| Mission Critical Systems for the Energy Industry | | | | for communication between the master station |
| Supervisory Control and Data Acquisition | | | | and communications equipment. |
| (SCADA) systems that collect and manage data | | | | - SCADA systems are becoming ubiquitous. Thin |
| across a large facility from a central computer, | | | | clients, web portals, and web-based products are |
| play a major role in the utility industry, helping to | | | | gaining popularity with most major vendors. The |
| manage large and diverse information loads from | | | | increased convenience of end users viewing their |
| power plants of all types. Interconnectivity has | | | | processes remotely introduces security |
| made these systems increasingly vulnerable to | | | | considerations resulting in SCADA-based systems |
| cyber attacks. | | | | being vulnerable to cyber-attacks. |
| The Growing Vulnerability of SCADA Control | | | | - The mission-critical nature of a large number of |
| Systems | | | | SCADA systems makes them targets of |
| The control systems for the electric grid used to | | | | cyber-terrorist. In a worst case scenario, failure of |
| operate in a stand-alone environment without | | | | a SCADA system could cause massive financial |
| computer or communication links to an external | | | | losses through loss of data or actual physical |
| Information Technology (IT) infrastructure. Over | | | | destruction, misuse or theft, even loss of life, |
| the past fifteen years such stand-alone enclaves | | | | either directly or indirectly. |
| have been increasingly connected to both the | | | | - SCADA systems no longer have the benefit of |
| corporate environment and the external world, | | | | security-through obscurity that may have existed |
| and the utility SCADA systems are no exception. | | | | in the past from the use of specialized protocols |
| Computer and communication network | | | | and proprietary interfaces. Increasingly, SCADA |
| interconnection brings with it thepotential for | | | | networks are being connected to the Internet. |
| cyber attacks on these systems by adversaries. | | | | - Similar to other networked technologies, SCADA |
| This is a critical problem since such an attack can | | | | networks must have physical, administrative, and |
| affect several entities across the country | | | | technical security safeguards. |
| simultaneously. Such attacks have the enhanced | | | | - Security and authentication in designing, |
| potential to cause a cascading negative effect to | | | | deploying, and operating SCADA networks is |
| the Bulk Power System. | | | | paramount. For example, security devices such as |
| SCADA Control System Threats Are More | | | | IPS/IDS, firewalls, and other technological security |
| Vulnerable Than Ever | | | | measures must be deployed to help protect |
| - SCADA systems are coming in line with | | | | SCADA systems. Automated security information |
| standard networking technologies. The current | | | | management solutions are also needed to help |
| generation of SCADA systems is increasingly | | | | consolidate the security logs across the SCADA |
| using open system architecture to distribute | | | | system wide-area network. |
| functionality across a wide-area network (WAN) | | | | |