- This topic has 1 voice and 0 replies.
-
Posts
-
-
#News(Security) [ via IoTForIndiaGroup ]
Water utilities operate many kilometers of water pipes, pumping stations, reservoirs. Furthermore, they operate tens of lift stations, pressure modulators, treatment plants based in dispersed locations. These remote-controlled installations utilize mostly wireless communications (licensed, unlicensed, analog, digital, cellular, etc. media) and the equipment at these sites is continuously controlled by a Supervisory Control and Data Acquisition (SCADA) system. This paper highlights the most typical cyber defense challenges, and best practice guidelines for the deployment of effective and cost-aware cyber defense for water and sewage systems.
SCADA system risks
SCADA cyber security experts are well aware the fact that there is no single measure (no matter how expensive or advanced) that provides absolute cyber protection for water, sewage and other SCADA installations. Implementation of incremental cyber defense measures to the existing systems by deploying upgrades and add-on solutions helps achieving the goals. But (!), in reality, it doesn’t matter how much money your organization spends on the latest cyber security hardware, software, training; if your mission-critical systems are computer-based and connected in some form to the internet, they can never be made absolutely cyber secured. Securing SCADA systems always require understanding the control process, careful evaluation of the computer hardware, operating system, communication network and application software.
Most water and sewage SCADA architectures consist one or several MS WindowsTM based control center, a variety of Remote Terminal Units (RTUs), Programmable Logic Controllers (PLCs) and a SCADA-Data network combining physical and wireless media. In the past, all control architectures focused on achieving operational reliability and safety and use of outdated hardware and operating system software was not considered as a risk. Prior defining the technical solution for defending your water and sewage infrastructure, first you must compile and analyze the list of expected threats and associated risks. When SCADA Cyber security experts review the operating process towards achieving higher cyber defense, they shall always start with identifying and defining the potential risks related to the control process that might result from hostile exploitation of vulnerabilities.
-
- You must be logged in to reply to this topic.
