SCADA cybersecurity in the age of the Internet of Things

Supervisory control and data acquisition (SCADA) systems, and the broader industrial control systems (ICS) including SCADA, human-machine interfaces (HMIs), building management systems (BMS), manufacturing execution systems (MES), and computer maintenance management systems (CMMS) have roots in proprietary technology that was traditionally isolated from the enterprise information technology (IT) infrastructure. These platforms were not originally designed for cybersecurity.

The ICS' traditional role of control and safety has expanded to include providing plant and process information or responding to direction from ERP and other enterprise systems. This, however, has exposed the ICS to potential cyber threats, according to "Security the Move to IP-Based SCADA/PLC Networks" by the Centre for the Protection of National Infrastructure. The current focus on connectivity under the banner of the Internet of Things (IoT), and the closely related Industrial Internet of Things (IIoT) or Industrie 4.0, has a huge potential benefit to data aggregation strategy and situational awareness. However, IIoT devices use Internet Protocols (IP), which further increases the exposure to cyber threats.

Read whole article...