Your SlideShare is downloading. ×
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CS 5032 L18 Critical infrastructure 2: SCADA systems

1,415

Published on

1 Comment
2 Likes
Statistics
Notes
No Downloads
Views
Total Views
1,415
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
116
Comments
1
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • This is the parlance of CPNT
  • Transcript

    • 1. Critical infrastructure 2 SCADA systemsCritical Infrastructure 2,, 2013 Slide 1
    • 2. Infrastructure classes • Physical infrastructure – Physical facilities and assets such as pumping stations, pipelines, railways, roads, etc. • Digital infrastructure – Networks, software and physical facilities required for their operation, such as data centres • Organisational infrastructure – Services such as emergency services, medical services, government • Focus in this lecture will be on physical infrastructure and critical control systems for that infrastructureCritical Infrastructure 2,, 2013 Slide 2
    • 3. Control Systems • IT is used for monitoring and controlling infrastructure in almost all industries in the developed world – Oil and Gas – Railways – Power Generation and Transmission – Water Management – Manufacturing – Production PlantsCritical Infrastructure 2,, 2013 Slide 3
    • 4. Infrastructure control • Infrastructure equipment is usually controlled using special-purpose hardware and software • PLCs (Programmable Logic Controllers) are associated with specific components such as valves and switches • A SCADA (Supervisory Control and Data Acquisition) system is used to monitor and coordinate individual controllersCritical Infrastructure 2,, 2013 Slide 4
    • 5. Infrastructure control elementsMotorised Motorised valve Flow valve Water pipeline sensor PLC PLCCritical Infrastructure 2,, 2013 To SCADA system Slide 5
    • 6. Programmable Logic Controllers • Stand-alone units which are associated with a controlled element or a group of controlled elements. • Send signals to actuators associated with that element e.g. to motors that can open or close a valve • Usually have associated sensors that determine the state of the element itself as well as sensors that sense whatever is being controlled (e.g. gas flow) • Can act autonomously – e.g. to shut down an element or (more frequently) connected to a SCADA system that manages and controls all system elementsCritical Infrastructure 2,, 2013 Slide 6
    • 7. What is SCADA? • An architectural pattern for industrial control systems with many components that are often distributed over a wide area • A configurable software system that is used to implement large-scale control systems where: – Programmable logic units control infrastructure components – Data acquisition by remote terminal units (RTUs) – Data sent to control centre, running the SCADA system – Control Centre monitors system,displays system status and issues commands • Based on standard industrial communication protocolsCritical Infrastructure 2,, 2013 Slide 7
    • 8. SCADA functionality • A SCADA system performs four functions: – Data acquisition – Unit control – Networked data communications – Data presentatio A SCADA system controlling an electricity distribution networkCritical Infrastructure 2,, 2013 Slide 8
    • 9. Critical Infrastructure 2,, 2013 SCADA system architecture Slide 9
    • 10. SCADA system components • Remote stations with sensors (either digital or analog) and PLCs that directly interface with the managed system. • Remote telemetry units (RTUs). These are small computerized units deployed in the field at specific sites and locations. RTUs (Remote Telemetry Units) serve as local collection points for gathering reports from sensors and delivering commands to control relays. • SCADA master units. These are larger computer consoles that serve as the central processor for the SCADA system. Master units provide a human interface to the system and automatically regulate the managed system in response to sensor inputs. • The communications network that connects the SCADA master unit to the RTUs in the field.Critical Infrastructure 2,, 2013 Slide 10
    • 11. SCADA application areas • Electric power generation, transmission and distribution • Water and sewage • Buildings, facilities and environments • Manufacturing • Mass transit • Traffic signalsCritical Infrastructure 2,, 2013 Slide 11
    • 12. Critical SCADA systems • Failure of controlled systems can lead to direct loss of life due to equipment failure or indirect losses does to failure of critical infrastructure controlled by SCADA systems • SCADA issues are therefore – Safety and reliability – Security • SCADA safety and reliability – Needs specific safety analysis techniques for PLCs because they are programmed in a different way (ladder logic) – SCADA systems usually have redundancy and backup, which contributes to the availability of these systemsCritical Infrastructure 2,, 2013 Slide 12
    • 13. SCADA generations • 1st generation (1970s). Co-located control – Controlled units were on the same site as the controlling computer with hard-wired connections between them – No network so no potential for external attack. Very limited chance of insider attack because operation by teams rather than individuals • 2nd generation (1980s/90s) Distributed control – SCADA systems networked with devices using special- purpose protocols – No external network connection – Vulnerable to insider attacks because of distributed sitesCritical Infrastructure 2,, 2013 Slide 13
    • 14. SCADA generations • 3rd generation (2000s). Networked systems – SCADA systems no longer isolated but connected to external networks – External connection through computers (particularly PCs) that are directly connected to the Internet – May also interface with other Internet-connected systems such as manufacturing control systems – More use of standard protocols such as TCP/IP for communications – Remote system monitoring and upgrades from providers requires network connectionCritical Infrastructure 2,, 2013 Slide 14
    • 15. SCADA security • Security is a particular concern for SCADA systems – Considerable potential for large-scale damage to critical infrastructure by attacker – Security through isolation. SCADA systems, historically, were unconcerned with security because they were isolated systems – Security through obscurity.Critical Infrastructure 2,, 2013 Non-standard programming15 Slide languages and protocols
    • 16. Security through isolation • If a system is not connected to the Internet, then it cannot be penetrated by attacks from the Internet • Until recently, SCADA systems were isolated networks. But now: • Direct connections to vendors for maintenance, stock ordering etc. • Connected to enterprise systems, which in turn are on the Internet. • PCs used by operators may be multi-functional and internet connected • Operators transfer information using USB drivesCritical Infrastructure 2,, 2013 Slide 16
    • 17. Security through obscurity • Approach to security that is based on the fact that information about a system is not widely known or available so few people can successfully attack system – Susceptible to insider attack – those who know the information – SCADA systems are sold globally – therefore information is available to other countries who may be potentially hostile – Information on SCADA systems can be stolen and used by attackersCritical Infrastructure 2,, 2013 Slide 17
    • 18. SCADA connectivity • SCADA systems are now progressively reliant on standard IT technologies and protocols(Microsoft Windows, TCP/IP, web browsers, wireless technologies, etc.) • No longer able to rely on security by isolation and security through obscurityCritical Infrastructure 2,, 2013 Slide 18
    • 19. SCADA legacy systems • There are a huge number of 2nd generation SCADA systems that are still in use and are likely to remain in use for many years – Infrastructure systems can have a 20+ year lifetime • However, these are now being ‘updated’ with new equipment which is network-connected • These older legacy systems were developed without security awareness and so are particularly vulnerable to attackCritical Infrastructure 2,, 2013 Slide 19
    • 20. Common SCADA vulnerabilities • Weak passwords • Open to port scanning to discover SCADA systems on network • Lack of input validation –buffer overflow and SQL poisoning • UnencryptedCritical Infrastructure 2,, 2013 network traffic Slide 20
    • 21. SCADA security challenges • Infrastructure providers and SCADA developers have no background in IT security • Not always possible to use standard security tools and techniques: – For example, It may not be possible to install anti-virus protection on process control systems, owing to the lack of processor power on legacy systems, the age of operating systems or the lack of vendor certification. – Security testing on process control systems must also be approached with extreme caution – security scanning can seriously affect the operation of many control devices. – There are sometimes few opportunities to take the systems off-line for routine testing, patching and maintenance.Critical Infrastructure 2,, 2013 Slide 21
    • 22. Improving SCADA security • Government and industry reports to raise awareness of SCADA security issues • Establishment of bodies (CPNI) specifically concerned with infrastructure protection • Need for regulators to become involved – security certification • Better security education andCritical Infrastructure 2,, 2013 training for SCADA Slide 22
    • 23. © NationalGeographic.comCritical Infrastructure 2,, 2013 Slide 23
    • 24. Key Points• SCADA systems are the most common control systems for large-scale national infrastructure• These systems coordinate and communicate with a network of sensors and actuators that control equipment such as valves and pumps• SCADA systems are often old systems that were built without security concerns – therefore are vulnerable to external attack• Government organisations are seriously concerned about the vulnerability of these systems to failures and attackCritical Infrastructure 2,, 2013 Slide 24

    ×