Mark Clements

1
SCADA ICS

• Mark Clements

2
Course Introduction

• Scope of course
• Method of assessment
• Practical work

3
SCADA ICS Introduction

• Supervisory Control And Data Acquisition is an
  Industrial Control System.
• To run a Process Control Network (PCN).
• Monitors and controls industrial plant/
  equipment.
• E.g. water, energy, fuel, telecommunications.
• Coordinate data transfer between Remote Terminal
  Units (RTUs) central host.
• Display information to operators.

4
A Typical SCADA System
1.
5
Sensor-SCADA System Interface

• Meters and sensors monitor industrial items e.g.
  temperature, flow, pressure.
• Field data interface devices are required to
  convert information from sensors to SCADA
  protocol language.
• RTUs and/ or PLCs convert sensor data into the
  form required by the communication protocol and
  vice versa.

6
Communication Network

• Transfers data between central host and RTUs.
• Cable, POTS, wireless physical layer.
• Choice depends on context.
• Historical dedicated SCADA networks merging into
  existing TCP/IP networks.
• Allows integration with existing office
  applications.

7
Data Processing

• Carried out by a single computer or a network of
  computers, historically UNIX.
• Central computing software often proprietary.
• Process data from and send control data to RTUs
  known as telemetry.
• Present information to human operators via LAN
  and/ or WAN on client/ server basis.
• Allows analysis by commercial software.

8
SCADA Architecture Progress

• Evolved from a single mainframe, to distributed
  processing via LAN to todays Internet-connected
  systems.
• Todays SCADA systems can be integrated due to
  standard protocols but susceptible to remote
  attack.
• Standard protocols allow for security upgrades to
  be rolled out widely (if well maintained).

9
(No Transcript)
10
Threats to SCADA

• DOS attacks, deletion of system files, Trojans,
  keyloggers, theft of data, data spoofing, use of
  SCADA to compromise other networked entities.
• An overestimate of the value of air gaps.
• WAN technologies (open) vulnerabilities are
  well understood by industry and hackers alike.
• Poor security on networks hosting RTUs can allow
  packet injection.

11
MODEM
How many vulnerabilities can you spot?
2.
12
Developing a security strategy

• Assess the existing system.
• Document policies and procedures.
• Train personnel and contractors.
• Segment the control system network.
• Control access to the system.
• Harden the components of the system.
• Monitor and maintain system security.
• See 7 steps to ICS and SCADA Security

13
Comparison between SCADA and IT Systems

• See handout

14
Conclusion

• SCADA has evolved to use Ethernet TCP/IP.
• Protocols have evolved to open systems.
• SCADA widely used for industrial control.
• Susceptible to common security attacks.
• WAN links have well-known vulnerabilities.
• RTUs can be controlled by an attacker.
• A security strategy is absolutely necessary.

15
References

1. http//www.ncs.gov/library/tech_bulletins/2004/tib
   _04-1.pdf
2. http//www.tofinosecurity.com/downloads/623