A Supervisory Control And Data Acquisition (SCADA) system generally refers to an industrial control system: a computer system monitoring and controlling a process. SCADA systems are used to control and monitor physical processes, examples of which are transmission of electricity, transportation of gas and oil in pipelines, water distribution, and the like. SCADA systems are also part of an Energy Management Systems (EMS) and Distribution Management System (DMS). A SCADA system usually comprises the following subsystems: A Human-Machine Interface—HMI (also known as User Interface—UI or Man Machine Interface—MMI) is the apparatus which presents process data to a human operator and through this, the human operator, monitors and controls the process (The HMI comprises a computer monitor or a custom display panel, which reports status information across the system being controlled); A supervisory (computer) system, gathering (acquiring) data on the process and sending commands (control) to the process; Remote Terminal Units (RTUs) connecting to sensors in the process, converting sensor signals to digital data and sending digital data to the supervisory system; Programmable Logic Controller (PLCs) are sometimes used as field devices because they are more economical, versatile, flexible, and configurable than special-purpose RTUs; Communication infrastructure connecting the supervisory system to the Remote Terminal Units.
The move from proprietary technologies to more standardized and open solutions together with the increased number of connections between SCADA systems and office networks and the Internet has made them more vulnerable to attacks. Consequently, the security of SCADA-based systems has come into question as they are increasingly seen as extremely vulnerable to cyber attacks. In the field of SCADA systems, cyber security solutions are typically separate or add-in solutions. This prevents a single integrated solution providing for full situational awareness with immediate workflow based access to all needed information and controls. Defining all the parameters relating to the various disparate security add-ons is also cumbersome and error prone. Finally, providing a fully integrated training simulator to allow SCADA operators to learn how to use the actual system with its security features has been lacking in the market. Therefore there is a need in the art to integrate these functions all into a single command and control solution.
Current product approaches include IBM Tivoli Netview and HP's Openview products. The above noted products do not provide an integrated solution with full access to internal SCADA functions, they do not provide a single source to enter configuration data, and they do not provide a full training simulation with the actual SCADA system included.
A number of patents exist which relate to cyber security including, U.S. Pat. Nos. 7,188,003, 7,233,843, 7,246,156, and 7,483,972, and Publication Nos. 20080209033, 20080109889; all of which are incorporated herein by reference.
There is a need for systems that enhance situational awareness for industrial control systems. There is a further need for systems that enhance situational awareness for industrial control systems for improved cyber security. Accordingly, there is a need in the art for an integrated solution to the problems in the art. The present invention is designed to address these needs.