A Strategic Approach to Protecting SCADA and Process Control Systems

Process Control Systems (PCS) refer to the overall set of systems that remotely monitor and measure remote sensors from a centralized location. These sensors also typically possess some type of automated response capability when certain criteria are met. A subset of PCS systems that manage systems over very large geographic areas are typically referred to as Supervisory Control and Data Acquisition systems or SCADA systems. SCADA systems make up the critical infrastructure associated with electric utilities, water and sewage treatment plants, and large-scale transportation systems like interstate rail. This paper provides an overview of the security weaknesses present in SCADA and other Process Control Systems, the potential impact of those weaknesses and recommended steps for assessing and securing SCADA systems.