An Introduction to SCADA SystemsAugust 31, 2015 by Donald Krambeck
This article walks through SCADA systems used to automate various power systems used in numerous industries. It also details what the system is made up of, how they optimize performance in large-scale systems, and how these systems still poses a threat to a company's vulnerability to data and resources.
SCADA systems automate power systems used in many industries. Here's an inside look at what they are and why you should know about them.
Inside SCADA Systems
A SCADA (supervisory control and data acquisition) is an automation control system that is used in industries such as energy, oil and gas, water, power, and many more. The system has a centralized system that monitors and controls entire sites, ranging from an industrial plant to a complex of plants across the country. A SCADA system works by operating with signals that communicate via channels to provide the user with remote controls of any equipment in a given system. It also implements a distributed database, or tag database, that contains tags or points throughout the plant. These points represent a single input or output value that is monitored or controlled by the SCADA system in the centralized control room. The points are stored in the distributed database as value-timestamp pairs. It's very common to set up the SCADA systems to also acquire metadata, such as programmable logic controller (PLC) register paths and alarm statistics.
While these systems simplify a given infrastructure, their components are quite complex. There are five essential composing parts of a SCADA system:
- Human Machine Interface (HMI)
- supervisory system
- Remote Terminal Units (RTUs)
- Programmable Logic Controllers (PLCs)
- communication infrastructures
The HMI processes data from each tag and sends it to a human operator, where he or she then can monitor or control the system. The supervisory system gathers the data sent from each tag and sends commands or operations to the process. The RTUs connect sensors and convert their signals to digital data and send it to the supervisory system, where it can be stored in a distributed database. PLCs are used as field devices because they are much more versatile and economical than process-specific RTUs. Finally, the communication infrastructure delivers connectivity to the supervisory system and then to the RTUs and PLCs for the user to command. The communication infrastructure is necessary to relay data from remote RTU/PLCs, which run along electric grids, water supplies, and pipelines. Communication is the absolute most essential link for a SCADA system to operate properly; however, how well the system manages communication from HMI to RTUs and PLCs fundamentally determines how successful a SCADA system can be. Below is a figure of what a basic SCADA system might look like for a given infrastructure.
While many power, electric, and water companies still use manual labor to perform measurements and adjustments, these tasks can be easily automated with SCADA systems. With utilization from automation in a framework, labor costs can be cut as well as minimize errors with measurements or adjustments. It may seem that SCADA systems just process and store data in a distributed database, but there's much more complexity to the system itself. The system provides numerous benefits over manual labor such as redundancy adjustments, stable backups of time stamped data, and a secure alarm system. Instead of using humans to check for errors throughout the plant, grid, or pipeline, SCADA uses scripts that detect problems in the system, and quickly adjusts the system from creating an outage. If an outage were to occur that slipped past, a SCADA system's distributed database would help workers instantly identify the location of failure. Also, the automation system significantly increases the time of power restoration that comes with an outage; from the control room, at the press of a button, a worker can enable switches and help reroute power to unaffected sections.
SCADA systems now have the available power of cloud computing; these systems can report close to real-time accuracy and use cloud environments to implement more complex algorithms. These algorithms otherwise would not be implementable on traditional PLCs or RTUs. Without even being at the plant, workers can access computing resources such as networks, storage, servers, and equipment controls. Cloud computing can be supported by two ways: The SCADA system is running on-site, connected to the communication infrastructure directly, and delivering information to the cloud or the SCADAsystem is running completely in the cloud network and remotely connected to the communication infrastructure. As practical as accessing controls to an on-site location might be, cloud computing through SCADA applications is still very vulnerable to cyber attacks. If the system were hit with an attack, hackers could have access to organizational data and resources that could expose the company and inadvertently push customers to another service provider. Below is a figure of what a common SCADA platform looks like utilizing cloud computing methods.
While they were once isolated entities that were at the hands of engineers, operators, and system technicians, SCADA systems didn't always prioritize secure connections to public networks, leaving many SCADA platforms open to attack. Today there are numerous standards that are required for a secure SCADA platform to run and be operated by its users. If any of these procedures and standards are not practiced correctly, the SCADA platform can be left open for attacks or viruses. However, even with all of these procedures and practices, there is a huge lack of authentication in the design and operation of some existing SCADA networks. While these systems control electricity grids, gas and oil pipelines, and water distribution, the security of these systems needs to be developed extremely well because it can cause massive problems to many areas of society.
While SCADA platforms provide a vast number of benefits and reductions of cost and downtime of the system, there are still many security threats that need to be worked out. The drive of SCADA platforms is to provide users with quick access to PLCs/RTUs and provide simplistic integration of equipment controls to user interfaces. These systems can be a great tool, but need to be heavily monitored through HMIs. For example, the system can switch a motor or power on or off and can operate the equipment locally.
Hopefully this article has provided you with a brief amount of information to understand what a SCADA system is, how they are integrated in a company's infrastructure, and how carefully they need to be run on a day-to-day basis to maintain full security. If you have any questions or feedback, be sure to leave a comment!