What are SCADA Systems and what is their implication in cybersecurity context?
Supervisory control and data acquisition (SCADA) is a system of software and hardware components that allows organizations to control and monitor industry control systems (ICS). Moreover, SCADA systems are critical systems for industrial organizations such electrical grids, water utilities, aviation systems, and nuclear plants. They are capable of maintaining efficiency and performance, processing industrial data for smarter decision making, and communicating system glitches before triggering any sort of system downtime.
SCADA systems architecture is comprised of programming logic controllers (PLCs), remote terminal units (RTU), SCADA programming, communication interfaces, human-machine interface (HMI), sensors and supervisory systems. The PLC and RTU components of the architecture are microcomputers that facilitate communication with HMI, sensors, supervisory systems and other factory machines and objects. And these devices and systems transfer the information to other computers that host the SCADA software. The SCADA software in turn processes , distributes and displays the data for analysts and decision makers.
Industrial control systems (ICS) and operational technologies (OT) have become the target of recent cyberattacks. And they should be protected by techniques such as access controls, monitoring systems, antimalware, regular updates/patches, disable default credentials, and security awareness training to name just a few.