Observations and Conclusions

This TIB has presented an overview of SCADA system, relevant to the NCS in support of their NS/EP and CIP missions. SCADA systems have been used for years in the utilities industry with great success.  Now more than ever, it is important that our critical infrastructures such as power grids, water processing systems, and the Public Switched Network (PSN), be monitored and protected. SCADA architectures, protocols, typical deployments, and security vulnerability concerns have been addressed.  

The following observations and conclusions are provided:

•        Today’s SCADA systems are able to take advantage of the evolution from mainframe based to client/server architectures. These systems use common communications protocols like Ethernet and TCP/IP to transmit data from the field to the central master control unit.

•        SCADA protocols have also evolved from closed proprietary systems to an open system, allowing designers to choose equipment that can help them monitor their unique system using equipment from variety of vendors

•        SCADA systems are widely used to monitor and control U.S. critical infrastructure utilities such as Electrical Power Plants and Water Distribution Centers

•        SCADA systems, like other computer systems, are subject to many common security attacks such as viruses, denial of service, and hijacking of the system

•        Because SCADA systems use leased telephone lines, twisted pair cable, microwave radio, and spread spectrum techniques, they have many of the same security vulnerabilities

•        While SCADA protocols are more open today, there is no clear consensus of which protocol is best.  IEC 60870-5 series and DNP3 have many similarities but are not 100% compatible. 

•        UCA 2.0, developed by EPRI, has been published by the IEEE as a Technical Report and submitted to IEC for review. UCA is a new SCADA protocol that may replace both DNP3 and IEC 60870-5.