Environmental Engineering Reference
In-Depth Information
while a SCADA system connected to sensors that measure the water quality
parameters can report findings measured outside of a specific range. The
system can transmit warning signals back to the operators, such as by ini-
tiating a call to a personal pager. This might allow the operators to initiate
actions to prevent contamination and disruption of the water supply. Further
automation of the system could ensure that the system initiates measures to
rectify the problem. Preprogrammed control functions (e.g., shutting a valve,
controlling flow, increasing chlorination, or adding other chemicals) can be
triggered and operated based on SCADA utility.
SCADA Vulnerabilities
According to the USEPA (2005), SCADA networks were developed with little
attention paid to security, thus the security of these systems can often be
weak. Studies have found that, although technological advancements intro-
duced vulnerabilities, many water/wastewater utilities have spent little
time securing their SCADA networks, many of which may be susceptible
to attacks and misuse. Remote monitoring and supervisory control of pro-
cesses were initially developed in the early 1960s and have since adopted
many technological advancements. The advent of minicomputers made it
possible to automate a vast number of once manually operated switches.
Advancements in radio technology reduced the communication costs asso-
ciated with installing and maintaining buried cable in remote areas. SCADA
systems continued to adopt new communication methods, including satel-
lite and cellular. As the price of computers and communications dropped, it
became economically feasible to distribute operations and to expand SCADA
networks to include even smaller facilities.
Advances in information technology and the necessity of improved effi-
ciency have resulted in increasingly automated and interlinked infrastruc-
tures and created new vulnerabilities due to equipment failure, human error,
weather and other natural causes, and physical and cyber attacks. Some
examples of possible SCADA vulnerabilities include the following:
Humans —People can be tricked or corrupted and may commit errors.
Communications —Messages can be fabricated, intercepted, changed,
deleted, or blocked.
Hardware —Security features are not easily adapted to small self-con-
tained units with limited power supplies.
Physical threats —Intruders can break into a facility to steal or dam-
age SCADA equipment.
Natural threats —Tornadoes, floods, earthquakes, and other natural
disasters can damage equipment and connections.
Software —Programs can be poorly written.
Search WWH ::




Custom Search