In 2015, we did a blog post entitled “SCADA and Telemetry Basics–SCADA System Basics”. Three years later, this is still one of our most read posts. With that kind of persevering interest in the subject, we thought it appropriate to do some updating on SCADA basics.
Without a doubt, control system network security has increased in importance as report after report indicates hacks, successful and attempted, are increasing in frequency. The explosion of wireless devices associated with the Internet of Things has made security an even greater focus of those tasked with managing security.
What’s the average plant manager, whose background likely has little security expertise, supposed to do? The Department of Energy and The President’s Critical Infrastructure Protection Board has produced a 10-page white paper titled, “21 Steps to Improve Cyber Security of SCADA Networks.” As the title suggests, this is a step-by-step plan for improving security. While you will probably need a technical expert in control network security to help implement many of the steps, it is worth studying them anyway to acquaint yourself with the issues and decisions that may need to be made.
Another good source of a more “hands-on” nature is our own presentation on “Building a Secure Network Infrastructure”. This presentation was put together by our network security professionals and addresses physical network elements, such as cabling, switches, and routers.
Yet another perspective comes from Tofino Security in their discussion of how SCADA network security is different from IT network security. Their post identifies security goals, the security weaknesses of control networks, and high level approaches to securing networks.
The large number of legacy systems in place around the country and across all industries, means there are many SCADA systems in place that use hardware and software never designed with today’s security needs in mind. If your system falls into this category, you need to seriously consider modernization.
Wireless has been part of SCADA from the beginning. At first it was achieved with private radio, an expensive and complicated approach. Then came cellular and satellite solutions. These reduced the up-front capital costs but incurred monthly charges. Still, we have found cellular platforms to be very popular.
While these were typically used for networks with remotely dispersed RTUs (Remote Terminal Units), there has been huge growth in in-plant wireless networks to handle the wireless sensors and devices that eliminate cabling costs and issues and support the newest of “cobots” (collaborative robots that can move around the factory floor to take on new tasks and support process equipment reconfigurations). Additionally, numerous applications, such as oil rigs and refineries, chemical plants, and water/wastewater treatment plants that may be hard to serve with cabling become common applications for in-plant wireless solutions. For these in-plant applications, wi-fi is commonly used.
Another area of wireless growth is the use of wireless devices (phones and tablets) to access HMI applications in control panels or on board equipment and sensors. This creates great convenience for operators, but increases the security exposure. Wi-fi with poorly implemented keys can open networks to attack, in some cases from miles away.
As SCADA wireless connectivity increases, whether it be for remote systems or in-plant networks, security issues become more important to identify and more important to implement. If you’re unsure how secure your SCADA network is, contact us with your questions.