Protect Your Industrial Control Systems with EKS/SCADA Security Services!
SCADA, which stands for Supervisory Control and Data Acquisition, is the general name for a system that is created from remotely controllable and monitored computers, communication devices, sensors, or other devices.
SCADA systems can be used in various fields such as hydroelectric, nuclear power generation, natural gas production and processing facilities, operation of pumps, valves, and flow measurement equipment in gas, oil, chemical, and water pipelines, control of switching devices in kilometer-long power transmission lines, and balancing sudden load changes in lines.
SCADA systems consist of both hardware and software. Typical hardware includes a Master Terminal Unit (MTU) placed in a control center, communication equipment (e.g., radio, telephone line, cable, or satellite), and one or more geographically distributed field areas consisting of a Remote Terminal Unit (RTU) or Programmable Logic Controller (PLC) that controls actuators or monitors. While the MTU controls local processing, it stores and processes information from RTU inputs and outputs. The communication hardware allows information and data to be transferred between MTUs and RTUs or PLCs. The software is programmed to determine when the system should be monitored, acceptable parameter ranges, and the responses to initiate when parameters change beyond acceptable values.
Having the capability to remotely monitor and control large industrial systems allows companies and industries to expand their capabilities to offer more services, while making data accessible to personnel responsible for the operation and engineering of technologies.
SCADA systems are used for monitoring and controlling processes, creating an infrastructure for production control and monitoring in factories using various tools (RTU, PLC, etc.) for processes such as tracking raw materials, production, and finished goods. With the possibilities provided by this infrastructure, an ideal structure can be achieved by establishing the necessary connections with Manufacturing Resource Planning (MRPII) and Enterprise Resource Planning (ERP) systems as much as possible.
The literature on cyber attacks known for SCADA systems has been analyzed in this study. Additionally, statistics of industrial communication protocols used in ICS have been extracted, and it has been determined that Modbus TCP is the most commonly used protocol among them. Furthermore, it has been observed that Modbus TCP protocol does not perform source IP address control, and this could pose a security risk that could be exploited. Vulnerabilities of components constituting SCADA systems and the industrial protocols used in their communication are explained, aiming to improve the security of the Modbus TCP protocol.
AGA: American Gas Association
API: American Petroleum Institute
ARP: Address Resolution Protocol
CIP: Critical Infrastructure Protection
CPNI: Center for the Protection of National Infrastructure
DDOS: Distributed Denial of Service
DHS: Department of Homeland Security
DNP3: Distributed Network Protocol 3
DOS: Denial of Service
EKS: Industrial Control System (Endüstriyel Kontrol Sistemi in Turkish)
GRI: Gas Research Institute
HMI: Human-Machine Interface
IED: Intelligent Electronic Device
IGT: Gas Technology Institute
ISO: International Organization for Standardization
MITM: Man-in-the-Middle Attack
MTU: Master Terminal Unit
NERC: North American Electric Reliability Corporation
NIST: National Institute of Standards and Technology
NSTB: National SCADA Test Bed
OSI: Open Systems Interconnection
PLC: Programmable Logic Controller
RINSE: Real-Time Integrated Network Simulation Environment
RTU: Remote Terminal Unit
SCADA: Supervisory Control and Data Acquisition
SQL: Structured Query Language
STS: Security Token Service