Like a mail-sorting system used by the USPS. Went around teaching all the
regional offices how to startup/use the machine, it included a PC interface.
First thing one guy did was 'prove' how unreliable it was by hitting F2
during the boot up, go into the PC bios and screw it all up. He wanted to
make the point that 'the new system let me screw it up!'
The solution to that is to have the automation LAN isolated and separate
from the corporate LAN. That's what one of our clients has, and it works
very well for them. Except for the ABB Advant Unix boxes, all of the
automation PC's run Windows and their specific app - Xterminals,
DeltaV, Wonderware or iFix. There are also several Windows PC's
on the corporate LAN in the control rooms, and everyone has an
account on the domain. These are used for email, online training,
record keeping, and the other usual stuff.
Baddly designed or just old SCADA systems can be vulnerable to
cyberwarefare/cyberterrorism attacks, no matter if they
use TCP/IP or not. A modern well designed SCADA system
based on TCP/IP protocols can be safer than many older systems
bacause uf the use of modern data encryption and authentication
That are many old system nowadays in use that have quite poor
security on their communications. There are many systems in use
that use radio communications with a protocol that does not
use any ancryption or reliable authentication. You just need
a suitable radio and modem to be able to control the devices
on the field (you need to get to know the used protocol and
device addresses). Not very secure.
Tomi Engdahl (http://www.iki.fi/then /)
Take a look at my electronics web links and documents at
For office IT networks, sure, but how many hackers would even know what an
Industrial Ethernet packet looked like, let alone how to manipulate it to
their own purposes? It would look like garbled rubbish to them even if
unencrypted and unauthenticated.
Tomi, I think you've been watching too many movies..
I, for one, am not convinced that hacking into a radio network is as easy as
you say. You certainly need more than a radio and a modem. For starters,
you need to know:
1. The frequency band and specific frequencies in use and hope it doesn't
2. What brand/model of equipment is installed to know which protocols are
3. The configuration and addressing used on the network.
4. The configuration and routing for the field devices (I/O numbering, etc.)
Jamming it is easy - but then most radio-based systems would have some kind
of hard-wired fallback (eg. leased-line), so that won't do much except ring
Even as the *designer* of many such systems, I'm not sure I could "hack in"
unless I had deliberately left a back door open somewhere and then later
remembered to document it someplace.
I know what I've used. Where I used to work we did many water and
wastewater projects with radio telemetry. If we had favorable conditions,
we used Microwave Data Systems radio modems for the unlicensed
928MHz spread-spectrum band. When more power was required, we
used EF Johnson VHF or UHF radio modems, for which the owner had
to have the frequencies licensed.
This is in the U.S. Your local rules, available products and mileage will
SCADA systems allow one to monitor and control equipment from a remote
location. That's the advantage. The disadvantage is that they cost money
to install and maintain, add additional system failure modes and can be
a security loophole.
Paul Hovnanian mailto: snipped-for-privacy@Hovnanian.com
Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here.
All logos and trade names are the property of their respective owners.