Vulnerabilities and Electric Power Industry, Research Paper Example

The digital age leaves many different companies and platforms open for attacks. Systems are put into place to curtail such catastrophes: one such system is called SCADA or Supervisory Control and Data Acquisition. SCADA is used to monitor systems, prevent system malfunctions, and in general keep the infrastructure of power plants, water and sewer plants, and treatment centers from ever having to be compromised to do the aforementioned issues. This paper will look at the background and purpose of SCADA systems, their vulnerabilities to cyber attacks, and the efforts to increase security and minimize risks due to unauthorized access.

Current SCADA Applications

SCADA systems are used by governments to monitor their power/electric, water, and treatment plants across the country. These facilities are vulnerable to “weather conditions, equipment failure, accidents” (Lakhoua&Jbira, 2012, p. 517) as well as to cyber attacks. On the former, SCADA is a way to “modernize” the facility through technological advancements that examine facility’s “fault diagnosis as well as troubleshooting systems” (Lakhoua&Jbira, 2012, p. 517). SCADA is implemented into these facilities in order to resume control of them and is used for “data acquisition of diverse kinds of processes” (Lakhoua&Jbira, 2012, p. 517). Within the SCADA infrastructure, certain subsystems are utilized, these include man-machine interface (MMI) in which there’s a human operator who takes process data and monitors/controls it. SCADA also has a supervisory system which acquires data and sends it to process. SCADA also utilizes Remote Terminal Units (RTU) that “connect[s] to sensors in the process, converting sensor signals to digital data and sending digital data to the supervisory system” (Lakhoua&Jbira, 2012, p. 517). Actions for SCADA can be made remotely using RTUs “or by programmable logic controllers (PLC) (Lakhoua&Jbira, 2012, p. 517). This allows for SCADA to be either set up for a specific task or allow access to its controls through MMI. This enables a system to operate successfully and with minimal error. For instance, if an error in a system occurs, SCADA will detect it and an alarm will go off alerting someone to the problem. This can be useful for electrical plants for level monitoring, performance of machines (and upgrades or malfunctioning), as well as for “sustainable development” (Lakhoua&Jbira, 2012, p. 517). This “sustainable development” focuses onsuch plant/systems information as “levels, flows, pressure…logged in the HMI computer database for reports and trends” (SCADA, 2012, para. 2). The celerity and efficacy of SCADA has to be as absent of foibles as possible in order for the system to function at optimal performance. In lieu of this necessity, SCADA (which has literally thousands of “remote telemetry sites monitor[s]” (SCADA, 2012, para. 3) is operated in whatever platform possible (e.g. radio, telephone, etc.) in order to secure “the central computer and software to the…plants” (SCADA, 2012, para. 3). This central computer is vital as SCADA, a sophisticated smart grid, will enable sufficient control on electrical plants.

SCADA offers unique use of it’s systems through mobile phone communication in which a “base” station serving as a wireless radio service controls SCADA’s functions. SCADA’s integration into this uses GPRS or WAP “transfer schemes” to enhance SCADA’s performance. Other researchers have presented SCADA motor systems which use “fuzzy logic” (FLC) in order to control the “neural network” (NN)(Lakhoua&Jbira, 2012, p. 158). An FLC controls motor speeds of systems while the NN aids in the transmission. In a power plant, the input and output signals (which use high voltage) “are commanded by using LabView” (Lakhoua&Jbira, 2012, p. 158).Still other researchers are presenting SCADA applications that will use communications to control renewable energy systems with I/O devices. These systems will “support a continuously shanging operating enviroment depending on the test to be performed” (Lakhoua&Jbira, 2012, p. 158). These SCADA applications are being monitored and processed with extreme caution, as potential cyberattacks are a very real concern.

Project Management Phases of a SCADA System

There are five basic stages of SCADA system phases according to Lakhoua&Jbira (2012) (p. 159) with a final close out phase. The first phase depends on system need. This need is found through defining ways to reduce cost/staffing, improve customer service quality, deterrence or avoidance of environmentally suspect practices, complying with EPA and local standards of health and safety, and keeping the system up-to-date/upgrading (Lakhoua&Jbira, 2012, p. 160).

After need is found and defined the second phase of project management for SCADA systems is the initiation phase. This phases is composed of validating the above-stated needs. In order to do this, however, it is crucial to establish the project’s scope and it’s conceptual ideals. This establishment can be attained through Work Breakdown Structure (WBS). During this phase it is necessary to find a solvent source of funding. This solvent funding source  must be approved by system’s management then implemented in acquisitions and development meetings. Funding will be designated firstly to:

…preliminary investigations, and prepare a preliminary project management plan. It will be necessary to firm up on the scope, identify the main technologies to be used, and gain agreement and approval of the potential users of the system. If the system is being introduced to improve productivity, then it is important that user management understand how they can use the SCADA system to change work practices. Although the work should be concentrating on the functional requirements, it is necessary to keep an eye on the technical capabilities offered by suppliers (Lakhoua&Jbira, 2012, p. 160).

The third phase consists on defining the parameters of the project. This means that there is more a focus on the “functional requirements” of the project. This can be established through a project management team that scouts and identifies certain sites, functions, improvements, advancements in the system that aid in making the first phase even stronger. In this stage the “reporting and processing” functions are established. In order to acquire or maintain the system, it’s imperative that the benefits of the system are firmly established and that potential risks to this plan are anticipated and curtailed prior to them becoming problems.

The fourth phase is the design phase. This will entail “preparing the specification, and developing tender evaluation plans” (Lakhoua&Jbira, 2012, p. 160). In anticipation of potential risks it’s important during this phase to have a prequalification sub-phase. During either the phase, or the subphase the essential mapping of the systems that is, designing and providing necessary acquisitions is essential; this is ensured through “design and construct contracts, and pay for performance” (Lakhoua&Jbira, 2012, p. 160).

The fifth phase is the acquisition phase. This entails a variation of steps such as

…design configuration of SCADA master software; development of custom software; assembly of RTU’s in factory, and testing; field installation of instrumentation, communications, and RTU’s; commissioning; site acceptance testing; customer training. Subsequent to this, the system normally has a defects liability period, and beyond that maintenance must be contracted for (Lakhoua&Jbira, 2012, p. 160).

The final phase is the close out phase. This consists of the SCADA application’s final report which highlights any potential risks, established or potential defects in the system, and the completion of the project and its review known as the “post implementation review (PIR) as required. (Lakhoua&Jbira, 2012, p. 158).

Application of SCADA to electric power distribution systems

Having a reliable power grid is essential to proper economic functioning of any system: SCADA is no different. An up-to-date electric power network system “must be capable of performing 365 days a year and 24 hours a day with a high quality of uninterrupted power supply, even during the peak hours, to improve the performance of services to the customers (Lakhoua&Jbira, 2012, p. 160). Electric power network systems are extensive pieces of technology and as such require constant monitoring for functional reliance; this is achieved best through “proper computer-based monitoring and control systems[s]” (Lakhoua&Jbira, 2012, p. 160).  This is the main component of SCADA: remote monitoring in real-time location. This means that the base of controls and the system being monitored are done so through wireless communication, or “DCC (Distribution Control Center). This is where SCADA software is used/monitored. Among the other equipment being used by SCADA are automatic meter reading (AMR), Data Concentrator Unit (DCA), Remote Terminal Unit (RTU), Supervisory Control and Data Acquisition (SCADA), Communication equipments, etc.” (Lakhoua&Jbira, 2012, p. 160).  The purpose of this equipment isn’t to just ensure that SCADA runs at the apex of its ability but to ensure proper customer service quality: “The flow of information requires data communication over extended networks of systems and users. In fact, utilities are becoming among the largest users of data and are the largest users of real-time information” (Lakhoua&Jbira, 2012, p. 160). Such a maneuver and consistency in SCADA will allow for proper information to flow with greater ease and reliability (real-time) in the following ways: better quality service to customers (in dealing with electrical interruption), efficiency in work and reduction in loss, control over power demand, staff access to SCADA during normal as well as adverse conditions (wireless capabilities), quicker and more accurate access to previous performance charts/data/tools, and the “ability of EDC engineering staff to manage the power system assets and system operations by providing increased access to better performance data and historical statistics” (Lakhoua&Jbira, 2012, p. 159).

Countries such as Japan have implemented SCADA systems in their electrical distribution system. Japan is a world leader in technology so it comes as no surprise that they’ve implemented SCADA to an enormous degree in the necessary areas of “expandability and flexibility, conformity to international standards, high reliability, high functionality and high performance and high-level human interface” (Lakhoua&Jbira, 2012, p. 160). Japan’s SCADA system has drastically and beneficially reduced system interruption and faulty lines. Another country that has benefited from SCADA systems is Taiwan. In Taiwan, distribution system dispatchers have used SCADA for management as well as “rapid operation control” purposes (Lakhoua&Jbira, 2012, p. 160). Having these operations remotely controlled, or the ‘automation of the system’ as it’s called has become a necessity for these countries as their distribution system becomes completely out-of-date otherwise (Lakhoua&Jbira, 2012, p. 161).

Electrical Network Operation by Using SCADA

Implementing SCADA into the electrical grid involves complex needs. These needs include specific equipment and processes as well as controllers to operate the system. The system must first be installed using MV/LV substations: these substations are in control of monitoring and managing data such as wireless transmission for meter reading by “a Power Line Carrier (PLC) over the low voltage lines and provide the connection to a control centre, using a dedicated protocol, over public or private communication networks” (Lakhoua&Jbira, 2012, p. 160). The amount of data will exponentially increase with the progressive march of new technologies so this phase is important to ensure accuracy and proper implementation. As part of proper implementation, it’s necessary to include smart equipment “to manage the power network in real time. One of the smart equipments used is the Automatic Meter Reading (AMR). The AMR has replaced the old conventional energy meter (disk type) because of its better performance to process a huge amount of data in real time” (Lakhoua&Jbira, 2012, p. 160).

The SCADA communication’s system will include a myriad of equipment (including the above mentioned smart equipment) and the crux of these systems includes the microprocessor controllers RTU and “Data Concentrator (Logger)” (Lakhoua&Jbira, 2012, p. 160) as well as fast smart equipment like computers to properly monitor the network (Lakhoua&Jbira, 2012, p. 160).

Calculating risks to SCADA is something to be aware of as chaos may make for poor functioning. Controllers need to keep their eyes out for possible fluctuations in the system such as increased exposure (“Communication networks linking smart grid devices and systems will create many more access points to these devices, resulting in an increased exposure to potential attacks”) (Lakhoua&Jbira, 2012, p. 160); interconnectivity that includes communication’s networks that potentially expose the system to attacks; complexity which accounts for increase in subsystems; and common computing technologies in which the smart grid systems make use of common computer technologies that leave the system open or vulnerable to the computer’s system’s weaknesses; and finally increased automation that will “generate, gather, and use data in new and innovative ways as smart grid technologies will automate many functions. Improper use of this data presents new risks to national security and our economy” (Lakhoua&Jbira, 2012, p. 160).

Infrastructure Cost

Creating automated systems accounts for a significant allocation of funds from the company/country. Although automated systems lower the cost of labor as their remote wireless communications lessen commutes, workers needed during adverse weather to monitor systems, and remote supervision.

One area in which the cost of SCADA increases is through security. SCADA is a potential governmental risk because of its various vulnerabilities to cyberattacks. Thus, companies will invest millions of dollars in security for critical systems operations to functional without such security risks. In this market, security companies and programs have earned a revenue in 2011 of $18.31 billion and simply increases exponentially every year. Private companies control security systems for SCADA. Their infrastructure promises the safest possible function for the system. The “US Government will evaluate the consequences of a cyber-attacks on homeland security and the plan the proper actions to mitigate the cyber threats started the program named “Perfect Citizen” with the main purpose to explore national utilities to discover security vulnerabilities that could be exploited in case of an attack” (Paganini, 2013, para. 26). This project is slated to begin in September 2014 and is a program developed for smart networks originally named Einstein for it’s various sensor components that function individually. These components detect cyber-attacks “against critical infrastructures in both the private and public sector” (Paganini, 2013, para. 26) and is funded through the Comprehensive National Cyber security Initiative and “thus far Raytheon, the major American defense contractor and Industrial Corporation, has received a contract for up to $91 million to establish the project” (Paganini, 2013, para. 26).

Other areas of cost include RTU performances that seek to connect “2or more wireless or wired media, allowing for cost-effective geographical coverage extension. It performs Store and Forward (S&F) operation with a single radio frequency or may combine several media to create a seamless, communication network (“Self-awareness to the Grid,” 2012, para. 3). Changes in operation to SCADA also has it’s potential to be costly. Most systems however use a DA system that results in various cost-saving applications. The smart grid solutions that SCADA provides (with power companies, or even cell phone services like Motorola) include RTUs and IGIN software in order to further expand their savings which results in further systems improvements: “The United States Department of Energy (DOE) has received substantial funds from the American Recovery and Reinvestment Act to encourage utility investment in upgrading their grid to smart status. Equipment like ACE3600 RTUs, IGIN software and Motorola high-speed radio communications can be integral to that improvement” (“Self-awareness to the Grid,” 2012, para. 3).

Conclusion

SCADA is a smart grid system that allows for wireless remote control of various systems including power grids. This decreases costs to the company such as for staffing, hours, and general maintenance on the system. The benefits of this system are impressive and outstanding for post-industrial countries to use. SCADA’s use of grid, wireless remote access to downed grids and sectors allows for more potential up-to-date systems analysis for better customer care services. This paper has proven not only the efficacy of SCADA but the benefit to cost analysis and the five phases needed to implement proper management for implementing systems. These phases allow for SCADA to be properly managed, a system implementing and for a company to feel more secure from cyber-attacks than other systems. The benefits of SCADA are outstanding, essential and will likely be implemented in all countries on a country-wide smart grid.

References

“Bringing self-awareness to the grid: SCADA systems enhance electric utility operations.” (2012). Motorola. Retrieved from http://www.motorolasolutions.com/web/Business/Products/SCADA%20Products/ACE3600/_Documents/Static%20Files/Bringing%20Self%20Awareness%20to%20the%20Grid.pdf

Lakhoua, M.N., &Jbira, M.K. (2012). Project management phases of SCADA system for automation of electrical distribution networks. IJSCI International Journal of Science, 9(2),157-162. http://ijcsi.org/papers/IJCSI-9-2-2-157-162.pdf

Paganini, P. (2013). SCADA and security of critical infrastructures. INFOSEC Institute. Retrieved from http://resources.infosecinstitute.com/scada-security-of-critical-infrastructures/

“SCADA applications.” (2012). Control Systems Inc. Retrieved from http://www.controlsysinc.com/SCADAApplications.htm