SCADA (Supervisory control and data acquisition systems are systems that maintain critical infrastructure that everyone relies on. As such, they require protection from external influences that try to bring them down. This act has catastrophic implications for the people who depend on these systems. For instance, a catastrophic failure of an interconnected electrical grid resulting in nationwide blackouts, or a gas pipeline explosion due to the failure of a SCADA ICS systems are some of the worst-case scenarios to think about.

These SCADA systems come under the umbrella of larger systems known as “Industrial Control Systems” (ICS). These system control and monitor several processes, including physical operations upon which critical infrastructure delivery rests upon. SCADA ICS systems were initially designed with functionality as the key focus, with little or no thought to its security. SCADA security is now a top priority with many countries investing huge sums of money into developing security solutions for SCADA systems.

If we look at the development of these SCADA systems, they were historically secured by what developers called the “air gap”, which refers to the physical separation of the underlying servers and the related network for the SCADA ICS systems from other networks. These protocols were there to mitigate the security risks to these ICS/ SCADA systems.

However, today, with the increased connectivity in the world, even secure intranet facilities like SCADA ICS have resorted to utilizing IPv6 connectivity, and common networking protocols to ensure better decision making among the teams working on these ICS systems, as well as leveraging data management capabilities. But, with increased connectivity comes increased risks and more opportunities for security breaches in such facilities, either because of human error or by way of a targeted attack.

A few studies conducted on such SCADA ICS systems concluded that at organizations which relied on corporate IT to manage SCADA security, there was a greater chance of breach and failure when compared to organizations which had a dedicated team to manage SCADA security.

The studies also recognized that although maintaining two different security teams would be a challenge based on the cost factor, it was a necessity to ensure the security and integrity of the ICS system. A dedicated team will be able to develop stronger security protocols and get targeted SCADA ICS training, helping them to develop targeted security solutions.

Poor network design can also lead to vulnerabilities in SCADA systems, where network latency plays an important role in the communication effectivity of the system. A lack of proper planning and network implementation can lead to bottlenecks developing in the SCADA ICS system, which can have a negative impact on the system.

By having shared networks or shared processes, between SCADA ICS systems and other corporate systems, the risks of contamination and security breaches increase. A small error that could be tolerable in a normal IT network could result in a catastrophic breakdown of a SCADA ICS network.