Page 33 - index
P. 33
SCADA apps are also available for many multi Industries Inductive Automation is the top firm
to start a successful SCADA apps to maintain a perfect security just like our android and IOS
apps to protect our phones. In order to meet the future power systems we have to deal
SCADA issues with flexible and in a secure way that technological and methodological
changes must be addressed in global terms. SCADA and ICS software/hardware do not go
through the same rigorous security lifecycle process as Information Technology systems.
These systems lag the IT world typically by 10 to 15 years so we are only recently seeing the
large control systems vendors building plants to test their products for security flaws
although till now these systems are not tested for a simple buffer flow also and 753 percent
increase in vulnerability disclosures to ICS over past years. Most of the vulnerability
reporters have been from researchers without a ICS background. I feel many are developing
an interest in SCADA systems seeing the connections between cyber and kinetic world.
Traditional problems in SCADA
The people who run the plant are trying to squeeze the maximum amount of yield from their
plant. Shutting down a SCADA system so that it can be patched and tested may literally cost
them millions of dollars per hour. Furthermore, the cost of upgrading is not looked upon
kindly unless it's going to help you create more of product X at a lower price. You may argue
that the greater good is more important than money but these guys aren't listening to that.
IT is often outsourced to third parties in order to control costs. The downside of ceding
control of your own infrastructure is that even something mundane like changing a firewall
rule has a process which costs money and resources.
These industries are rife with rules and regulations that further inflate the cost of patching
systems. In the pharmaceutical industry the cost of applying a single patch may run well into
the millions of dollars because every change has to be meticulously audited. There is an old-
school engineering mentality that is pervasive based on the old adage "if it ain't broke don't
fix it".
No person involved in the industry wants to find problems. They want the plant to produce
and they expect the hardware and software they buy to produce - untouched - for 20-30
years. A good start to fixing things would be to air gap the SCADA network from the internet,
and if connecting is necessary at all, to use a good double firewall with hardened DMZ
(Demilitarized zone) machine in between. The DMZ can be locked down hard and updated
carefully, and it doesn't need to ever hold systems that need careful certifying as it should
never be in the control loop; just out of band monitoring.
SACAD in cloud is faster but also too dangerous
In my view factories in the future will have full scale wireless networks supporting a robotized
production process and safety control mechanism. Operating personnel in future factories
confined to work stations inside control rooms. The tablets and mobile platforms will allow
them to track on site going process from their devices on the move. The emergence and
adoption of cloud computing will enable factories access relevant strategic data from the
! " $
! # ! "
