Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. This blog will introduce SCADA fundamentals that will help analyze security considerations in the subsequent blog post.
I am using the terms SCADA, ICS and DCS interchangeably here. SCADA is much more than a particular technology. SCADA solutions come in many different forms, but they’re all built on the same principle – providing you with mission-critical data and control capabilities that you must have to effectively manage your operation. Usually a SCADA system is a common process automation system which is used to gather data from sensors and instruments located at remote sites and to transmit and display this data at a central site for either control or monitoring purposes. The collected data is usually viewed on one or more SCADA host computers located at the central or master site. A SCADA system can monitor and control thousands of I/O points.
Electric utilities use SCADA systems to detect current flow and line voltage, to monitor the operation of circuit breakers and to take sections of the power grid online or offline. A typical water SCADA application would be used to monitor water levels at various water sources like reservoirs and tanks. When the water level exceeds a preset threshold, the application activates the system of pumps to move water to tanks with low tank levels. Transit authorities use SCADA to regulate electricity to subways, trams and trolleys and to automate traffic signals for rail systems, to track and locate trains and to control railroad crossing gates.
SCADA components, functions and relationships
Not all SCADA systems are the same, but studying them from a security point of view, they can be broken down into the following components that are present in every system in one form or another:
– Data Acquisition
– Data Conversion
– Data Communication
– Data Presentation and Control
Each component has a well-defined function or purpose. Furthermore, each component has a specific relationship with the components that it communicates with. SCADA systems can be broken down into following major components, which form a chain. Each component communicates with the component before and after itself.
The first component in the chain is data acquisition. It is not preceded by another component, but it connects to the data conversion component. Data acquisition consists of sensors, meters and field devices, such as photo sensors, pressure sensors, temperature sensors and flow sensors. Depending on the type of SCADA system these devices could be physically located hundreds of miles away from each other or could be inside the same plant. The primary function of these field devices is to sense physical parameters like light, temperature, pressure, etc., in the form of analog signals. In most cases the data which is acquired is analog. Data acquisition is also known as input output or I/O.
Data conversion receives data generated by the acquisition component. Remote terminal unit (RTU), intelligent electronic devices (IEDs) and in some cases programmable logic controllers (PLC) are example devices that fall under this category. The functionality of these components has evolved over the years to include analog to digital conversion, sequential relay control, process control and now even networking. An RTU monitors the field digital and/or analog parameters and transmits it to the central data control via the data communication component. Early PLCs were designed to replace relay logic systems and were programmed in ladder logic. Modern PLCs can even be compared to desktop PCs in regards to their power and functionality.
Data conversion has a two way communication with data presentation and control via the data communication component.
Data communication consists of some communication medium that transfers data back and forth between data conversion and data control. The communication medium could be wired, wireless, radio, satellite or others. The communication takes place using one of the many SCADA protocols. Some protocols are open standard while some are proprietary. Some example protocols are ModBus, DNP3, ControlNet, ProfiBus, ICCP, OCP, BBC 7200, Gedac 7020, DeviceNet , Tejas, UCA and others. It is estimated that that there are over 100 such protocols.
Data presentation and control
As the name suggests data presentation and control consists of devices used to monitor and control data received from various data communication channels. It may include Human Machine Interface (HMI), which the operator uses to monitor and react to alerts and alarms. It may consist of historian databases and other support systems.
I hope this was a useful introduction to SCADA systems. Another blog post on SCADA security considerations will be published later this week.