CS 5032 L18 Critical infrastructure 2: SCADA systems


Published on

1 Comment
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • This is the parlance of CPNT
  • CS 5032 L18 Critical infrastructure 2: SCADA systems

    1. 1. Critical infrastructure 2 SCADA systemsCritical Infrastructure 2,, 2013 Slide 1
    2. 2. Infrastructure classes • Physical infrastructure – Physical facilities and assets such as pumping stations, pipelines, railways, roads, etc. • Digital infrastructure – Networks, software and physical facilities required for their operation, such as data centres • Organisational infrastructure – Services such as emergency services, medical services, government • Focus in this lecture will be on physical infrastructure and critical control systems for that infrastructureCritical Infrastructure 2,, 2013 Slide 2
    3. 3. Control Systems • IT is used for monitoring and controlling infrastructure in almost all industries in the developed world – Oil and Gas – Railways – Power Generation and Transmission – Water Management – Manufacturing – Production PlantsCritical Infrastructure 2,, 2013 Slide 3
    4. 4. Infrastructure control • Infrastructure equipment is usually controlled using special-purpose hardware and software • PLCs (Programmable Logic Controllers) are associated with specific components such as valves and switches • A SCADA (Supervisory Control and Data Acquisition) system is used to monitor and coordinate individual controllersCritical Infrastructure 2,, 2013 Slide 4
    5. 5. Infrastructure control elementsMotorised Motorised valve Flow valve Water pipeline sensor PLC PLCCritical Infrastructure 2,, 2013 To SCADA system Slide 5
    6. 6. Programmable Logic Controllers • Stand-alone units which are associated with a controlled element or a group of controlled elements. • Send signals to actuators associated with that element e.g. to motors that can open or close a valve • Usually have associated sensors that determine the state of the element itself as well as sensors that sense whatever is being controlled (e.g. gas flow) • Can act autonomously – e.g. to shut down an element or (more frequently) connected to a SCADA system that manages and controls all system elementsCritical Infrastructure 2,, 2013 Slide 6
    7. 7. What is SCADA? • An architectural pattern for industrial control systems with many components that are often distributed over a wide area • A configurable software system that is used to implement large-scale control systems where: – Programmable logic units control infrastructure components – Data acquisition by remote terminal units (RTUs) – Data sent to control centre, running the SCADA system – Control Centre monitors system,displays system status and issues commands • Based on standard industrial communication protocolsCritical Infrastructure 2,, 2013 Slide 7
    8. 8. SCADA functionality • A SCADA system performs four functions: – Data acquisition – Unit control – Networked data communications – Data presentatio A SCADA system controlling an electricity distribution networkCritical Infrastructure 2,, 2013 Slide 8
    9. 9. Critical Infrastructure 2,, 2013 SCADA system architecture Slide 9
    10. 10. SCADA system components • Remote stations with sensors (either digital or analog) and PLCs that directly interface with the managed system. • Remote telemetry units (RTUs). These are small computerized units deployed in the field at specific sites and locations. RTUs (Remote Telemetry Units) serve as local collection points for gathering reports from sensors and delivering commands to control relays. • SCADA master units. These are larger computer consoles that serve as the central processor for the SCADA system. Master units provide a human interface to the system and automatically regulate the managed system in response to sensor inputs. • The communications network that connects the SCADA master unit to the RTUs in the field.Critical Infrastructure 2,, 2013 Slide 10
    11. 11. SCADA application areas • Electric power generation, transmission and distribution • Water and sewage • Buildings, facilities and environments • Manufacturing • Mass transit • Traffic signalsCritical Infrastructure 2,, 2013 Slide 11
    12. 12. Critical SCADA systems • Failure of controlled systems can lead to direct loss of life due to equipment failure or indirect losses does to failure of critical infrastructure controlled by SCADA systems • SCADA issues are therefore – Safety and reliability – Security • SCADA safety and reliability – Needs specific safety analysis techniques for PLCs because they are programmed in a different way (ladder logic) – SCADA systems usually have redundancy and backup, which contributes to the availability of these systemsCritical Infrastructure 2,, 2013 Slide 12
    13. 13. SCADA generations • 1st generation (1970s). Co-located control – Controlled units were on the same site as the controlling computer with hard-wired connections between them – No network so no potential for external attack. Very limited chance of insider attack because operation by teams rather than individuals • 2nd generation (1980s/90s) Distributed control – SCADA systems networked with devices using special- purpose protocols – No external network connection – Vulnerable to insider attacks because of distributed sitesCritical Infrastructure 2,, 2013 Slide 13
    14. 14. SCADA generations • 3rd generation (2000s). Networked systems – SCADA systems no longer isolated but connected to external networks – External connection through computers (particularly PCs) that are directly connected to the Internet – May also interface with other Internet-connected systems such as manufacturing control systems – More use of standard protocols such as TCP/IP for communications – Remote system monitoring and upgrades from providers requires network connectionCritical Infrastructure 2,, 2013 Slide 14
    15. 15. SCADA security • Security is a particular concern for SCADA systems – Considerable potential for large-scale damage to critical infrastructure by attacker – Security through isolation. SCADA systems, historically, were unconcerned with security because they were isolated systems – Security through obscurity.Critical Infrastructure 2,, 2013 Non-standard programming15 Slide languages and protocols
    16. 16. Security through isolation • If a system is not connected to the Internet, then it cannot be penetrated by attacks from the Internet • Until recently, SCADA systems were isolated networks. But now: • Direct connections to vendors for maintenance, stock ordering etc. • Connected to enterprise systems, which in turn are on the Internet. • PCs used by operators may be multi-functional and internet connected • Operators transfer information using USB drivesCritical Infrastructure 2,, 2013 Slide 16
    17. 17. Security through obscurity • Approach to security that is based on the fact that information about a system is not widely known or available so few people can successfully attack system – Susceptible to insider attack – those who know the information – SCADA systems are sold globally – therefore information is available to other countries who may be potentially hostile – Information on SCADA systems can be stolen and used by attackersCritical Infrastructure 2,, 2013 Slide 17
    18. 18. SCADA connectivity • SCADA systems are now progressively reliant on standard IT technologies and protocols(Microsoft Windows, TCP/IP, web browsers, wireless technologies, etc.) • No longer able to rely on security by isolation and security through obscurityCritical Infrastructure 2,, 2013 Slide 18
    19. 19. SCADA legacy systems • There are a huge number of 2nd generation SCADA systems that are still in use and are likely to remain in use for many years – Infrastructure systems can have a 20+ year lifetime • However, these are now being ‘updated’ with new equipment which is network-connected • These older legacy systems were developed without security awareness and so are particularly vulnerable to attackCritical Infrastructure 2,, 2013 Slide 19
    20. 20. Common SCADA vulnerabilities • Weak passwords • Open to port scanning to discover SCADA systems on network • Lack of input validation –buffer overflow and SQL poisoning • UnencryptedCritical Infrastructure 2,, 2013 network traffic Slide 20
    21. 21. SCADA security challenges • Infrastructure providers and SCADA developers have no background in IT security • Not always possible to use standard security tools and techniques: – For example, It may not be possible to install anti-virus protection on process control systems, owing to the lack of processor power on legacy systems, the age of operating systems or the lack of vendor certification. – Security testing on process control systems must also be approached with extreme caution – security scanning can seriously affect the operation of many control devices. – There are sometimes few opportunities to take the systems off-line for routine testing, patching and maintenance.Critical Infrastructure 2,, 2013 Slide 21
    22. 22. Improving SCADA security • Government and industry reports to raise awareness of SCADA security issues • Establishment of bodies (CPNI) specifically concerned with infrastructure protection • Need for regulators to become involved – security certification • Better security education andCritical Infrastructure 2,, 2013 training for SCADA Slide 22
    23. 23. © NationalGeographic.comCritical Infrastructure 2,, 2013 Slide 23
    24. 24. Key Points• SCADA systems are the most common control systems for large-scale national infrastructure• These systems coordinate and communicate with a network of sensors and actuators that control equipment such as valves and pumps• SCADA systems are often old systems that were built without security concerns – therefore are vulnerable to external attack• Government organisations are seriously concerned about the vulnerability of these systems to failures and attackCritical Infrastructure 2,, 2013 Slide 24