subject: Awakening of Better Internet Security for the SCADA Systems [print this page] Awakening of Better Internet Security for the SCADA Systems
Storage and output of information is the basis of most computer systems. But, in the electric sector, the job of computers is more complex and comprises of generation, transmission and distribution of power. SCADA systems (Supervisory Control and Data Acquisition) and DCS (Distributed Control Systems) work together to effectively control the transmission and distribution of power across a large area. Several control centers are linked using a complex SCADA system.
The power system forms a critical infrastructure of that nation. The power industry control systems differ from the the corporate controls in the protocols used, equipments and in the overall performance. Until 2000, the organizations were concerned about a cyber threat but it wasn't much taken into concern. It was after the September 11 incident in 2001 that the potential threat faced by US and its adversaries was realized.
In August 2003, the Northeast blackout heightened the warning signal for potential risks. Although no cyber attacks was found, yet the harm that one could create to the nation was well realized. It was then that organizations like NIST, NERC, IEEE etc came up with standards for the power sector. The North American Electric Reliability Corporation was formed on March 28th 2006 as a non profit organization. NERC was set u with the mission of ensuring reliable bulk power transmission in North America. The security and reliability was the main factors of concern. Many standards have been set forward to ensure these goals. The NERC CIP standards was released in with a set of eight
standards for the safety of the power sector infrastructure. The policies are a better internet security system, providing proper training and awareness to the employees, overseeing to unused ports/services and disabling them to prevent any intervention, strengthening the user interface passwords and checking for any possible vulnerabilities. Reports and assessments are carried out periodically with data from the users, owners and operators.
The nerc cip standards have been able to ensure better auditing and monitoring of the power grid system. These set of standards can be used by other sectors like chemical, oil and gas industry to ensure complete and automized protection for long.
