Secure Your SCADA Network Using Honeypot
Supervisory Control and Data Acquisition (SCADA) is an integrated part of a process control network. By actually damaging some critical infrastructure assets, including a nuclear plant and launch of a satellite, the Stuxnet virus proved the need for proce
Process control and automation systems are the lifelines for critical infrastructure like air traffic control systems, nuclear plants, satellite launch systems, electricity generation, water supplies, oil and gas refineries, and so on. Any disruption to these systems may result in catastrophic risks including loss of human life. Till recently, most of the networking products in the critical infrastructure area were perceived to be in the safe environment. Protocols used for their communication were proprietary and these networks were usually physically isolated from the IT networks.
With new requirements like the access to real-time data, the possibility of inter-communication between products from disparate vendors, connectivity with ERP systems and of course, cost-effectiveness, the standard protocols such as Ethernet and TCP/IP are being adapted to a large extent in process networks. They are also being connected to IT networks, and the Ethernet is now being used as a backbone to connect various devices and run the day to day ease of use and ease of connecting, combining IT and the process control networks has resulted in added risk factors —the latter are now exposed to all the risks associated with the IT network.
A typical process control network (PCN) is categorised by four levels, starting at Level 0. Let us try to understand these levels with an example of temperature control. A temperature sensor (thermometer – Level 0) in the boiler will send the current value of the water’s temperature to the controller. Depending upon the desired target temperature, the temperature controller (Level 1) will switch the heater on or off. In a typical factory, there will be many such controllers connected to a centralised (supervisory) control (Level 2) to ensure synchronisation between various processes. Advanced controllers (Level 3) will be used to optimise the processes. These may include historians (which maintain history of process parameters) or optimisation controllers.
Here, Level 0 signals are typically analogue in nature, and Level 1 to Level 3 can use the Ethernet for connectivity. The business network that is not part of the PCN is considered as Level 4, and care is taken to control access between these two networks only on a need basis. Supervisory Control and Data Acquisition (SCADA), at Level 2, is one of the most important parts of the PCN. It is used to centrally monitor and record various process parameters. Here, the processes may be running at one physical location and SCADA may be located at entirely different locations. As per the requirement, WAN or LAN links are used for interconnection between them.