SCADA SecuritySCADA Security

Supervisory Control and Data AcquisitionSupervisory Control and Data Acquisition

Mr Mark RydellMr Mark Rydell

SCADA LessonSCADA Lesson

What is SCADA?What is SCADA?

Why is SCADA Security important?Why is SCADA Security important?

How SCADA Systems EvolvedHow SCADA Systems Evolved

SCADA systemsSCADA systems

SCADA – Supervisory Control and Data SCADA – Supervisory Control and Data AcquisitionAcquisition

SCADA systems are vital components of most SCADA systems are vital components of most nation’s critical infrastructuresnation’s critical infrastructures

SCADA systems control:SCADA systems control:• Gas pipelinesGas pipelines• Water and wastewater systemsWater and wastewater systems• Transportation systemsTransportation systems• Electrical UtilitiesElectrical Utilities• Refineries and chemical plantsRefineries and chemical plants• Manufacturing operationsManufacturing operations

SCADA SystemsSCADA Systems

SCADA systems are intended to provide a SCADA systems are intended to provide a human operator with updated real-time human operator with updated real-time information about the current state of the information about the current state of the remote process being monitored, as well as remote process being monitored, as well as the ability to manipulate the process the ability to manipulate the process remotely. remotely. William T. ShawWilliam T. Shaw

SCADA SystemsSCADA Systems Used to monitor and remotely control critical Used to monitor and remotely control critical

industrial processesindustrial processes

Industrial control systems (ICS)Industrial control systems (ICS)• SCADA systemsSCADA systems• Distributed Control Systems (DCS)Distributed Control Systems (DCS)• Programmable Logic Controllers (PLC)Programmable Logic Controllers (PLC)

SCADA ComponentsSCADA Components• Master Terminal Unit (Architecture unique)Master Terminal Unit (Architecture unique)• Human Machine InterfaceHuman Machine Interface• Remote Terminal UnitRemote Terminal Unit• CommunicationsCommunications

SCADA SystemsSCADA Systems

Highly distributedHighly distributed Geographically separated assetsGeographically separated assets Centralized data acquisition and Centralized data acquisition and

control are criticalcontrol are critical• Oil and gas pipelinesOil and gas pipelines• Electrical power gridsElectrical power grids• Railway transportation systemsRailway transportation systems

Field devices control local operationsField devices control local operations

Distributed Control SystemDistributed Control System Supervisory control of multiple integrated Supervisory control of multiple integrated

systems responsible for a systems responsible for a locallocal process process DCSs used extensively in process-based DCSs used extensively in process-based

industriesindustries Examples:Examples:

• Oil and gas refineriesOil and gas refineries• Electrical power generationElectrical power generation• Automotive productionAutomotive production

Feedback loops maintain set pointsFeedback loops maintain set points Programmable logic controllers used in the Programmable logic controllers used in the

fieldfield

Programmable Logic ControllersProgrammable Logic Controllers

Computer based solid state devicesComputer based solid state devices Control industrial equipment and Control industrial equipment and

processesprocesses Regulate process flowRegulate process flow

• Automobile assembly lineAutomobile assembly line

SCADA, DCS or PLCSCADA, DCS or PLCCompare and ContrastCompare and Contrast

LocationLocation• SCADA – geographically dispersedSCADA – geographically dispersed• DCS and PLC – factory centeredDCS and PLC – factory centered

CommunicationsCommunications• SCADA – long distance, slow speedSCADA – long distance, slow speed• DCS and PLC – LAN, high speedDCS and PLC – LAN, high speed

ControlControl• SCADA – supervisory levelSCADA – supervisory level• DCS and PLC – closed feedback loopsDCS and PLC – closed feedback loops

SCADA – Why the emphasis?SCADA – Why the emphasis?

SCADA Supports Critical InfrastructuresSCADA Supports Critical Infrastructures

80-90% of critical infrastructures (CI) are 80-90% of critical infrastructures (CI) are privately owned and operatedprivately owned and operated

Critical to National survival and prosperity, Critical to National survival and prosperity, yet dependent on industries driven by yet dependent on industries driven by profit, not securityprofit, not security

SCADA – Why the emphasis?SCADA – Why the emphasis? Many challenges exist when securing SCADAMany challenges exist when securing SCADA

• Complex systems…patching, rebooting, authenticationComplex systems…patching, rebooting, authentication• Preponderance of legacy hardware, software and Preponderance of legacy hardware, software and

transmission protocols ($)transmission protocols ($)• Multiple and divers access points…by design…radio, Multiple and divers access points…by design…radio,

wireless, phonewireless, phone• The need to connect to business networkThe need to connect to business network

The Cyberwar Plan. Article byThe Cyberwar Plan. Article by Shane Harris, Saturday, Nov. 14, 2009: Shane Harris, Saturday, Nov. 14, 2009: President Obama confirmed that cyber-warriors have aimed at American President Obama confirmed that cyber-warriors have aimed at American networks. "We know that cyber-intruders have probed our electrical grid," networks. "We know that cyber-intruders have probed our electrical grid," he said at the White House in May, when he unveiled the next stage of the he said at the White House in May, when he unveiled the next stage of the national cyber-security strategy. The president also confirmed, for the first national cyber-security strategy. The president also confirmed, for the first time, that the weapons of cyberwar had claimed victims. "In other time, that the weapons of cyberwar had claimed victims. "In other countries, cyberattacks have plunged entire cities into darkness."countries, cyberattacks have plunged entire cities into darkness."

VideoVideo

SCADA EvolutionSCADA Evolution

1960s – Integrated Circuit led to 1960s – Integrated Circuit led to minicomputers capable of computer minicomputers capable of computer control of processescontrol of processes• Confined to one physical locationConfined to one physical location• Not connected to an external networkNot connected to an external network• Local area networkLocal area network• Closed loop controlClosed loop control• Proprietary protocolsProprietary protocols

SCADA EvolutionSCADA Evolution

1960 -1980s – Central Architectures1960 -1980s – Central Architectures• Single powerful computer performing all Single powerful computer performing all

functionsfunctions• 22ndnd identical computer for redundancy identical computer for redundancy

SCADA EvolutionSCADA Evolution

1980s to present – Distributed 1980s to present – Distributed ArchitecturesArchitectures• Multiple computers networked together Multiple computers networked together

with each performing a specific functionwith each performing a specific function• LAN improvements – LAN improvements – practical and possiblepractical and possible

• Functions:Functions: Remote terminal pollingRemote terminal polling Complex applications processingComplex applications processing Historian – data archiving and trendingHistorian – data archiving and trending

• Graceful degradationGraceful degradation

SCADA EvolutionSCADA Evolution

1990s to present – Client/Server1990s to present – Client/Server• Powerful PCsPowerful PCs• TCP/IP networkingTCP/IP networking• High speed EthernetHigh speed Ethernet• Commercial real-time operating systemsCommercial real-time operating systems

Looking more like IT systemsLooking more like IT systems• Scalable and fault tolerantScalable and fault tolerant• Smart software makes redundancy easySmart software makes redundancy easy

SCADA EvolutionSCADA Evolution

Human Machine InterfaceHuman Machine Interface• PrintoutsPrintouts• Map boardMap board• Mimic panelMimic panel• Video projection technologyVideo projection technology

SCADA EvolutionSCADA EvolutionHMI ExampleHMI Example

SCADA EvolutionSCADA Evolution

Remote Terminal UnitRemote Terminal Unit• Electronic devices located at key Electronic devices located at key

measurement and control pointsmeasurement and control points• Originally hardwired devices with limited Originally hardwired devices with limited

capabilities and one proprietary capabilities and one proprietary communications protocolcommunications protocol

• Modern RTUs contain their own Modern RTUs contain their own microprocessors and can support microprocessors and can support multiple sophisticated protocolsmultiple sophisticated protocols

SCADA EvolutionSCADA Evolution

CommunicationsCommunications• Initially used telephone systems and Initially used telephone systems and

radio transmitters designed for voiceradio transmitters designed for voice SlowSlow Some remote areas had to build their own Some remote areas had to build their own

communication systemscommunication systems

• Latest systems are digital networks Latest systems are digital networks designed to transfer datadesigned to transfer data

TCP/IPTCP/IP Wireless including cellular and satelliteWireless including cellular and satellite

SCADA Evolution SummarySCADA Evolution Summary

SCADA systems are based on SCADA systems are based on computer technology so they have computer technology so they have evolved with computer technologyevolved with computer technology

New technologies have also been New technologies have also been introduced to SCADA systemsintroduced to SCADA systems

Huge decreases in proprietary natureHuge decreases in proprietary nature

SCADA Evolution SummarySCADA Evolution Summary

The Good NewsThe Good News• CheaperCheaper• Interoperable between vendorsInteroperable between vendors• Larger pool of available workersLarger pool of available workers

The Bad NewsThe Bad News• Susceptible to malware, hackers and Susceptible to malware, hackers and

cyber attackscyber attacks We can’t go back. We must provide We can’t go back. We must provide

secure designs for now & the futuresecure designs for now & the future

And Finally….And Finally….(CBS Transcript) Nothing has ever changed the world as quickly as the Internet has. Less (CBS Transcript) Nothing has ever changed the world as quickly as the Internet has. Less

than a decade ago, "60 Minutes“ went to the Pentagon to do a story on something than a decade ago, "60 Minutes“ went to the Pentagon to do a story on something called information warfare, or cyber war as some people called it. It involved using called information warfare, or cyber war as some people called it. It involved using computers and the Internet as weapons. Much of it was still theory, but we were told computers and the Internet as weapons. Much of it was still theory, but we were told that before too long it might be possible for a hacker with a computer to disable that before too long it might be possible for a hacker with a computer to disable critical infrastructure in a major city and disrupt essential services, to steal millions of critical infrastructure in a major city and disrupt essential services, to steal millions of dollars from banks all over the world, infiltrate defense systems, extort millions from dollars from banks all over the world, infiltrate defense systems, extort millions from public companies, and even sabotage our weapons systems. Today it's not only public companies, and even sabotage our weapons systems. Today it's not only possible, all of that has actually happened, plus a lot more we don't even know about. possible, all of that has actually happened, plus a lot more we don't even know about. It's why President Obama has made cyber war defense a top national priority and It's why President Obama has made cyber war defense a top national priority and why some people are already saying that the next big war is less likely to begin with a why some people are already saying that the next big war is less likely to begin with a bang than a blackout. "Can you imagine your life without electric power?" Retired bang than a blackout. "Can you imagine your life without electric power?" Retired Admiral Mike McConnell asked correspondent Steve Kroft. Until February of this year, Admiral Mike McConnell asked correspondent Steve Kroft. Until February of this year, McConnell was the nation's top spy. As chief of national intelligence, he oversaw the McConnell was the nation's top spy. As chief of national intelligence, he oversaw the Central Intelligence Agency, the Defense Intelligence Agency and the National Central Intelligence Agency, the Defense Intelligence Agency and the National Security Agency. Few people know as much about cyber warfare, and our dependency Security Agency. Few people know as much about cyber warfare, and our dependency on the power grid, and the computer networks that deliver our oil and gas, pump and on the power grid, and the computer networks that deliver our oil and gas, pump and purify our water, keep track of our money, and operate our transportation systems. purify our water, keep track of our money, and operate our transportation systems. "If "If I were an attacker and I wanted to do strategic damage to the United States, I would I were an attacker and I wanted to do strategic damage to the United States, I would either take the cold of winter or the heat of summer, I probably would sack electric either take the cold of winter or the heat of summer, I probably would sack electric power on the U.S. East Cost, summer, I probably would sack electric power on the U.S. power on the U.S. East Cost, summer, I probably would sack electric power on the U.S. East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of those things are in the art of the possible from a sophisticated attacker,"those things are in the art of the possible from a sophisticated attacker," McConnell McConnell explained. explained.

And Finally….And Finally…."Do you believe our adversaries have the capability of bringing down a "Do you believe our adversaries have the capability of bringing down a

power grid?" Kroft asked.power grid?" Kroft asked.

"I do," McConnell replied. "I do," McConnell replied.

Asked if the U.S. is prepared for such an attack, McConnell told Kroft, Asked if the U.S. is prepared for such an attack, McConnell told Kroft,

"No. The United States is not prepared for such an attack.""No. The United States is not prepared for such an attack."