It’s not a new topic, but SCADA and other industrial control networks continue to be integrated into IP networks and utilize old computing platforms (Windows XP) for management of the programmable logic controllers (PLCs) that actually control
There are a number of well-known espionage examples of PLCs being exploited with malware, like the Siberian pipeline explosion of 1982 (the story is that the CIA arranged for Soviet Union to steal infected software that later caused a massive explosion and economic damage during the Cold War), or the Stuxnet worm attack on Iranian nuclear program centrifuges.
Still, even with the knowledge that systems are vulnerable, there are a number of factors working against major improvements in security.
PLCs aren’t designed to be secure. Initially they received their information directly from wires connected to control panels — there was no reason to verify that information was coming from the source it should be. Change that connection out with a standard IP network, and suddenly it’s open to all of the standard attacks of an open internet.
Why not just fix these issues? One reason is the nature of control networks — they are designed to run and be left alone. The goal is reliability. When there are equipment issues, generally it’s more about swapping out a component instead of fixing it. Plus, PLCs generally are not very introspective – they don’t log much or diagnose themselves, which might lead to flagging potential malware.
With the console connections used by Uplogix, SCADA devices can be managed at a low level. Routine maintenance, like re-installing a golden configuration periodically to ensure the device is running the config it should be, can be automated. Plus, Uplogix can manage the IP network gear like routers and switches. The result is a stronger deployment, which in the case of large infrastructure deployments like pipelines and power plants, could benefit everyone.
Read more the Uplogix Solution Brief: Local Management for SCADA.