1. Home
  2. ⧑ Industrial Control Group
  3. Advantages & Disadvantage of SCADA system?
  4. Page 2

Advantages & Disadvantage of SCADA system?

Baddly designed or just old SCADA systems can be vulnerable to cyberwarefare/cyberterrorism attacks, no matter if they use TCP/IP or not. A modern well designed SCADA system based on TCP/IP protocols can be safer than many older systems bacause uf the use of modern data encryption and authentication tools. That are many old system nowadays in use that have quite poor security on their communications. There are many systems in use that use radio communications with a protocol that does not use any ancryption or reliable authentication. You just need a suitable radio and modem to be able to control the devices on the field (you need to get to know the used protocol and device addresses). Not very secure.

Reply to
Tomi Holger Engdahl
Loading thread data ...

For office IT networks, sure, but how many hackers would even know what an Industrial Ethernet packet looked like, let alone how to manipulate it to their own purposes? It would look like garbled rubbish to them even if unencrypted and unauthenticated.

Tomi, I think you've been watching too many movies..

I, for one, am not convinced that hacking into a radio network is as easy as you say. You certainly need more than a radio and a modem. For starters, you need to know:

  1. The frequency band and specific frequencies in use and hope it doesn't use spread-spectrum.
  2. What brand/model of equipment is installed to know which protocols are supported.
  3. The configuration and addressing used on the network.
  4. The configuration and routing for the field devices (I/O numbering, etc.)

Jamming it is easy - but then most radio-based systems would have some kind of hard-wired fallback (eg. leased-line), so that won't do much except ring alarm bells.

Even as the *designer* of many such systems, I'm not sure I could "hack in" unless I had deliberately left a back door open somewhere and then later remembered to document it someplace.

Cameron:-)

Reply to
Cameron Dorrough

On Tue, 06 Mar 2007 04:57:06 GMT, "Mike Lamond" proclaimed to the world:

Well that was what the view software was advertised to do. I don't think it is a bad thing in itself, you just have to look at failure modes and build decent security. Who wants to take over a waste water plant anyway?

Everyone seems to bring security issues up but how often has hackers caused any problems in an industrial control situation? I am also not saying to leave the door open either. I hear and suffer through a lot of security installed because of trade secrets protection. I wonder how much of this really goes on. Trade secrets tend to be inside jobs.

Reply to
Paul M

See: "Hacker jailed for revenge sewage attacks"

formatting link
An Australian man was today sent to prison for two years after he was found guilty of hacking into the Maroochy Shire, Queensland computerised waste management system and caused millions of litres of raw sewage to spill out into local parks, rivers and even the grounds of a Hyatt Regency hotel.

"Marine life died, the creek water turned black and the stench was unbearable for residents," said Janelle Bryant of the Australian Environmental Protection Agency.

John Nagle

Reply to
John Nagle

Reply to
will.lynelle

Reply to
Bruce Durdle

Hello

Could yu reccomend me for drinking water scada a radio modem pls? what do you recommend me half-duplex or full-duplex ?

Do you know the best one ?

thank you

Reply to
zarlino

On Wed, 07 Mar 2007 06:25:11 GMT, John Nagle proclaimed to the world:

This was someone who was involved in installing the control system. That is a lot different from someone doing this cold. I mentioned somewhere that most security breaches had an inside man involved, as was this. Even the most secure systems can be defeated by someone working on the inside to create holes in the system.

Reply to
Paul M

You might as well ask about what kind of car is "best." There are features a particular radio is good for. There are also costs. You haven't even mentioned on what bands this radio is supposed to operate, whether this is to be licensed or unlicensed operation, what power systems are available, how much space is required, and what the operating environment is supposed to be like.

More than that, however, you should be concerned with antenna sites, and path profiles.

I don't have an answer for you. In fact, anyone who does has no clue what you're really asking for. I recommend you consult with an engineer who has experience in this area. There are no simple answers here.

Jake Brodsky

Reply to
Jake Brodsky

Like a mail-sorting system used by the USPS. Went around teaching all the regional offices how to startup/use the machine, it included a PC interface.

First thing one guy did was 'prove' how unreliable it was by hitting F2 during the boot up, go into the PC bios and screw it all up. He wanted to make the point that 'the new system let me screw it up!'

daestrom

Reply to
daestrom

I know what I've used. Where I used to work we did many water and wastewater projects with radio telemetry. If we had favorable conditions, we used Microwave Data Systems radio modems for the unlicensed

928MHz spread-spectrum band. When more power was required, we used EF Johnson VHF or UHF radio modems, for which the owner had to have the frequencies licensed.

This is in the U.S. Your local rules, available products and mileage will vary.

Mike

Reply to
Mike Lamond

..which probably explains why virtually every BIOS now includes password protection. A no-cost adder that allows COTS equipment in "hostile user" (as opposed to "user hostile") environments.

--Gene

Reply to
Gene S. Berkowitz

SCADA systems allow one to monitor and control equipment from a remote location. That's the advantage. The disadvantage is that they cost money to install and maintain, add additional system failure modes and can be a security loophole.

Reply to
Paul Hovnanian P.E.

PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.