This is a test
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Securing SCADA Systems
Book details
Book preview
Table of contents
Citations
About This Book
- Bestselling author Ron Krutz once again demonstrates his ability to make difficult security topics approachable with this first in-depth look at SCADA (Supervisory Control And Data Acquisition) systems
- Krutz discusses the harsh reality that natural gas pipelines, nuclear plants, water systems, oil refineries, and other industrial facilities are vulnerable to a terrorist or disgruntled employee causing lethal accidents and millions of dollars of damage-and what can be done to prevent this from happening
- Examines SCADA system threats and vulnerabilities, the emergence of protocol standards, and how security controls can be applied to ensure the safety and security of our national infrastructure assets
Frequently asked questions
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlegoās features. The only differences are the price and subscription period: With the annual plan youāll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weāve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Securing SCADA Systems by Ronald L. Krutz in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.
Information
CHAPTER 1
What Is a SCADA System?
Supervisory control and data acquisition (SCADA) systems are vital components of most nationsā critical infrastructures. They control pipelines, water and transportation systems, utilities, refineries, chemical plants, and a wide variety of manufacturing operations.
SCADA provides management with real-time data on production operations, implements more efficient control paradigms, improves plant and personnel safety, and reduces costs of operation. These benefits are made possible by the use of standard hardware and software in SCADA systems combined with improved communication protocols and increased connectivity to outside networks, including the Internet. However, these benefits are acquired at the price of increased vulnerability to attacks or erroneous actions from a variety of external and internal sources.
This chapter explores the evolution of SCADA systems, their characteristics, functions, typical applications, and general security issues.
History of Critical Infrastructure Directives
In 1996, Presidential Executive Order 13010 established the Presidentās Commission on Critical Infrastructure Protection (PCCIP) to explore means to address the vulnerabilities in the U.S. critical infrastructure. Internet-based attacks and physical attacks were two of the major concerns that were to be considered by the committee. As a result of the committeeās efforts, the FBI National Infrastructure Protection Center (NIPC) and the Critical Infrastructure Assurance Office (CIAO) were established in May 1998 by Presidential Decision Directive 63 (PDD 63). The main function of the NIPC was to conduct investigations relating to attacks against the critical infrastructure and issue associated warnings, when appropriate. The CIAO was designated as the main entity for managing the U.S. critical infrastructure protection (CIP) efforts, including coordinating the efforts of the different commercial and industrial entities affected.
As a consequence of the CIAO activities, the Communications and Information Sector Working Group (CISWG) was established with the mission to āpromote information sharing and coordinated action to mitigate CIP risk and vulnerabilities in all levels of the Information and Communications (I&C) Sector.ā In addition, companies in eight critical industry sectors established a related entity, the Partnership for Critical Infrastructure Security (PCIS). The PCIS was formed to mitigate the vulnerabilities caused by the interdependence of many commercial and industrial organizations.
In response to the September 11, 2001 attacks, the president, on October 8, 2001, established the Presidentās Critical Infrastructure Board (PCIB), the Office of Homeland Security, and the Homeland Security Council with Executive Order 13228. Also in October 2001, the USA Patriot Act was passed to provide U.S. government law enforcement agencies with increased authority to perform searches, monitor Internet communications, and conduct investigations.
On the economic front, in February 2003, President George W. Bush appointed the 30-member National Infrastructure Advisory Council (NIAC) from the private sector, state and local governments, and academia. NIACās charter is to advise the president on information system security issues related to the various U.S. business sectors. Around the same time, President Bush issued Executive Order 1327, which discontinued the PCIB. This action was necessary because the functions of the PCIB were assumed by the Department of Homeland Security.
President Bush, in December 2003, announced Homeland Security Presidential Directives HSPD-7 and HSPD-8. HSPD-7 is a modification of PDD 63 that delineates the national policy and responsibilities of the executive departments, government corporations as defined by 5 U.S.C. 103(1), and the United States Postal Service relating to protection of the critical infrastructure. These are the executive departments:
- ā The Department of Homeland Security
- ā The Department of State
- ā The Department of the Treasury
- ā The Department of Defense
- ā The Department of Justice
- ā The Department of the Interior
- ā The Department of Agriculture
- ā The Department of Commerce
- ā The Department of Labor
- ā The Department of Housing and Urban Development
- ā The Department of Transportation
- ā The Department of Energy
- ā The Department of Education
- ā The Department of Veterans Affairs
HSPD-8 focuses on preparedness to prevent and respond to domestic terror attacks, disasters, and emergencies.
Figure 1-1 illustrates the timeline of the major activities relating to CIP in the United States.
SCADA System Evolution, Definitions, and Basic Architecture
Supervisory control and data acquisition (SCADA) means different things to different people, depending on their backgrounds and perspectives. Therefore, it is important to review the evolution of SCADA and its definition as understood by professionals and practitioners in the field.
Figure 1-1 Timeline of U.S. critical infrastructure protection activities
SCADA Evolution
The scope of SCADA has evolved from its beginnings in the 1960s. The advent of low-cost minicomputers such as the Digital Equipment Corporation PDP-8 and PDP-11 made computer control of process and manufacturing operations feasible. Programmable logic controllers (PLCs) progressed simultaneously. These latter devices implemented traditional relay ladder logic to control industrial processes. PLCs appealed to traditional control engineers who were accustomed to programming relay logic and who did not want to learn programming languages and operating systems. When microcomputers were developed, they were programmed and packaged to emulate PLCs in function, programming, and operation. In fact, competition developed between the two approaches and continues to this day.
Initially, control systems were confined to a particular plant. The associated control devices were local to the plant and not connected to an external network. The early control systems consisted of a central minicomputer or PLC that communicated with local controllers that interfaced with motors, pumps, valves, switches, sensors, and so on. Figure 1-2 illustrates this architecture.
This architecture is sometimes referred to as a distributed control system. Such systems are generally confined to locations close to each other, normally use a high-speed local network, and usually involve closed loop control. As a necessary requirement for the operation of these systems, companies and vendors developed their own communication protocols, many of which were proprietary.
Figure 1-2 Typical local control system
As the technical capabilities of computers, operating systems, and networks improved, organizational management pushed for increased knowledge of the real-time status of remote plant operations. Also, in organizations with a number of geographically separated operations, remote data acquisition, control, and maintenance became increasingly attractive ...
Table of contents
- Cover
- Table of Contents
- Title
- Copyright
- Dedication
- About the Author
- Credits
- Acknowledgments
- Introduction
- CHAPTER 1: What Is a SCADA System?
- CHAPTER 2: SCADA Systems in the Critical Infrastructure
- CHAPTER 3: The Evolution of SCADA Protocols
- CHAPTER 4: SCADA Vulnerabilities and Attacks
- CHAPTER 5: SCADA Security Methods and Techniques
- CHAPTER 6: SCADA Security Standards and Reference Documents
- CHAPTER 7: SCADA Security Management Implementation Issues and Guidelines
- CHAPTER 8: Where We Stand Today
- APPENDIX A: Acronyms and Abbreviations
- APPENDIX B: System Protection Profile ā Industrial Control Systems
- APPENDIX C: Bibliography
- Index
- End User License Agreement