IDENTIFYING SINGLE POINTS OF FAILURE IN SCADA SYSTEMS

Identifying Single Points of Failure in SCADA Systems

Periodically reviewing your SCADA System Architecture is crucial in maintaining a reliable oil or gas pipeline system. No matter how thoroughly the system was designed and implemented, or how carefully change processes have been managed, problems can creep into the system as it is modified and updated, leading to unforeseen consequences. Regularly scheduled SCADA System Architecture reviews can identify and address issues such as single points of failure, gaps in cybersecurity, communication reliability, and performance issues before they interrupt the control center’s ability to monitor and control pipelines, potentially resulting in millions of dollars of savings in incident prevention.

What is SCADA?

SCADA (Supervisory Control and Data Acquisition) is a combination of software and hardware that allows industrial organizations to monitor, gather, and process real-time data, then use that information to control devices such as valves, pumps, and motors to manage industrial processes. SCADA Systems help industrial organizations maintain efficiency, make smarter decisions, and identify potential issues to help mitigate downtime. Historical data from a SCADA system can also be logged in a historical database, allowing personnel to analyze data and identify trends. Modern SCADA systems allow real-time data to be accessed remotely, making it a particularly powerful tool for the pipeline industry, where even a minor issue could result in major losses.

The Possible Pitfalls of Not Performing a SCADA Architecture Review

  • Thinking there is no review needed – SCADA systems are not “set it and forget it.” They are active systems that report real-time information, but as with any complex system, they need to be regularly monitored and maintained to ensure the flow of information remains uninterrupted and reporting is accurate.
  • Excessive data – The SCADA system used to support the Control Center should ideally be focused exclusively on the needs of the Control Center. Acquiring and processing other field data for corporate users outside the Control Center adds unnecessary complexity and frequency of changes to the SCADA system. Collection and processing of field data not required by the Control Center should be handled by other systems, which are not subject to regulations and have the advantage of being cheaper and easier to maintain.
  • Not being proactive – The cost of a review is relatively low. The cost of correcting a system that has failed, on the other hand, can be huge and the extended effects catastrophic.
  • Security issues – Whenever a system has a connection to the outside world, the potential for malicious sabotage performed by disgruntled workers or cyber-attacks from hackers is increased. These connections should be reviewed periodically to ensure proper cybersecurity is in place to protect the SCADA system.
  • System inefficiencies – Bottlenecks, obsolescence, and weak points may inadvertently work their way into a system as it is maintained and augmented over time.

Find a Partner to Periodically Review Your SCADA Architecture

An integrator may only have experience with one or two specific systems, severely limiting the expertise they bring to the table. UTSI, on the other hand, is a vendor-independent consulting and engineering services company that has worked with over 200 customers and resolved a vast number of challenges on projects worldwide. This gives UTSI the background and experience necessary to pinpoint critical issues in an existing SCADA system and then guide our customers to the best solution available. In addition, as an independent consultant, UTSI can dedicate the time, personnel, and resources to quickly and efficiently conduct a SCADA Architecture Review for existing systems without jeopardizing day-to-day operations.

The Process of a UTSI SCADA Architecture Review

UTSI uses a comprehensive 11-step process when performing a SCADA Architecture Review:

    1. Discuss with the client their particular concerns and any specific problems they may have encountered.
    1. Collect drawings for primary, backup, and tertiary control rooms and data centers which house SCADA and communication equipment, including network configuration with IP addresses.
    1. Verify whether drawings are current and accurate — the level of verification will depend upon the client and the state of the drawings. While spot checking may be all that is required, if drawings are poorly done or out of date, a thorough check of all equipment and connections may be warranted.
    1. Determine if the network is properly segmented for cybersecurity and performance issues.
    1. Identify any single points of failure in applications, equipment, and network circuits.
    1. Review communication circuits for adequate capacity and choke points.
    1. Review utilization of communication circuits.
    1. Review network routers and firewalls for reasonable configuration and rules.
    1. Verify the SCADA network is properly isolated from the corporate IT network.
    1. Evaluate the risk of any wireless portions of the SCADA network.
    1. Determine if adequate Management of Change (MOC) procedures are in place and being followed for any changes to the SCADA Architecture.

UTSI is an industrial control system engineering and consulting firm specializing in automated system design, implementation, project engineering, cybersecurity, and remote infrastructure monitoring services for oil and gas pipelines. With over 30 years of experience, UTSI has been responsible for the design and implementation of sophisticated industrial control systems and related technologies for many of the world’s largest energy corporations. To find out more about how UTSI can help with a SCADA Architecture Review, visit https://www.utsi.com/what-we-do/.

Follow us on social media for the latest updates in B2B!

Image

Latest

Women's empowerment
Seizing the Narrative: The Transformative Impact of Storytelling on Women’s Empowerment
April 19, 2024

With gender equality becoming a significant global agenda, the narrative around women’s empowerment is more relevant than ever. Amid rising awareness and shifting societal norms, women are increasingly seeking avenues for self-expression and empowerment. A recent study by the Global Gender Gap Report highlights that while progress is being made, substantial efforts are still […]

Read More
V2G technology
Plug into the Future: Decoding V2G for Utility Applications
April 19, 2024

Brian Rudy from Verizon IoT and Melissa Chan of Fermata Energy explore the cutting-edge potential of vehicle-to-grid (V2G) technology at DISTRIBUTECH 2024. Their discussion highlights how this innovation transforms electric vehicles into dynamic energy storage units, capable of stabilizing the grid by storing and discharging power as needed. This technology represents a significant shift […]

Read More
zero trust architecture
Secure Grid Modernization with Zero Trust Architecture
April 19, 2024

Ray Bauer of Verizon Business engages with Del Rodriguez from Palo Alto Networks at DISTRIBUTECH 2024. Rodriguez shares insights into the significance of cybersecurity within the utility sector, particularly in light of increasing cyber threats and the convergence of IT and operational technology (OT). Bauer and Rodriguez discuss Palo Alto Networks’ initiatives to enhance […]

Read More
private wireless networks
Private Wireless Networks
April 19, 2024

Verizon host Wayne Weeks discusses the evolving utility industry with John Gaster, CEO of KSI Data Sciences at DISTRIBUTECH 2024. Together, they explore how KSI focuses on harnessing data from remote sensing devices to enhance the safety, efficiency, and cost-effectiveness of utility operations. Gaster emphasizes the significant role of AI and machine learning in […]

Read More