Supervisory control and data acquisition (SCADA) systems’ traditional role is changing as the Industrial Internet of Things (IIoT) continues to take a larger role. SCADA systems were not originally designed for cybersecurity and plants need to adjust to this new reality.
Supervisory control and data acquisition (SCADA) systems, and the broader industrial control systems (ICS) including SCADA, human-machine interfaces (HMIs), building management systems (BMS), manufacturing execution systems (MES), and computer maintenance management systems (CMMS) have roots in proprietary technology that was traditionally isolated from the enterprise information technology (IT) infrastructure. These platforms were not originally designed for cybersecurity.
The ICS' traditional role of control and safety has expanded to include providing plant and process information or responding to direction from ERP and other enterprise systems. This, however, has exposed the ICS to potential cyber threats, according to "Security the Move to IP-Based SCADA/PLC Networks" by the Centre for the Protection of National Infrastructure. The current focus on connectivity under the banner of the Internet of Things (IoT), and the closely related Industrial Internet of Things (IIoT) or Industrie 4.0, has a huge potential benefit to data aggregation strategy and situational awareness. However, IIoT devices use Internet Protocols (IP), which further increases the exposure to cyber threats.