Print page

Topic: SCADA

• › Articles (121)
• › White Papers (60)
• › News (128)
• › Products (75)

Data Acquisition Reference Book 
ControlGlobal.com has partnered with Omega Engineering to make the Transactions in Measurement and Control technical reference series available for free download.

Chips Are Up, Part 2
Find Out How More Powerful CPUs Have Improved Process Controllers

Want Open Standards? Work at It
End Users Have to Insist Their Favorite Suppliers Support Open, Interoperable Solutions, or We'll Remain Saddled With the Closed, Proprietary Ones

Some Standards Committees Work -- and Work Well
When Was the Last Time You Looked at the Standard for Duplex and Fourplex Convenience Electrical Receptacles?

Blending Controls Sweetens Soda Pop
Schweppes Australia Consolidates Process and Logic Controls in Its Syrup Room With a New Automation and Controls System

More Articles »

White Papers: In Depth Research

Cloud-Based SCADA Systems: The Benefits and Risks
Author: Inductive Automation
Posted: 12/01/2011
Is Moving Your SCADA System to the Cloud Right For Your Company?

Cloud computing is a hot topic. As people become increasingly reliant on accessing important information through the Internet, the idea of storing or displaying vital real-time data in the cloud has become more commonplace. With tech giants like Apple, Microsoft, and Google pushing forward the cloud computing concept, it seems to be more than just a passing trend.

Recently the focus of cloud computing has started to shift from consumer-based applications to enterprise management systems. With the promise of less overhead, lower prices, quick installation, and easy scalability, cloud computing appears to be a very attractive option for many companies.

Common questions surround this new technology: What is the "cloud"? What kind of information should be stored there? What are the benefits and risks involved? Is is moving toward cloud computing right for your company?

Cloud computing is not a "fix-all" solution. It has strengths and weaknesses, and understanding them is key to making a decision about whether it’s right for your company. We'll explore the major benefits and risks involved, and give you a set of factors to consider when choosing what information to put on the cloud.

The Advantages of an Integrated Factory Acceptance Test in an ICS Environment
Author: Jerome Farquharson, Critical Infrastructure and Compliance Practice Manager, and Alexandra Wiesehan, Cyber Security Analyst, Burns & McDonnell
Posted: 07/05/2011
When adding, modifying or upgrading a system, many critical infrastructures conduct a Factory Acceptance Test (FAT). A FAT includes a customized testing procedure for systems and is executed before the final installation at the critical facility. Because it is difficult to predict the correct operation of the safety instrumented system or consequences due to failures in some parts of the safety instrumented system, a FAT provides a valuable check of these safety issues. Similarly, since cyber security can also impact safety of critical systems if a system is compromised, it naturally makes sense to integrate cyber security with the FAT, a concept that brings extreme value and savings to an implementation process.

An Integrated Factory Acceptance Test (IFAT) is a testing activity that brings together selected components of major control system vendors and Industrial Control System (ICS) plant personnel in a single space for validation and testing of a subset of the control system network and security application environment in an ICS environment. Conducting an IFAT provides important advantages and benefits including: time savings, cost savings, improved ability to meet compliance requirements, and increased comfort level with integrated security solutions.

With the current trend of more intelligent ICSs and increased regulatory compliance, the best practice to achieving ICS and IT integration is by conducting an IFAT. A common problem that occurs in the industry is the unanticipated work associated with implementing security controls which can result in production issues. Performing an IFAT avoids costly redesign and troubleshooting during outage operations saving time and money that leads to an enhanced, sound security solution.

Analysis of the ICONICS GENESIS Security Vulnerabilities for Industrial Control System Professionals
Author: Eric Byres, P. Eng., ISA Fellow, Joel Langill, CEH, CPT, CCNA, Tofino Security | SCADAhacker.com
Posted: 03/31/2011
A number of previously unknown security vulnerabilities in the ICONICS GENESIS32 and GENESIS64 products have been publically disclosed. The release of these vulnerabilities included proof-of-concept (PoC) exploit code.

While we are currently unaware of any malware or cyber attacks taking advantage of these security issues, there is a risk that criminals or political groups may attempt to exploit them for either financial or ideological gain.

The products affected, namely GENESIS32 and GENESIS 64 are OPC Web-based human-machine interface (HMI) / Supervisory Control and Data Acquisition (SCADA) systems. They are widely used in critical control applications including oil and gas pipelines, military building management systems, airport terminal systems, and power generation plants.

Of concern to the SCADA and industrial control systems (ICS) community is the fact that, though these vulnerabilities may initially appear to be trivial, a more experienced attacker could exploit them to gain initial system access and then inject additional payloads and/or potentially malicious code. At a minimum, all these vulnerabilities can be used to forcefully crash system servers, causing a denial-of-service condition. What makes these vulnerabilities difficult to detect and prevent is that they expose the core communication application within the GENESIS platform used to manage and transmit messages between various clients and services.

This White Paper summarizes the current known facts about these vulnerabilities. It also provides guidance regarding a number of possible mitigations and compensating controls that operators of SCADA and ICS systems can take to protect critical operations.

Learn more about Tofino at www.tofinosecurity.com/blog

Improving SCADA Operations Using Wireless Instrumentation
Author: Control Microsystems
Posted: 06/29/2010
The purpose of this paper is to explore the particular ways in which operators can tightly integrate wireless instrumentation networks with SCADA and realize.

Integrating wireless instrumentation with SCADA systems can drive operational efficiency and reduce deployment costs.

The use of wireless instruments in pipelines and gas production operations has been gaining momentum over the past few years. Driven by cost cutting measures and the need to gain more operational visibility to meet regulatory requirements, wireless instruments eliminate expensive trenching and cabling while providing access to hard-to-reach areas using self-contained, battery-powered instruments. However, SCADA engineers and operators are facing the challenge of integrating wireless instrumentation networks with other communication infrastructure available in the field. Managing and debugging dispersed wireless networks presents a new level of complexity to field operators that could deter them from adopting wireless instrumentation despite the exceptional savings.

This paper will look into the particular ways in which operators can tightly integrate wireless instrumentation networks with SCADA and realize the full benefits of such an integrated solution.

More White Papers »