Exploring SCADA Security

August 20, 2012

I’ve written here a few times about the security risks associated with some industrial control systems, sometimes called SCADA systems (for Supervisory Control And Data Acquisition).    Many of these systems were designed initially for an isolated environment; when connected to the Internet, there are often significant security vulnerabilities that can be exploited.  The notable recent example of this is, of course, the Stuxnet worm, which attacked the Siemens control system used at the Iranian nuclear facility at Natanz, destroying several centrifuges.

If you are interested in learning a bit more about how these systems are put together, and how they can be attacked, there is a diary post at the SANS Internet Storm Center, by Manuel Humberto Santander Pelaez, one of the ISC’s volunteer handlers, that gives a good overview of the problem in the context of a specific type of attack.  He describes the system architecture, as well as the protocols used, and shows how spoofed messages can be injected to cause mischief.  Reading it will not make you an expert on SCADA security, but it may provide a useful bit of context.

%d bloggers like this: