"Supervisory Control and Data Acquisition (SCADA) systems collect information from sensors and actuators about some physical environment and provide an operator interface which allows control and reporting. The physical environment could be a power plant, power-distribution network, water-treatment plant, manufacturing floor, petroleum refinery, or any other physical environment that requires control and data acquisition. As early as 1999 the European Organization for Nuclear Research was looking into using a SCADA system to control a laboratory environment. As late as 2009 Aydogmus and Aydogmus discussed the use of a SCADA system to allow students to remotely interact with a laboratory supporting distance learning. The data acquired may be operationally oriented and used to better run the system, or it could be strategic in nature and used to better run the company. SCADA systems play a critical role in the foundation of modern society, and there is a large body of work dedicated to defending these systems from cyber attack. The purpose of this report is to survey and summerize that work. In Section 2, this report reviews the basic components of a SCADA architecture. In Section 3, it reviews the impacts of some famous failures in SCADA systems. In Section 4, this report discusses the shared and unique vulnerabilities of SCADA systems. In Section 5, it reviews the countermeasures that are currently in place to protect SCADA systems. In Section 6, the report provides some concluding insight into the current research being done to defend SCADA systems."
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/