Question

1. Open Process Control (OPC):

1. Why do most SCADA vendors include OPC in their systems?
2. Describe, briefly, the concept of (and relationship between) OPC groups and items.

2. a. Describe a typical cyber attack that could be launced specifically against a Power Station SCADA system (not a network in general).                       

1. Discuss three security issues to be addressed in SCADA installations.                   
2. What is, in your opinion, the minimum (physical) placement for a firewall in a SCADA system? (Note: not configuration)

Answer 1

OPC : Open process control

OPC is the interoperability standard for the secure and reliable exchange of data in the industrial automation space and in other industries. It is platform independent and ensures the seamless flow of information among devices from multiple vendors. The OPC Foundation is responsible for the development and maintenance of this standard. The OPC standard is a series of specifications developed by industry vendors, end-users and software developers. These specifications define the interface between Clients and Servers, as well as Servers and Servers, including access to real-time data, monitoring of alarms and events, access to historical data and other applications. When the standard was first released in 1996, its purpose was to abstract PLC specific protocols (such as Modbus, Profibus, etc.) into a standardized interface allowing HMI/SCADA systems to interface with a "middle-man" who would convert generic-OPC read/write requests into device-specific requests and vice-versa. As a result, an entire cottage industry of products emerged allowing end-users to implement systems using best-of-breed products all seamlessly interacting via OPC.

a Why we adopt opc in SCADA

As for as new technologies are concerned the SCADA are adopting :

1 web technology, Active X, java etc

2 OPC as a means for communicating internally between the client and server modules.

It should thus possible to connect OPC complaint third-party to that SCADA PRODUCT.

b

Group Maintains information about itself and contains and organizes the OPC items. tem Contains a unique identifier held within the group. The identifier acts as a reference for the individual data source, as well as value, quality, and timestamp information. The value is the data from the source. The quality status gives information about the device. The timestamp is the time that the data was retrieved. An OPC application accesses all items through the OPC group rather than through the item itself. The group also contains a specific update rate for itself, which tells the server at what rate to make data changes available to the OPC client. A deadband specific for each group tells the server to reject values if they have changed by less than a specified deadband percentage.

2 a

The Press has obtained a video made for the Department of Homeland Security that shows a simulated hacker attack on a power station that doesn't end well for a turbine. In the video the latter goes spinning out of control and spits out pieces of the turbine as well as smoke before it, presumably, dies a noisy, dramatic death. The test attack, conducted in March by the ldaho National Laboratory for DHS, exploited a programming vulnerability in SCADA systems (Supervisory Control and Data Acquisition systems), the computer systems that control electric, water and chemical plants throughout the U.S. The test was intended to show how a remote digital attack by hackers could cause real-world damage beyond the computer used to conduct the attack

The programming flaw has since been fixed, but that doesn't mean other flaws don't exist. SCADA systems were never designed with security in mind and have long been considered vulnerable to attack. Government officials claimed in 2002 that they had uncovered evidence that members of al Qaeda had explored vulnerabilities in SCADA systems in order to conduct such attacks on utilities. But experts have always disagreed about the degree of damage a remote attacker could do to the power grid or water system via computer or the likelihood that someone would even choose such an attack as opposed to a physical attack with a bomb or other sabotage method that would be far more effective. Unfortunately, cybarmageddonists are likely to seize this story and spin it wildly out of control to monger fear, ignoring a few comments in the AP story that suggest the demonstration may have exaggerated the risk.

The video is not a realistic representation of how the power system would operate," said Stain Johnson, a manager at the North American Electric Reliability Corp., the Princeton, N.J.-based organization charged with overseeing the power grid A top Homeland Security Department official, Robert Jamison, said companies are working to limit such attacks "Is this something we should be concerned about? Yes," said Jamison, who oversees the department's cybersecurity division. "But we've taken a lot of risk off the table."

2a

Issues

Here, we summarize some key issues of SCADA security. The vulnerabilities in security of software and networks include 89: Viruses, malware, and Trojan horses. Logical errors-they are generated during the code writing of the system and may cause unintended or undesired output 89. Convenient features for user-they are infections, such as file downloading, from features used by most users 89 Reconfiguring the authentication permissions. Administrator access. Key loggers-install software to log the key-type. Denial of Service-use denial of service attack to cause authentic requests to be denied 89. Eavesdropping Unsecured wireless network setup. Remote access without authentication Leak of confidential information. Vulnerabilities related to the business staff ang personnel include the following 89: Lack of discipline and professional ethics. Insider. Setting simplified passwords. Unnecessary use of SCADA resources. Confidential information provided to third parties.

b

SCADA systems need to be secure, yet according to me, firewalls are not up to the task, and should be replaced with Unidirectional Security Gateways.