• What is it?
• Where are the vulnerabilities?
• What should be considered?
• Resources

Supervisory Control And Data Acquisition (SCADA) networks pervade the industry. These small microcontroller systems are used to control large industrial machines and systems. SCADA systems are predominantly used for monitoring industrial systems, often in remote locations.

Typically, remote terminal units and Programmable Logic Controllers are connected to enterprise networks using a “telemetry” network. Where the telemetry network meets the enterprise computer network, gateways permit two-way communications between the SCADA network and the traditional corporate network.

SCADA systems were designed to be highly efficient, but they were not necessarily designed with security in mind. Because security was not the primary consideration, SCADA telemetry networks may be highly vulnerable to exploitation. Because SCADA systems control and provide feedback on industrial processes, exploitation of these systems could seriously disrupt key industrial processes, such as power generation, lift and crane systems, and transportation systems.

There are numerous entry points to SCADA telemetry networks:

• Compromise of WLAN and/or wireless networks that connect SCADA systems to each other and to control systems;
• Compromise of gateways from traditional computer networks to the SCADA network;
• Improper physical access to key control systems;
• Access to telemetry networks and modification of command-level traffic (typically this traffic is unencrypted);
• Application-level vulnerabilities in SCADA control software;
• SCADA traffic encapsulated in TCP/IP and transmitted over public networks.

These vectors are but a limited selection of the entry points for SCADA networks. Because of the traditional use of SCADA networks, encryption of traffic between endpoints is often forgone.

The most memorable SCADA attack was STUXNET (1).  STUXNET attacked the centrifuge control SCADA systems in Iran, rendering them useless.

Organizations need a structured approach to securing SCADA systems.

While firmware manufacturers may be slow to respond to security requirements, organizations must take the following preventive initiatives:

• Implement simple but effective controls that separate SCADA networks from general computer network systems.
• Monitor SCADA system activities for abnormal conditions.
• Upgrade and assess SCADA firmware on a regular basis.
• Where bounds checking has been implemented (for controller movement such as stepper-motor controlled systems), the configuration scripts for SCADA devices must cover movement bounds to avoid damaging control hardware.

Finally, while there are many technological aspects to controlling SCADA systems, we cannot overlook the human element.

Originally released in part by VIMRO,
Larry Boettger
and
Michael Horsch Fizz

Resources:

SCADA 2019 Tech Summit: August 28 – 29, 2019
Westin O’Hare: 6100 N River Rd, Rosemont, Ill. 60018

---

Additional Resources:

• NIST Special Publication 800-82 v2: Guide to Industrial Control Systems (ICS) Security
• Department of Defense(DoD): Cybersecurity Reference and Resource Guide 2018

SCADA News:

• City Reduces Water Supply Costs with New SCADA System
• Utilities Will Rely on Advanced IT Systems for Distribution Management and Distributed Energy Resources Management
• New SCADA System Lets PUC Open/Close Valves Remotely
• ICONICS and SUSiEtec Connects SCADA with the Cloud
• Deliver Sensor Data Directly to SCADA and IOT Systems via OPC-UA and MQTT

---

(1) AN UNPRECEDENTED LOOK AT STUXNET, THE WORLD'S FIRST DIGITAL WEAPON