SCADA Software Architecture

Meha Garg
Dept. of Computer Science and Engineering
Florida Atlantic University
Boca Raton, FL, USA
December 18, 2008.

1
Secure Systems Research Group - FAU
 Agenda
Motivation
Objective
Introduction
SCADA Use Cases and Application of
Patterns
Questions
Recommendations

2
Secure Systems Research Group - FAU
 Motivation
Critical Infrastructure systems like Supervisory, Control
and Data Acquisition Systems (SCADA), Distributed
Control System (DCS), used in Energy Industry and
Process Industries are highly distributed and complex.
It would be interesting to study SCADA using Use Case
diagrams and applying various patterns Layers, Model
View Controller, Web Services, Broker, etc., applying our
secure software methodology
This kind of work will help understanding of SCADA
systems and Cyber Physical Systems, apply Non
Functional Requirements, and do model checking.

3
Secure Systems Research Group - FAU
 Objective

To discuss Use Case Diagram for SCADA, then

define a software architecture using patterns

4
Secure Systems Research Group - FAU
 Introduction
SCADA (Supervisory Control and Data Acquisition) systems are used to monitor and
control a plant or equipment in industries such as telecommunications, water and waste
control, energy, oil and gas refining, and Transportation (airport, traffic control, rails)
These systems encompass the transfer of data between a SCADA central host
computer and a number of Remote Terminal Units (RTUs) and/or Programmable Logic
Controllers (PLCs), and the central host and the operator terminals
A SCADA system gathers information (such as where a leak on a pipeline has
occurred), transfers the information back to a central site, then alerts the home station
that a leak has occurred, carrying out necessary analysis and control, such as
determining if the leak is critical, and displaying the information in a logical and
organized fashion
These systems can be relatively simple, such as monitoring environmental conditions
of a small office building, or very complex, such as a system that monitors all the
activity in a nuclear power plant or the activity of a municipal water system

5
Secure Systems Research Group - FAU
Use Case Diagram for SCADA System
Description: The goal is to supervise, control, monitor and
acquire data for critical infrastructure systems, operate from
remote end and ensure security and safety
Actors:
Field Devices
Local Control Center (LCC)
Remote Telemetry Units (RTU)
Master / Central Control Terminal Unit (MTU)
Operator
Supervisor

6
Secure Systems Research Group - FAU
 Use Cases
1. System Shut Down / Startup
2. Gather Field Information
3. Perform Local Control
4. Transfer Field Information
5. Manage Field Information
6. Perform Remote Control
7. Analyze System State
8. Schedule Task
9. Balance Load
10. Adjust Settings
11. Check Status
12. Manage Logging

7
Secure Systems Research Group - FAU
 SCADA System

Gather Field
Information <<actor>>
Field Devices

Perform
Local
<<actor>>
Control
Remote Terminal Unit

Transfer <<actor>>
Information Manage Local Control Center
Field
Information

<<include>>

Perform
Remote
Control
Analyze
System Operator
Schedule State
<<actor>> Task
Central Control Terminal Unit

Balance
Load
Supervisor

Adjust
Settings System
Startup/
Shutdown

Check
Manage Status
Logging

8
Secure Systems Research Group - FAU
 Pre Conditions for SCADA
System
1. The operator is logged in.
2. The system is real time system.

9
Secure Systems Research Group - FAU
 Layers
System Check Status Adjust Settings Perform Control Application
Startup/Shutdown Layer

System Level
Switches Printers HMI GPS Routers

Transport Communication
Layer ModBus IEC 61850 DNP 3 Ethernet: TCP/IP Protocols System

Data Distribution
Gathering RTU IED Bay Control Layer
Units

Field Device Field Actuators Sensors Hardware

Units Devices Layer

10
Secure Systems Research Group - FAU
 Layer Pattern
SCADA system being highly complex and distributed, it is important to
understand SCADA in Terms of Layers for simplicity as shown in Figure
above. The intent, forces, advantages for the layer Patterns are the
same. However here we apply this pattern on the real physical system.
Layer 1: It is the field Units, considering the Generation, Transmission
and Distribution at one place, we have all the process controls, I/Os,
status, metering, measuring values, etc. It also includes local control.
Layer 2: The field values, I/O analog, digital, measuring and other
commands, operations, are taken to RTUs, IEDs, PLCs, BCUs, and
other I/O cards to communicate to higher end.
Layer 3: This includes all the communication cables, protocol
architecture required for higher end communication interfaced with all
field signals. It is the backbone in the modern control centers, which has

11
Secure Systems Research Group - FAU
 Layer Pattern
immensely reduced physical wiring, big marshalling and increased the
reliability and more improved quality signals. Today latest protocols like
IEC 61850, Modbus and other proprietary protocols are used.
Layer 4: This includes the Control centre equipped with dynamic
changing states of the system displayed on HMI, which is powerful to
read values, prompt and diagnosis system change and with a click on
HMI, to carry out operations.
Layer 5: Connection with the outside world using Internet and various
new technology related to mobile / cell phone operations.

12
Secure Systems Research Group - FAU
 More Patterns
We can apply more patterns:
Broker (Inter substation control)
Client Sever Dispatch (Between Main
system and operator console)
Web Services (Internet Control)
Model View Controller (HMI)
Three-tier
Unified Physical Access Control to
Buildings and information
13
Secure Systems Research Group - FAU
 Future Work
Safety Monitor
Implementation in SCADA System

Unifying Safety with Security

Implementing more patterns in SCADA

Formalization of safety

14
Secure Systems Research Group - FAU
 Recommendations and Questions
Feedback:

15
Secure Systems Research Group - FAU