SCADA (Supervisory Control And Data Acquisition) is a category of software application program for

industrial process control, the gathering of data in 'real-time' from remote locations in order to
control equipment and conditions.

SCADA is a system of software and hardware elements that allows industrial organizations to:

➤ Control industrial processes locally or at remote locations

➤ Monitor, gather, and process real-time data

➤ Directly interact with devices such as sensors, valves, pumps, motors, and more through human-
machine interface (HMI) software

➤ Record events into a log file

SCADA systems are used by industrial organizations and companies in the public and private sectors
to control and maintain efficiency, distribute data for smarter decisions, and communicate system
issues to help mitigate downtime. SCADA is used in power plants as well as in oil and gas refining,
Food and beverage, Telecommunications, Transportation, Water and waste control, Manufacturing,
Recycling, Pharmaceutical/Bio-tech, HVAC and commercial building management, Energy pipelines
and utilities, Energy management and refrigeration, and many more.

__

Evolution of SCADA systems

SCADA found its birth on the floors of industrial organizations or plants. 50-70 years back most such
organisations were dependent on their personnel for controlling and monitoring their equipments
'manually,' via push-buttons and analog dials.

As these industrial floors and their remote sites began to scale out in size, it was not possible for
them to send their personnel over long distances to control the equipments. Industrial organizations
then started to utilize 'relays' and 'timers' to provide some level of supervisory control, so that they
would not have to send people to remote locations to interact with each device. But these Relays
and timers were difficult to reconfigure, troubleshoot and their control panels took up racks upon
racks of space.

In the early 1950s, computers were first developed and used for industrial control purposes,
especially in the major utilities, oil and gas pipelines, and other industrial markets at that time. In the
1960s, telemetry was established for monitoring, which allowed for automated communications to
transmit measurements and other data from remotes sites to monitoring equipment.

The term “SCADA” was coined in the early 1970s, and the rise of microprocessors and PLCs during
that decade greatly contributed to new ability to monitor and control automated processes. This
first generation of SCADA systems started off with mainframe computers. In those days, each SCADA
system stood on its own, as networking of computer systems was not possible.

In the 80s and 90s, smaller computers, LAN technology and PC-based HMI software came to the fore
and SCADA evolved using them. Some sort of network connectivity started to emerge among those,
using the proprietary protocols. These SCADA systems were not capable of communicating to other
vendors' systems.

In the 1990s and early 2000s, there was high adoption of 'Open System' architecture' and network
protocols that were not vendor-specific. Using the distribution system model, SCADA systems
evolved a great deal. These were called networked SCADA systems and they were using the
ETHERNET as communication technology. Networked SCADA systems allowed systems from other
vendors to communicate with each other, alleviating the limitations imposed by older SCADA
systems, and allowed organizations to connect more devices to their networks.

NOW COMES THE SAD PART OF THE STORY...

There was a technology boom in the field of personal computing and IT. When SQL databases were
becoming a norm in IT, they were not adopted by most SCADA developers. The gulf between the
industrial controls systems and IT kept widening with each year of passing. And, SCADA technology
became antiquated over time. SCADA developers were literally forced to stop their obsession with
proprietary technology to handle the 'data' their systems collected. Modern SCADA systems aim to
solve this problem by leveraging the best of controls and IT technology.

Modern SCADA systems allow real-time data from the plant floor to be accessed from 'anywhere' in
the world. This access to real-time information allows governments, businesses, and individuals to
make data-driven decisions about how to improve their processes. Without SCADA software, it
would be extremely difficult if not impossible to gather sufficient data for consistently well-informed
decisions.

The introduction of modern IT standards and practices such as SQL and web-based applications into
SCADA software has greatly improved the efficiency, security, productivity, and reliability of SCADA
systems. One big advantage of using SQL databases with a SCADA system is that it makes it easier to
integrate into existing MES and ERP systems, allowing data to flow seamlessly through an entire
organization.

Historical data from a SCADA system can also be logged in a SQL database, which allows for easier
data analysis through data trending.

There are numerous SCADA platforms on the market; however, the most popular platforms include
Rockwell Factory Talk, Siemens WinCC, Wonderware Systems Platform, and Ignition. Each of these
platforms can be programmed with modern web languages such as HTML5, Python, and PHP, and
integrated with generalized database software such as SQL.

___

How do SCADA systems work?

Using modern SCADA solutions, operators and field supervisors can access actionable data and
manage hundreds of assets without visiting every field device.

SCADA systems include hardware and software components. The hardware gathers and feeds data
into a computer that has SCADA software installed. The computer then processes this data and
presents it in a timely manner. SCADA also records and logs all events into a file stored on a hard disk
or sends them to a printer. SCADA applications warn when conditions become hazardous by
sounding alarms.

The basic SCADA architecture begins with programmable logic controllers (PLCs) or remote terminal
units (RTUs). PLCs and RTUs are microcomputers that communicate with an array of objects such as
factory machines, HMIs, sensors, and end devices, and then route the information from those
objects to computers with SCADA software. The SCADA software processes, distributes, and displays
the data, helping operators and other employees analyze the data and make important decisions.

SCADA provides real-time visibility into your industrial operations. For example, the SCADA system
quickly notifies an machine operator that a batch of products is showing a high incidence of errors.
The operator pauses the operation and views the SCADA system data via an HMI to determine the
cause of the issue. Then he reviews the data and discovers that Machine 4 was malfunctioning. The
SCADA system’s ability to notify the operator of an issue helps him to resolve it and prevent further
loss of product.

__

What are main Components of SCADA systems?

1. REMOTE TERMINAL UNITS (RTUS)

RTUs collect and store information from sensors, then send it to the master terminal unit (MTU),
which is composed of a computer, PLC, and a network server that forms the core of a SCADA system.
An RTU collects and stores data until it receives the appropriate command from the MTU, then
transmits the necessary data. The MTU is then able to communicate with operators and share data
with other systems.

2. HUMAN-MACHINE INTERFACE (HMI)

Within a SCADA system, a human-machine interface is any user interface or dashboard where
operators can interact with a machine, system, or device. It’s where water operators or technicians
can track real-time data on every connected piece of equipment. These user interfaces allow for full
remote control of your assets. This enables operators to monitor machine 'input' and 'output,'
oversee their key performance indicators (KPIs), track production time and trends, and visually
display data across the SCADA system.

HMIs are used to interact with machines and optimize their processes. They can take the form of
computer monitors, tablets, and screens built onto machines themselves, which provide insight into
the performance and progress of the mechanical system. For example, an operator on the floor level
of an industrial plant could use an HMI to control and monitor the temperature of a water tank or
monitor the performance of a pump within the facility.

3. COMMUNICATIONS NETWORK

The communications network is the connection between the RTU and the MTU, which enables data
to be transmitted between the two units. It can be wired- or wireless network. Now a days, wireless
communication is more prevalent and it is bidirectional. It is used for networking purposes,
alongside other communication processes and equipment, such as fiber optic cables and twisted pair
cables.

4. INPUTS

SCADA systems rely on inputs that are read and written by a PLC (Programmable Logic Controllers)
to log and store data. What is a PLC, you may ask. It is a mini-computer that sits within a SCADA
network and collects inputs and outputs from devices in the system. The PLC monitors the state of
inputs, such as the speed and performance of a motor, then uses this insight to output signals to
devices, such as stop or slow down the motor.

__

Key Security Concerns with SCADA

As you know now that SCADA systems use computers, networks, and graphical human-machine
interfaces (HMIs) to provide high-level control, management, and supervision of industrial
processes. Although SCADA networks are crucial to industrial operations but they are made up of
hardware and software. That's why, they can easily fall prey to hacking, which makes SCADA security
increasingly important for you.

However, some of ICS/SCADA networks are particularly vulnerable to attacks by hackers, insider
threats, and even terrorists. For example, ICS firm Schneider Electric was attacked by sophisticated
hackers who launched a targeted zero-day attack on Schneider's systems in 2018. The attack used a
remote access Trojan, the first of its kind to infect safety-instrumented systems equipment, which is
crucial to monitoring utility firms’ critical systems. The firm released a firmware update and issued
advice and tools for customers to detect and mitigate the attack.

Common weaknesses of SCADA systems include the followings:

➤ A lack of security around 'Application development,'

➤ Issues with SCADA systems monitoring,

➤ A lack of maintenance or updates to the software, etc

All these weaknesses thus create some serious security gaps.

Another key threat to SCADA systems is a lack of security training for employees, who need to
understand the potential threats they face and how to spot a potential cyberattack.

Security of SCADA systems is key component of protection of Operational Technology (OT). But you
need specialized solutions from security vendors which are specially designed for ICS/SCADA
security. These SCADA security solutions, protects SCADA networks and prevents vulnerabilities from
being exploited by cyber criminals.

Avoiding potential security issues is reliant on documenting and mapping where systems connect to
the internet and other internal networks and the people who have access to them. This provides
insight into all potential data 'entry' and 'exit' points, which helps organizations monitor for
cyberattacks.

Your organization also need to implement appropriate detection and monitoring systems that can
prevent attacks and 'malware injection.'

You must ensure procedures are in place around network security, including report monitoring,
standard protocols, and security checks, which will help you address new and existing vulnerabilities.