Schweitzer Fachinformationen
Wenn es um professionelles Wissen geht, ist Schweitzer Fachinformationen wegweisend. Kunden aus Recht und Beratung sowie Unternehmen, öffentliche Verwaltungen und Bibliotheken erhalten komplette Lösungen zum Beschaffen, Verwalten und Nutzen von digitalen und gedruckten Medien.
Supervisory control and data acquisition (SCADA) systems are vital components of most nations' critical infrastructures. They control pipelines, water and transportation systems, utilities, refineries, chemical plants, and a wide variety of manufacturing operations.
SCADA provides management with real-time data on production operations, implements more efficient control paradigms, improves plant and personnel safety, and reduces costs of operation. These benefits are made possible by the use of standard hardware and software in SCADA systems combined with improved communication protocols and increased connectivity to outside networks, including the Internet. However, these benefits are acquired at the price of increased vulnerability to attacks or erroneous actions from a variety of external and internal sources.
This chapter explores the evolution of SCADA systems, their characteristics, functions, typical applications, and general security issues.
In 1996, Presidential Executive Order 13010 established the President's Commission on Critical Infrastructure Protection (PCCIP) to explore means to address the vulnerabilities in the U.S. critical infrastructure. Internet-based attacks and physical attacks were two of the major concerns that were to be considered by the committee. As a result of the committee's efforts, the FBI National Infrastructure Protection Center (NIPC) and the Critical Infrastructure Assurance Office (CIAO) were established in May 1998 by Presidential Decision Directive 63 (PDD 63). The main function of the NIPC was to conduct investigations relating to attacks against the critical infrastructure and issue associated warnings, when appropriate. The CIAO was designated as the main entity for managing the U.S. critical infrastructure protection (CIP) efforts, including coordinating the efforts of the different commercial and industrial entities affected.
As a consequence of the CIAO activities, the Communications and Information Sector Working Group (CISWG) was established with the mission to "promote information sharing and coordinated action to mitigate CIP risk and vulnerabilities in all levels of the Information and Communications (I&C) Sector." In addition, companies in eight critical industry sectors established a related entity, the Partnership for Critical Infrastructure Security (PCIS). The PCIS was formed to mitigate the vulnerabilities caused by the interdependence of many commercial and industrial organizations.
In response to the September 11, 2001 attacks, the president, on October 8, 2001, established the President's Critical Infrastructure Board (PCIB), the Office of Homeland Security, and the Homeland Security Council with Executive Order 13228. Also in October 2001, the USA Patriot Act was passed to provide U.S. government law enforcement agencies with increased authority to perform searches, monitor Internet communications, and conduct investigations.
On the economic front, in February 2003, President George W. Bush appointed the 30-member National Infrastructure Advisory Council (NIAC) from the private sector, state and local governments, and academia. NIAC's charter is to advise the president on information system security issues related to the various U.S. business sectors. Around the same time, President Bush issued Executive Order 1327, which discontinued the PCIB. This action was necessary because the functions of the PCIB were assumed by the Department of Homeland Security.
President Bush, in December 2003, announced Homeland Security Presidential Directives HSPD-7 and HSPD-8. HSPD-7 is a modification of PDD 63 that delineates the national policy and responsibilities of the executive departments, government corporations as defined by 5 U.S.C. 103(1), and the United States Postal Service relating to protection of the critical infrastructure. These are the executive departments:
HSPD-8 focuses on preparedness to prevent and respond to domestic terror attacks, disasters, and emergencies.
Figure 1-1 illustrates the timeline of the major activities relating to CIP in the United States.
Supervisory control and data acquisition (SCADA) means different things to different people, depending on their backgrounds and perspectives. Therefore, it is important to review the evolution of SCADA and its definition as understood by professionals and practitioners in the field.
Figure 1-1 Timeline of U.S. critical infrastructure protection activities
The scope of SCADA has evolved from its beginnings in the 1960s. The advent of low-cost minicomputers such as the Digital Equipment Corporation PDP-8 and PDP-11 made computer control of process and manufacturing operations feasible. Programmable logic controllers (PLCs) progressed simultaneously. These latter devices implemented traditional relay ladder logic to control industrial processes. PLCs appealed to traditional control engineers who were accustomed to programming relay logic and who did not want to learn programming languages and operating systems. When microcomputers were developed, they were programmed and packaged to emulate PLCs in function, programming, and operation. In fact, competition developed between the two approaches and continues to this day.
Initially, control systems were confined to a particular plant. The associated control devices were local to the plant and not connected to an external network. The early control systems consisted of a central minicomputer or PLC that communicated with local controllers that interfaced with motors, pumps, valves, switches, sensors, and so on. Figure 1-2 illustrates this architecture.
This architecture is sometimes referred to as a distributed control system. Such systems are generally confined to locations close to each other, normally use a high-speed local network, and usually involve closed loop control. As a necessary requirement for the operation of these systems, companies and vendors developed their own communication protocols, many of which were proprietary.
Figure 1-2 Typical local control system
As the technical capabilities of computers, operating systems, and networks improved, organizational management pushed for increased knowledge of the real-time status of remote plant operations. Also, in organizations with a number of geographically separated operations, remote data acquisition, control, and maintenance became increasingly attractive from management and cost standpoints. These capabilities are known collectively as supervisory control and data acquisition or SCADA.
Listed here are two typical definitions of a SCADA system and the source of each definition:
Additional definitions associated with SCADA systems are given in Table 1-1. This listing is not meant to be all-inclusive, but describes some important terms used in the application of SCADA systems.
Table 1-1 SCADA-Related Definitions
Dateiformat: ePUBKopierschutz: Adobe-DRM (Digital Rights Management)
Systemvoraussetzungen:
Das Dateiformat ePUB ist sehr gut für Romane und Sachbücher geeignet – also für „fließenden” Text ohne komplexes Layout. Bei E-Readern oder Smartphones passt sich der Zeilen- und Seitenumbruch automatisch den kleinen Displays an. Mit Adobe-DRM wird hier ein „harter” Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.Bitte beachten Sie: Wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!
Weitere Informationen finden Sie in unserer E-Book Hilfe.
