated with aircraft fueling.

Hydrant fueling systems typically feature a minimum of two tanks, one dedicated to receiving fuel and the other dedicated to dispensing fuel. Both tanks incorporate pump houses with two to 10 identical fueling pumps handling individual capacities from 600 to 1,200 gallons per minute. Corresponding capacity filter separators, control valves, and instrumentation for starting and stopping the pumps are incorporated as determined by flow rate demands.

Interent SCADA from Outlaw  Automation
2010-05-27

The Internet is robust and often an integral part of our everyday operations, without it we would be lost. SCADA systems continue to evolve and as we see better connectivity and speed on the Internet, we also are seeing more Web-based applications . One such application located at is the latest offering for an online SCADA modbus/ROCtalk polling HMI system. This system allows the use of managed servers to run the polling and database application - the SCADA customer simply connects to a website and secure login to view/edit/manage the data collected.

SCADA Communications using Radio, Microwave, and Satellite
2010-03-28

In most cases when Automation or SCADA personnel are faced with dealing with deploying wireless SCADA communications you will be dealing with communications professionals including communications engineers and technicians. In a few cases some Automation or SCADA personnel have the proper FCC licenses, knowledge, and experience to design and deploy their own wireless system. Communications professionals deal with designing, installing, and maintaining communications systems media including radio, microwave, satellite, phone, and in some cases , your business LAN and WAN infrastructure.

Media Types.

 Dave's Top Ten Reasons Why SCADA Systems don't Work
2010-03-28

The purpose of this article is to identify the predominant reasons why some SCADA systems don't work well or suffer from intermittent performance issues. Ever have a problem with your system that you just can't put your finger on? Or you have been living with the problem or know about the problem but do not know what the solution may entail? Or maybe, the customer is just not making full utilization of the system you installed last year. If so, take a look below. You may find an answer or at least an idea where to investigate.

Reason #1. Poor SCADA Communications Performance due to Lack of Organization of the PLC/RTU Database

Most system integrators blame low SCADA system communications performance on inadequate bandwidth.

SCADA goes long
2010-03-28

Supervisory control and data acquisition (SCADA) is the technology we use to control processes that extend over long distances.  Occasionally, in a plant, there are parts of the process that are so far away from the control room that a SCADA system can be included in the plant distributed control system (DCS) to reach them. Usually controlling these processes is simple, involving measuring flows or temperatures, monitoring alarms, opening or closing valves, turning motors on or off, opening or closing switches, and adjusting set points on controllers located near the process.  While this control is simple, it is usually very important.  Also, the speed with which we respond to information about these processes is not critical—the response time is not urgent.

Free OPC-UA Server For Linux Platform
2010-03-24

Inductive Automation has introduced the first cross platform OPC-UA server on the market, known as Ignition OPC-UA, it forms the basis of Ignition by Inductive Automation, the most recent release of its combined HMI, SCADA and MES solution, but can be used either in conjunction with the rest of the platform or on its own. "With the operating system wars moving into high gear and with the recent widespread adoption of OPC-UA by major software vendors, there was really no other choice than to develop a fully cross-platform, OPC-UA-based solution," explained Inductive Automation president Steve Hechtman. "Ignition is the Swiss Army knife of the industrial software business, and represents a major step forward in continuing our mission of opening up plant data across the enterprise.

SQLTags Historian Makes Storing and Charting Historical Data Fast, Efficient, and Easy
2010-03-19

Logging process data for the purposes of charting and reporting has long been, and continues to be, one of the most popular uses of Inductive Automation's software. For our new release, Ignition by Inductive Automation, we've introduced a feature called SQLTags Historian that makes storing and charting history faster, more efficient, and easier than ever before.

SQLTags Historian builds on the success of our SQLTags realtime tag database system. There are only two steps to using the SQLTags Historian. First, you must configure a connection to a supported database, such as MySQL, SQL Server, or Oracle. Second, you simply select the "Store History for this Tag" option on any of your tags.

Water and Wastewater Infrastructure Monitoring with SCADA
2010-03-16

When your business covers hundreds of square miles, the health of your infrastructure becomes very important, as in this example of a typical, large water company, serving the water and wastewater needs of over 300,000 people. On an annual basis, the company manages over 94,000 Acre Feet of water, enough to cover their entire territory under almost ten inches of water.

The system relies on automation spread out over hundreds of remote sites, from sewage lift stations to 1000-ft. or more deep fresh water wells. This part of the country is far from flat, and the distribution of remote sites requires a vast network of fiber optics, wire and radio technology.

Build vs Buy HMI Interface
2010-03-04

Many of the machines and vehicles in daily use in commercial and industrial settings worldwide feature displays and touch pads for operator input and control. These devices are known as Human-Machine Interfaces or HMIs, but are also commonly called Operator Interface Terminals and Mobile Data Terminals. As the main means of communication between machines and their human operators, HMIs must be functional, durable and reliable. In many cases, they must be ruggedised to operate in extreme conditions, impervious to heat, cold, dust, liquids, shaking, jarring or other environmental hazards.

New HMI technologies in SCADA systems
2010-03-01

Unmanning and remote process operation can lead to lower plant costs, but choosing the right equipment is paramount to the safety and effectiveness of this technology, writes Eduard van Loenen. Driving down the operational cost of process installations across different industries and markets by using more sophisticated automation systems and applications has been an ongoing process for years. An important part of this has become the tendency of unmanning and remote operations of process installations, leading to an investigation of which applications and new technological developments allow this to be realised in a safe and cost effective manner. Today’s SCADA systems are perfectly positioned to facilitate the technology, infrastructure and functionality to achieve these aims.

Real-time Visual Management for SCADA/HMI Applications
2010-01-26

SCADA systems allow the automation of complex industrial processes where human control is impractical. However, with all the raw data and real-time updates pouring in, it can be difficult to decipher what is going on and how to respond. All the numbers on your screen, flashing lights, and blaring alarms still leave you in the dark. Was the security alarm triggered by an actual intruder or accidentally set off by a new technician? Or maybe it was that darn stray cat again. What is missing from this picture? Simply this-the picture. As helpful as the raw data can be, they still do not provide the entire picture. The solution is real-time visual management.

Utilizing cellular technology with SCADA applications
2010-01-26

Cellular is everywhere. Cellular phones make our live much easier than it was before. We can be reached everywhere and we can get information and plan our time much more efficiently than before. The cellular technology can be also used with SCADA applications to improve productivity, increase plants’ uptime and prevent damages. The device that makes the difference is the cellular modem. The cellular modem is very similar to a cell phone. The difference is that it has no keypad or screen. There are two types of cellular modems: GSM and CDMA. Cellular modems can be used for data communication and text messaging (SMS). Cellular modems can send and receive text messages. Cellular modems have a number similar to a cell phone number. The cost of a cellular modem is between 100$ to 200$.

All about SCADA
2010-01-26

SCADA systems have made substantial progress over the recent years in terms of functionality, scalability, performance and openness such that they are an alternative to in house development even for very demanding and complex control systems. SCADA stands for Supervisory Control And Data Acquisition. As the name indicates, it is not a full control system, but rather focuses on the supervisory level. As such, it is a purely software package that is positioned on top of hardware to which it is interfaced, in general via Programmable Logic Controllers (PLC's), or other commercial hardware modules.

SCADA systems are used not only in industrial processes: e.g.

Nessus 3 SCADA Plugins
2010-01-26

Tenable has released 32 plugins for Nessus 3 which specifically test SCADA devices. These plugins were the result of a four month research contract between Tenable Network Security and Digital Bond. This blog entry details how to obtain the plugins, strategies for using them with Nessus and strategies for using them in concert with Tenable products such as the Security Center and Passive Vulnerability Scanner.

Availability and Compatibility

All Direct Feed and Security Centerusers will receive these plugins through a plugin update. The SCADA plugins are only available to Tenable Direct Feed or Security Center customers.

The evolution of SCADA/EMS
2010-01-25

Power networks are complex systems that cannot be efficiently and securely operated without an energy management system. ABB is the global leader in energy management systems with more than 5,000 installations worldwide - more than any other company.


SCADA/EMS (Supervisory Control and Data Acquisition/Energy Management System) supervises, controls, optimizes and manages generation and transmission systems. SCADA/DMS (Distribution Management System) performs the same functions for power distribution networks.