Join Mike Chapple for an in-depth discussion in this video Industrial control systems, part of CompTIA Security+ (SY0-501) Cert Prep: 3 Architecture and Design.
- [Instructor] Many of today's industrial processes depend upon computer systems to make them work more efficiently and effectively. The many advances in technology that have sped up manufacturing, power plant monitoring, wastewater treatment, and other industrial processes require the use of computers. Industrial control systems or ICS systems, are the devices and systems that control industrial production and operation. They include systems that monitor electrical, gas, water, and other utility infrastructure and production operations as well as the systems that control sewage processing and control, irrigation, and other processes.
Hackers love to target industrial control systems for a number of reasons. First, a successful attack on an ICS system can have dramatic implications. Successful ICS attacks could disable a nation's power grid or damage or destroy parts of a city's infrastructure. Second, ICS systems are often not as well-secured as traditional computing infrastructure. And third, their high requirements for stability and continuous operations means that they are less likely to be consistently patched and updated.
In fact, some ICS systems manufacturers advise their customers to not update the control systems and sensor devices. This makes protecting SCADA and DCS systems an even greater challenge, requiring additional planning to overcome. Let's discuss three different types of industrial control systems. Supervisory control and data acquisition or SCADA systems, distributed control systems, abbreviated DCS, and programmable logic controllers, known more simply as PLCs.
SCADA systems, like the one shown here, are very common in industries that require remote monitoring of their infrastructure and productions systems, like natural gas pipelines, power production and distribution infrastructure, and water supply control systems. SCADA systems typically include individual remote sensors known as remote telemetry units, which provide reports back to the central data collection system and provide some level of local control. The central system then uses the information provided by the remote units to control the entire grid or pipeline of production and control systems.
Attacks against SCADA systems can target the feedback provided to the central control system or can cause the local sensor and control unit to perform an incorrect action. Distributed control systems, such as the one shown here, are frequently used to control water and wastewater treatment and distribution systems, power generation plants, refineries and production lines, and facilities like those that make cars, electronics, and even food products throughout the world. DCS systems use a combination of sensors and feedback systems to control and adjust processes as they receive feedback.
Much like SCADA systems, an attack against a DCS system could be as simple as providing incorrect feedback, resulting in a shut-down, overproduction, or delay in the system at a critical time. Programmable logic controllers, like the one shown here, are special-purpose computers designed to handle specialized input and output systems. They are typically designed to handle difficult environments with special temperature, vibration, or other requirements while still functioning. PLCs are designed to handle and respond to their specialized input and output requirements reliably to ensure that the processes they support occur without interruption or delay.
PLCs connect to a Human Machine Interface, or HMI, to provide interfaces that can interact with human operators. Typical PLCs don't have a monitor or other interface beyond buttons or lights built into them. PLCs are commonly used in both SCADA and DCS systems. The results of a SCADA system attack can be devastating. In 2000, a hacker irritated because he was refused a job in an Australian municipality used his knowledge about their water treatment software and systems to release millions of liters of raw sewage into local parks, rivers, and covering the grounds of a local hotel.
The Australian EPA said that marine life died, the creek water turned black, and the stench was unbearable for residents. This attacker used inside knowledge because he had previously worked for the company that installed the system. When the police arrested him, they discovered that he had made 46 attempts to hack into the system and that his car contained the radio and computer equipment necessary to wage this attack.
Instructor Mike Chapple has designed the training around the most recent version of CompTIA Security+, SY0-501, which expands coverage of mobile and cloud technologies. By learning about the topics in this course, you'll be prepared to answer questions from the latest exam—and strengthen your own organization's systems and defenses. To join one of Mike's free study groups, visit certmike.com.
- Developing security baselines
- Leveraging standards
- Delivering and measuring user training
- Designing a secure network
- Designing secure systems, from the OS to peripherals
- Secure staging and deployment
- Securing smart devices and embedded systems
- Developing secure software
- Cloud computing and virtualization
- Securing hardware, facilities, data centers, and other physical risks