Friday, December 7, 2012

So Much New SCADA Goodness ... So Few Words on Security


Hat tip to EnergySec's Patrick Miller for finding and tweeting this article so I could find it. Please note before you read this post that it's not intended to be critical of the article it cites. I think it's great and if I didn't have to think about security it would feel like pure, unadulterated progress to me.

The article, "Web-based SCADA Gathers More Fans" which appeared recently in Automation World, describes many excellent new capabilities that are arriving in the SCADA world, many of which are related to new higher bandwidth communications between substations and other remote assets, often based on web technologies. As Honeywell engineer Gerry Browne says:
A few years ago, field equipment would have only a serial port. Today, the same equipment might have its own Web server and methods that expose all its operating parameters. Remote data is now available immediately, allowing users to make better decisions.

What's not to like about that? Examples are drawn from oil and gas and water operations, but the applicability to electric sector use cases, including geographically dispersed substations and renewable generation is clear. Here are a few of the accounts.


Motivations/Benefits
In some cases, a technician would have to book a flight and spend as long as six hours traveling to the site. As a result, updates and service could easily turn into a 3-6 day project, not counting the lead time for booking the flight.
...
Another pain point alleviated by the new architecture is the ability to replicate objects and make global changes. Changing a pop-up screen for the old system, for example, required a programmer to go to every pop-up to make the alteration. Now that pop-ups are global, the programmer need only change one. Every identical screen updates automatically, which can reduce a four-hour job to just five minutes.
...
Rather than sitting in a control room, the operators of these systems are typically in the field, often driving hundreds of miles a day in their pickup trucks. To keep tabs on the system, they access the HMI with a laptop or handheld device just as if they were in a conventional control room. This real-time access allows them to observe any part of the system continuously, day or night, without having to physically go there and look. It also can track pump usage for preventive maintenance and monitor flow rates for legal disputes over water rights.
Tell me if you were one of these workers, or a manager of same, you wouldn't be jumping with joy over these improvements. Of course, you're reading these notes on the Smart Grid Security Blog, so you may be wondering if anyone is going to mention the security considerations in any of this. I give you credit for your insight. Tell you what, let's let the article go first.

Security
Greg Jones, a SCADA and data systems engineer, says the main challenge to safe remote access is establishing procedural controls such that the staff is aware of when changes are being made and what those changes are. Any change that can affect the functioning of facilities or machinery poses a risk to operations and safety. So, there should be only one person in control of a particular part of a SCADA system at any point in time.
OK, that was it, and here we go. First of all, I don't find any fault in Jones' comments. But everything about the information in the article, from the word Web in the title, to the description of how one can "replicate objects and make global changes," to Jones' comment that "the main challenge to safe remote access is establishing procedural controls such that the staff is aware of when changes are being made and what those changes are," gives me the willies. 

There are just too many ways to mis-configure these systems, and way too much potential for human error, to feel that these great functional leaps forward are not at the same time large cybersecurity steps backward. Time will tell and perhaps there are already crack security boutiques working solutions to these challenges. Please tell me if I've got this wrong. I'm often wrong. I'd like to be wrong.

Photo By: Carroll Electric

No comments: