Author Daniel Ehrenreich, SCCE

Supervisory Control and Data Acquisition (SCADA) experts are well aware that there is no single measure (“no silver bullet”) that provides absolute cyber defense. Utilities are considered critical infrastructures, as they directly affect the welfare and health of the population. They must take all precautions and deploy applicable technologies to be prepared for unexpected events, and in spite of using legacy and outdated hardware, operating system and communications they must be ready for these challenges. With the growth of cyber-attack capabilities by hackers who are directed by countries and hostile organizations, protecting SCADA systems, especially the legacy types have become a challenging task. Realizing the threats caused by maintenance mistakes, operator errors and malfunctions, an effective approach is needed which is capable to assure the Safety and Reliability of these infrastructure.

In the past the cyber security of SCADA systems mostly relied on using air-gap isolation, firewalls, unidirectional gateways (diode), Demilitarized Zone (DMZ) for network segmentation, etc. The recent industry trend refers to use of Anomaly Behavior Analysis using Big Data techniques, performing the function of Industrial Intrusion Detection System (IIDS). One may ask; why this method delivers more effective cyber defense than those provided by other cyber defense technologies. There are several reasons for that:

Capable collecting raw data from SCADA servers and historian databases and perform fast analysis

Effective for detecting internally and externally generated cyber attacks, targeted to the SCADA system

Does not rely on defense methods based on published signatures and known vulnerabilities.

Capable detecting cyber attacks, operator mistakes and unusual situations caused by a malfunction

Analyzing both communication anomalies and process-control anomalies, based on learned baseline

Does not interfere with the SCADA operation and does not overload SCADA server processes

Effectively deal with Denial of Service (DoS), Distributed DoS and Zero-Day attacks on the system

Effective for protecting modern as well as legacy type SCADA systems using range of RTUs and PLCs

These IIDS use strong computers, are scalable and expandable as your system and needs grow

Easy for installation and deployment, does not require costly training, operates automatically

Capable analyzing and detecting not optimal SCADA process, and generate saving opportunities

Interoperable with Security Information and Event Management (SIEM) from a range of other vendors

Equally effective for large scale Energy Management as well as power distribution systems (EMS, DMS)

Capable operating with large scale Distributed Control Systems (DCS) controlling power plant operation

The IIDS software us upgradeable and remotely updateable through service contract with the vendor

While today’s cyber attacks are done by professional entities operated by hostile countries and commercial organizations the cyber defense challenges have become more complex. The conclusion is, that special attention is required and systematic investment shall be allocated to achieve continuous, safe and reliable operation of the water and sewage infrastructure for the well-being of the people in the country.

Share with your friends

No comments yet.

Leave a Reply

You must be logged in to post a comment.