Читать книгу Building an Effective Security Program for Distributed Energy Resources and Systems - Mariana Hentea - Страница 49
1.7.2 SCADA Systems
ОглавлениеSCADA system is a common process automation system that is used to gather data from sensors and instruments located at remote sites and to transmit data at a central site for either control or monitoring purposes. The collected data is usually viewed on one or more SCADA host computers located at the central or master site. Based on information received from remote stations, automated or operator‐driven supervisory commands can be pushed to remote station control devices, which are often referred to as field devices. Generally, a SCADA system includes the following components:
Instruments that sense process variables.
Operating equipment connected to instruments.
Local processors that collect data and communicate with the site’s instruments and operating equipment called PLC, remote terminal unit (RTU), intelligent electronic device (IED), or programmable automation controller (PAC).
Short‐range communications between local processors, instruments, and operating equipment.
Host computers as central point of human monitoring and control of the processes, storing databases, and display of statistical control charts and reports. Host computers are also known as master terminal unit (MTU), the SCADA server, or a PC with human–machine interface (HMI).
Long‐range communications between local processors and host computers using wired and/or wireless network connections.
Figure 1.22 shows a typical SCADA system with HMI installed in a control center and connected via communication network to monitored field sites.
Figure 1.22 SCADA general diagram.
Source: [NIST SP800‐82r2].
Public Domain.
SCADA system is a category of control systems used to monitor or control processes such as chemical, transport, water supply, power generation and distribution, and gas and oil supply. A control system is a device or set of devices to manage, command, direct, or regulate the behavior of other devices or systems. However, SCADA is not a full control system, but rather focuses on the supervisory level. Usually, SCADA systems involve a human‐in‐the‐loop control and decision‐making processes.
The architecture of a SCADA system consists of one of more MTUs that are used by engineers in a control station to monitor and control a large number of RTUs located in field or industrial plants. An MTU is a general‐purpose computer or server running SCADA utility programs and RTUs are generally small dedicated devices designed for rough field or industrial environment. One or more SCADA MTUs retrieve real‐time analog and status data from RTUs, store to data historian, and analyze the data. MTUs automatically send control commands to the RTUs or enable the engineers to do so manually.
Vulnerability discovery techniques and appropriate engineering activities are required to ensure security, reliability, and safety of plants that use SCADA control systems.
These systems evolved from static to dynamic systems. The increased connectivity to Internet and mobile device technology has also a major impact on control system architectures. Modern products are often based on component architectures using commercial off‐the‐shelf (COTS) product elements as units. Security and safety of the SCADA control systems in terms of vulnerabilities, lack of protection, and awareness are discussed in [Hentea 2007]. Information security management principles and processes need to be applied to SCADA systems without exception.