SCADA, SeCurity & AutomAtion · PDF file• Training Classes • SCADA Symposium ... are sent using a given protocol format, such as MODBUS or DNP3. ... report by texting Win-911 with

I ns ide Th is I ssue• WIN-911SMSMessagingReports• FreeSCADASeminars• TrainingClasses• SCADASymposium• GoNavy• IntegratorSpotlight• PathStudySharewareWorthaTry

Volume 20, Issue 2 • Fall/Winter 2010 A Publication of Sage Designs, Inc.

150 Shoreline Hwy., Suite #8A • Mill Valley, CA 94941-3634 • 1-888-ASK-SAGE (1-888-275-7243) • 1-888-FAX-SAGE • www.SageDesignsInc.com

S C A DA , S e C u r i t y & Au to m At i o n n e w S l e t t e r

Continued on page 7

Continued on page 6

address the needs of the attractive water, wastewater, and oil and gas industries for which remote monitoring and control are critical to their large and dispersed sites. The combination of technologies, channels, customer knowledge and complementary execution capabilities will put us in an excellent position to capture new opportunities in these fast growing markets.”Customerscanexpectacommitmenttotheircorebusinesswithintegratedsolutionsdesignedtoprovidesafe,reliableandefficientenergy.ControlMicrosystemswillbecome

theglobalexpertsinremoteSCADAandtelemetrysolutionsforwater/wastewaterandoilandgas.AsthetransitiontoSchneiderElectricoccurs,thefourleadingproductlines(Accutech,SCADAPack,Trio,andClearSCADA)willcontinuetobesoldthroughtheestablishedsaleschannels.SchneiderElectricrecognizesthatexistingControlMicrosystems’representativesarehighlyskilled,specializedorganizationsthatfocusonprovidingbest-in-classsolutionstosolvecustomerchallenges.

ControlMicrosystemshasrecentlybeenacquiredbySchneiderElectric,theglobalspecialistinenergymanagement.UndertheirAutomationPortfolio,SchneiderElectricservesmachinebuilders,mining,mineralandmetals,water/wastewater,oilandgas,andelectricalenergymarkets.ControlMicrosystems’productportfoliocomplementsandexpandsSchneiderElectric’scurrentapplicationfields.MichelCrochon,ExecutiveVice-PresidentofSchneiderElectric’sIndustrybusiness,commentedinapressreleasedatedApril13th,2010:“Schneider Electric acquires a global telemetry platform to

SCADA Communication SecurityThe “Onion” Perspective

Free November SCADA Seminars

• Creatingauditlogsthatwillrevealevidenceoftampering.

• Encryption(hidingdataasitmovesacrossnetworks).

• Authentication(verifyingthatthepersonperformingacriticaloperationisauthorised).

Itisencryptionandauthenticationthatwillbethefocusofthisarticle.It’simportanttonotethatencryptionandauthenticationarenotmutuallyexclusive;theycanbothbeusedconcurrentlyonthesamesystem.

Encryption... and DecryptionEncryptionistheactofmanipulatinginformationuntilitappearsalmostmeaninglesstothecasualobserver.Decryptionistheactofrestoringanencryptedmessagetoitspreviousreadablestate.InatypicalSCADAsystem,allmessagesaresentusingagivenprotocolformat,suchasMODBUSorDNP3.Anyonewhocanseethemessagesbeingtransmittedcandecodethemandseewhatinformationisbeingtransferredfromdevicetodevice.InanencryptedSCADAsystem,messagesaretransformedintoaseeminglygarbledsequenceofbytes.Shortmessagesarestuffedwithextrarandombytestomakeitdifficulttoestimatethesizeofthemessagesbeingtransmitted.Acasualobservercan

AstheprofileofsecurityforSupervisoryControlandDataAcquisitionnetworkshasgrown,expertshavebeguntotalkmoreandmoreaboutthisissue.ItisasignofthetimesthatoneofthefirstactsofPresidentObamawastoinstigateacomprehensivereviewofcybersecurityandhesingledoutSCADAsystemsasakeypartofthereview.Why?BecausetheincreaseinI.T.networkingmeansthatSCADAsystemsarebeingconnectedtotheInternet,leavingthemmoreopentoattack.Muchliteraturehasafocusonsecuritytechnologyindetail.Thisdoesnothelpthosenewtothetechnology.Nordoesithelppeopletounderstandcybersecurityinthecontextofanoverallsecurityplan.Forthat,weneedareasonablemodel.Thisiswherethe“onion”comesin.AsShreksays“Ogres are like onions. Onions have layers.” Well,securityislikeanonion,too.Agoodsecurityplaninvolvesmanylayers.Onelayerofsecuritywon’tprovidemuchofadeterrent,butaddanother3or4layersandyou’restartingtogetsomewhere.Differentlayersofsecurityprotectagainstdifferentkindsofthreatsandwilloftencomplementoneanother.Therearemanypotentialsecuritylayers,betheyphysical,electronicorprocedural:• KeepingSCADAnetworksisolated

fromcorporatenetworks.• Notadvertisingconfigurations(e.g.

disableSSIDonwirelessnetworks).• Installingfielddevices(e.g.RTU,

PLC)insidelockedenclosures.

whichwatchthehealthofthecontrollers,theirprogramsandtheirI/O.Ifyouareinterestedinthesetopics,youshouldattendoneofourtwoupcomingfreeSCADAseminars.PresentationsbyexpertsatControlMicrosystemsexplaininganddemonstratingthesecapabilitieswhichhavebeenimplementedintheE-seriesSCADAPacksandClearSCADASCADAhostsoftwarewillleaveyouwithnodoubtthatthedaysofsimplepolledprotocolssuchasModbusandDF1aresoontobebehindus.Seetheregistrationforminthisnewsletterorgoon-linetowww.scadawise.comtoregister.

AstheneedfordataincreasesinthemodernworldofSCADA,itseemsnaturalthatprotocolsfortoday’ssystemsmustadvancetoaccommodatethisthirst.Addionally,utilitiesmanagerswanttobeabletobettermanagetheirequipmentinthefieldwithouteverleavingtheirofficeinordertosavetimeandlabor.Thankfully,thecurrenttrendtowardsDNP3makesbothofthesegoalsachievable.NotonlydoesDNP3turnyourremotesintodata-loggerswhichdon’tmissaneventjustbecauseitoccursbetweenpollcycles,buttheprotocolallowsforimplementationswhichsupportthere-configurationoftheremotes,versioncontrolofprogramsinthemanddiagnostics


Get SMS Reports with Win-911

toolforfieldpersonnelandaugmentsthepowerfulalarmingcapabilityofWin-4112-waySMS.ItsupportsallmajorwirelessserviceprovidersandisincludedintheWin-911/PROsoftwarepackage.WithWindowsSmartPhones,youcanrunMobile-411whichincludesenhancedfeaturessuchasatabularlayoutforreports,plusaRefreshbuttonforgettingthelatestvalueswithasinglestroke.Otherfeaturesincludetheabilitytoreceiveand

Inadditiontoreceivingalarmsonanycellphone,userscannowrequesttextreportsandgetthecurrentvaluesofprocessvariablesusingthe2-WaySMScapabilityavailablewithallWIN-911/PROsystems.AusercanrequestareportbytextingWin-911withareportnumber.Thesereportscancontainseveralvariables,eachofwhichwillcomeinasaseparatemessageonyourphone.Reportscanberequestedatanytime,whetherornotanyalarmsareactive.Win-411Reportsisavaluable

TakeWIN-911SMSalarmnotificationtoawholenewlevelusingWIN-411TextReportsandMobile-911.Managedataandalarmsmoreeffectivelyandkeepinformedwhenitreallycounts.CallSageDesignsformoreinformationorvisitthemanufacturer’swebsite:www.specterinstruments.com

FiretideMeshNode

Firetide BackhaulWireless Mesh

Firetide HotPort® 6000-900Wireless Mesh Nodes

• Reliable, High-Performance Networks in Challenging Wireless Environments

• Street-Level Connectivity• Encryption for End-to-End Security

UtilityCompany

Smart UtilityMeter

DataCollectionUnit

SCADA & Wireless Instrumentation

San Antonio, TX • October 17-19

SymposiumControlMicrosystems,aSchneiderElectriccompany,ishostingthe2010SCADA&WirelessInstrumentationSymposiuminSanAntonio,TX,fromOctober17-19,2010.SageDesignswouldliketoinviteyoutojoinusforindustryandtechnicaldiscussions,marketupdates,andcomprehensivehands-ontrainingsessions.ThroughCMI’spartnershipwithPDHonline,attendeeswillreceive1ContinuingEducationUnitor10ProfessionalDevelopmentHoursuponcompletingthetraining.

What is offered:• Separatebreakoutsessions

forW/WWandO&Gindustries• Afull-dayofhands-on

technicaltraining• ContinuingEducationUnits

(CEUs)andProfessionalDevelopmentHours(PDHs)

• Technologyandmarketupdates

• Applicationshowcase• Paneldiscussion–

“TheFutureofSCADA”• Fullonandoff-sitemeals

eachdayWe hope to see you there!

Registration link can be found at www.controlmicrosystems.com

acknowledgeindividualalarmsandgetalarmstatusreports.ConfiguringWIN-411TextReportsiseasyusingthenew411reportmodule.SimplyadddatatagsthathavebeenimportedintoWIN-911fromyourSCADAdatabase,thenaddashortdescriptionforeach.


150 Shoreline Hwy. #8A ● Mill Valley, CA 94941-3634 ● 1-888-ASK-SAGE or 415-331-8826 ● 1-888-FAX-SAGE ● www.SageDesignsInc.com

F r e e S C A D A S e m i n a r Integrated Water/Wastewater SCADA Solutions

N o v e m b e r 3 , 2 0 1 0 N o v e m b e r 4 , 2 0 1 0 8AM – Noon 8AM – Noon Radisson Hotel Newport Beach Embassy Suites Walnut Creek 4545 MacArthur Blvd. 1345 Treat Blvd. Newport Beach, CA 92660 Walnut Creek, CA, 94597

Water utilities have been using Supervisory Control and Data Acquisition (SCADA) for many years, during which SCADA systems have evolved from simple tone telemetry to web-centric solutions. A SCADA system’s primary function is to monitor and control the conditions of remote assets, such as pumps and lift stations, distribution networks, and treatment plants, while ensuring data integrity, overall system visibility, and security. If you are expanding, upgrading, or developing a new SCADA system, selecting the right hardware and software components can help you cope with ever changing demands in securing your infrastructure and improving data collection and reporting. Join us to learn more about intelligent field controllers that can dramatically improve environmental compliance and reduce cost of deployment for water systems. Understand the benefits of event data logging and time-stamped data in the remote controller and how historical data backfill can help you meet regulatory requirements. Learn about secure and encrypted data transmission and innovative system architectures that can reduce your cost of operation.

Who should attend? • SCADA Engineers, Managers and Technicians • Water Systems Managers, Operators and

Technicians • SCADA Solution Providers

Featured Applications • Pump/lift Station Controllers • Water Quality Monitoring • District Meter Zones • Real-time and Historical Data Gathering • Wireless Instrumentation & Measurement

Featured Products • SCADAPack E-Series PLC/RTU • ClearSCADA Integrated Enterprise Software • Trio Long-range Industrial Wireless Radios

Featured Technologies • Integrated Enterprise Software • Historical Data Backfilling • Wireless Ethernet Communications • Data Encryption and SCADA Security

Continental breakfast included

- - - - - - - - - - - - - - - - - - - - - - - - - Download the registration form at http:www.sagedesignsinc.com/events - - - - - - - - - - - - - - - - - - - - - - - - - - -Pre-registration Required

To Register: Email this form to [email protected] or fax to 1-888-329-7243. A confirmation will be emailed to you. The registration form and hotel directions can be found on the Events Page of our website: http://www.sagedesignsinc.com/events. For more information, call 1-888-275-7243. □ Register me for the free seminar in Newport Beach on Wednesday, November 3, 2010

□ Register me for the free seminar in Walnut Creek on Thursday, November 4, 2010

Name (please print): Title:

Company: Phone:

Address: Fax:

Email:

City/State/Zip: Dietary Restrictions:

* * * Registration Deadline: October 29, 2010 * * *There is no charge for this event, but we would appreciate notification if you must cancel your reservation.


ClearSCADA Training CourseDecember 13-16, 2010 - Corte Madera, CA February 28 - March 3, 2011 - Mill Valley, CA

Day1(8AM–4PM) InstallingClearSCADA,IntroductiontoClearSCADA, Components,UsingViewX,UsingWebX,ClearSCADAHelp

Day2(8AM-4PM) ConfiguringusingViewX,DatabaseOrganization,BasicTelemetryConfiguration,CreatingMimics,CreatingTrends

Day3(8AM-4PM) ConfiguringusingViewX,Templates&Instances,LogicLanguages,Security,CommunicationsDiagnostics

Day4(8AM-4PM) Reports,SystemConfiguration,SystemArchitecture,Questions

Cost: ClearSCADATrainingCourse $1,800

SCADAPack TelePACE Studio Training CourseNovember 15-17, 2010 - Mill Valley, CA February 15-17, 2011 - Mill Valley, CAAn optional SCADAPack 350, SCADAPack 334 or SCADAPack 32 is available at a special price* with the course—an excellent way to get started using Control Microsystems’ Controllers.

Day1(8AM-4PM) SCADAPackcontrolleroperation,Series5000I/O,TelePACEStudiointroduction

Day2(8AM-4PM) TelePACEStudioadvancedprogrammingtechniquesandadvancedfunctions

Day3(8AM-2PM) Controllercommunications,ModbusMaster/Slaveprotocol,Diagnostics,Modems

Cost: SCADAPackTelePACEStudioCourse$1,275*OptionalSCADAPack350TrainingKit–adds$990*OptionalSCADAPack334TrainingKit–adds$990*OptionalSCADAPack32TrainingKit–adds$1,060

Instructors: ClearSCADA&SCADAPackTelePACEclasseswillbetaughtbyTonySannellla,SageDesigns,aControlMicrosystems’Factory-CertifiedInstructor.TheClearSCADATestDriveswillbeconductedbyIanMetcalfe,USClearSCADASales,ControlMicrosystems.Location:Seeindividualcourseregistrationform.Thoserequiringovernightaccommodationsshouldcallthehoteldirectlyforreservations.

What should I bring?LaptopcomputerwithminimumofWin2KorXPwith15mbfreediskspace,CDROM,mousewithascrollwheel,workingserial,USBorEthernetport,andnecessarypermissionstoinstallsoftwareonyourcomputer.

What is provided?Lunchandcoffee,softdrinksandsnackseachday.

*Optional Training Kits at special course pricing (TelePACE class only): Limit one (1) for every two (2) students per organization. Training Kits will be shipped N/C to training facility, provided your registration is received approximately 4 weeks before the first day of the course, or shipped to you after the course when available. Training kits include a SCADAPack 350, SCADAPack 334 or SCADAPack 32 Controller, TelePACE Studio Software, Hardware Manual (on CD-ROM), I/O Simulator board, AC/2 Transformer, & programming cable. Prices do not include applicable California sales taxes.

TM Training Classes

Download the Registration form at: http://www.sagedesignsinc.com/events/index.htm

Please send me the Registration Form ClearSCADA: ❑ December 13-16, 2010 - Corte Madera, CA ❑ February 28 - March 3, 2011 - Mill Valley, CA SCADAPack TelePACE: ❑ November 15-17, 2010 - Mill Valley, CA ❑ February 15-17, 2011 - Mill Valley, CA

Name(please print): Title:Company: Phone:Address: Fax:

Email:City/State/Zip:

* * * Registration Deadline: 2 weeks before 1st day of course * * *Allregistrationsaresubjecttocancellationfees.Aconfirmationnoticewillbesenttoallregistrantsonorbeforethedeadlinedate.

Schedule Your Own

Free Hands-On Test DriveCalltoScheduleaTestDriveCall 1-888-ASK-SAGEemail:[email protected]

Sage advice

Tools of the TradeSoftwareprogramsusedforpathstudiesareanamazingtool.Theyallowyoutoestimatelossesyouwillhaveinyourradiosystembeforeyougettothefield,soyouknowwhatisworthtestingandwhatisnot.Althoughthereareprogramsforthisthatcosttensofthousandsofdollars,thereisonepieceoffreewarethatdoesaprettygoodjobdespiteitsminorflaws:RadioMobile.Theprogramallowsyoutoplaceradiosanywhereontheearthanduseselevationdatatogenerateaprofileoftheterrainbetweenstations,whichishowitcalculatesthepathlosses.Itcanuseavarietyofsourcesforthedata,includingtheShuttleRadarTopographyMission(SRTM)datafromNASA.Youtheninputdetailsaboutyourradiofrequency,sensitivity,antennagain,cablelossesandotherinformationanditwillgeneratedetailsaboutthepath.Unfortunately,noneoftheprogramsforpathstudiestakeintoaccountbuildings,treesorotherman-madeobstructions,whichcanspelldisasterforaradiopath,andeventhemost

carefulpractitionercannotmakeupforthisomission.Ontheup-side,thiswilltellyouifthereishopeforyoursystem.Nowanyonecangetapictureofwhatchallengestheywillfaceinbuildingaradionetwork,whetheritbeforvoice,videoordata,withoutcommittingtoanexpensivefieldsurvey,butbuyerbeware.It’snotthatRadioMobiledoesn’taccuratelycalculatethelosses.Ihavecomparedtheresultstotheexpensiveproductsandfoundthattheresultsareprettymuchidentical.It’sthatnomatterhowwelltheseprogramswork,theyarenosubstitutionforarealsurveydoneinthefield.YoucandownloadafreecopyofRadioMobileat:www.cplus.org/rmw/english1.html,butpleaseconsidersendingadonationtohelppaytheexpensesoftheprogrammer.

Asthedecadeofthe60’scametoaclose,SierraControlSystems,Inc.founderAllenWilsonrecognizedaneedforaccuratemeasurementofopenchannelwatersystems.In1972,he

incorporatedSierraControlSystemsinCarsonCity,Nevada.Initiallyworkingfromagaragewiththehelpoffamily,thecompanydevelopedhighlyaccuratewaterlevelinstruments,watercontrolsystems,andradiotelemetry.Employingasoup-to-nutsapproach,SCSengineered,designedthecircuitsandthecircuitboards,andmachinedandfabricatedmuchofthehardwarein-house.Theydevelopedtheprogramsandinstalledthefinishedproduct.SCSthenfollowedthroughwithsupportandtraining.SCADAwasarelativelynew,emergingtechnology.Oneoftheindustriestomakewide-useofthetechnologywashydroelectricpowergeneration.SierraControlSystemswascontractedtoengineerandprovideequipmenttomonitorandcontrolthecriticalprocessesinvolvedatmanyofthehydropowerplantsinCalifornia.TheexpertiseandreputationofthecompanygrewalongwiththeSCADAindustryitself.InadditiontoSCS’sworkwiththepowerindustry,municipalutilitiesandirrigationdistrictsalsowantedtomonitorandcontroltheirfacilities.Tothisend,thecompanydevelopedtanktopmonitorswithtelemetryforwaterstoragetanks,pumpcontrollers,andgatecontrollers.Thesecouldreporttoamastertelemetryunitinacentrallocation.Again,theproductwasengineeredandbuiltdowntotheboardlevelattheSierraControlSystemsfacility.Thecompanywasquicklybecomingknownasaproviderofreliable,qualityequipment,muchofwhichisstillinservicetoday.Asthe90’sapproached,openarchitectureinSCADAsystemsbecameanimportantconsideration,asmorevendorsviedtoprovideproductsforthegrowingSCADAindustry.Itbecameessentialthatequipmentfromvendor“A”couldintegratewithequipment

fromvendor“B”.Suddenly,everyonewasspeakingModbus.SierraControlSystemsquicklyembracedthechanges.ThenewControlMicrosystems’VS/3RTUhadbeenintroduced.Theconvenient,single-boardpackagebeganappearinginSCScontrollers.TheControlMicrosystems’TeleSAFE6000RTUsoonfollowed.SCScontinuedtodevelopproductstoexpandthenewcontroller’scapabilities.TheseincludedmultiplexersforenhancedI/OcountandtelemetryinterfacestoexistingSCStechnology,amongothers.AsthechoiceofOITdeviceswaslimitedatthistime,SierraControlSystemsdesignedandbuiltitsown.Thesecapabilitieshelpedacceleratethecompany’sentryintotheSystemIntegratorranks,whilesettingthecompanyapart.Today,SCSremainsattheforefrontofmodernSCADAsystemsuppliers.TheirSeries900controller,whichisbasedonaControlMicrosystems’SCADAPackcontroller,hasbeendeployedinhundredsofmeasurementandcontrolapplicationsthroughouttheWest.TheDNP3protocolcapabilitiesofthesecontrollerscanprovidetheircustomerswiththelatestinopenarchitectureSCADAsolutions,withouttheneedtoreengineertheproducts.ControlMicrosystems’ClearSCADASCADAhostsoftwarenicelytiesthesesystemstogether,creatingasystemthatcanmeettheneedsofthemostdemandingofcustomers.SierraControlSystemsworkscloselywithengineersattheIrrigationTrainingandResearchCenteratCaliforniaPolytechnicStateUniversity,SanLuisObispo.TheITRChasdevelopedavastknowledgeofirrigationsystempracticesandflowstudiesthatitshareswithirrigationdistrictsthroughoutCalifornia.ITRCassiststhedistrictswithengineeringaimedatmaximizingtheefficientuseofvaluablewaterresourcesthroughmonitoringandautomatedcontrol.SierraControlSystemshasprovided,installed,andtestedgatemonitoring/controltelemetryunitsforseveralCaliforniaandNevadaIrrigationDistricts.SierraControlSystemsislocatedina15,600sq.ft.facilityat940MalloryWayinCarsonCity,Nevada.Currently,

SCSisheadedbycompanypresidentJerryKelley.Mr.Kelleyhasbeenwiththecompanysinceitsinceptionandisamajorinfluenceintheproductintegrityandengineeringpracticesemployed.Day-to-dayoperationsareoverseenbygeneralmanagerJoelMcMenamy.SCSprovidesskilledjobsfor22localNevadans.Withafull-timestaffof7engineersandthesupportoffabrication,manufacturing,test,field,andadministrativeresources,thecompanyhasneverbeenbusier.SCSstillusesstate-of-the-artproductsfromControlMicrosystemsintheir“Series900”controllers.SierraControlSystemsisanactiveControlMicrosystemsSCADAPartnerPlusmemberandamajoruserofClearSCADA.Asnewproductscometomarket,SCScarefully

evaluatestheirusefulnessandreliability.Theengineerscontinuallyupdatetheirknowledgeofnewsoftwareandhardwarewithmanufacturestraining,includingreportingoptionsandadvancedHMIdevelopment.SierraControlSystemsenjoysalongreputationforquality,reliability,andservice.Withdecadesofexperienceasamanufactureroftelemetryandcontrolsystems,andapioneerinthefieldofsystemsintegrationofSCADAsystems,SierraControlSystemsentersthenewcenturywithoptimism.SierraControlSystems,Inc.canbereachedat(775)883-0043ortheirwebsite:sierracontrols.com

Integrator Spotlight: Sierra Control Systems



NorthAmericanIndustryTech,Inc.(NAIT),acontrolsystemsintegratorinSouthernCalifornia,wasgiventheprivilegeofreplacinganexistingpotablewatertreatmentplantcontrolsystemfortheNavalAirFacilityinElCentro,CAaboutthreeyearsago.TheprimaryreasonwewereinvitedtothesitewastheNavy’stotaldissatisfactionwiththeexistingwatertreatmentplantcontractoperators.TheNavywantedtoreplacethecontractoperators,butwasfearfulthatanewcontractorwouldn’tbeabletooperatetheexistingsystem.Theexistingwatertreatmentplantcontrolsystemwastypicalofmostoldersystems,lacedwithmanyfailingelectricalsubsystemsandindividualmechanicalhardwarecomponents.Italsoseemedthatitwasbeingkeptthisway,perhapsinanefforttoprovidejobsecurityfortheexistingcontractoperators.Priortobeingawardedtheproject,wehadsomeseriouspersuadingtodo.TheNavypersonnelwereunderthemisguidednotionthatalloftheirhardwareneededtobechanged.Theyseemedtobefocusedonreplacementofthefilterunits.Afterourpreliminarysurvey,wefoundmostoftheexistinghardwaretobeacceptable,withtheonlyexceptionbeingthecontrolsystem.Thepotablewaterfilterunitswere,actually,theonlythingsthatseemedtobeworkingwell.Allthesub-systems,however,wereprettymuchinshambles.FortheNavy,theysimplywantedapotablewatertreatmentplantthatwasmanageable,andworkedwell.Thiswouldallowthemtochangethecontractoperators,iftheyfeltnecessary,whilemaintainingahighqualitywatersupplybase-wide.Thepotablewaterplantwascomposedofsevenindividualpumpstations,withsomeoperatingonlevelcontrols,andsomeoperatingonpressurecontrol.Severalofthesepumpstationswerepartofthefilterbackwashbatchroutine,aswellasthechemicalcontrols.Theplant’sexistingprimarycontrol,performedbyarotatingcam-typeactuatorwithcontactblocks,wastotallydysfunctional.Thisresultedintheoperatorsperformingmanualbackwashfunctionswhenevertheythoughtitwasneeded,whichturnedouttobeaboutevery2or3days.Duringtheawardprocessfortheproject,weassessedtheissuesathand:Problem#1:Politicalproblemsbetweentheownerandtheoperationstaff.Problem#2:Owner’sbeliefthatthewholeplanthadtobechanged.Problem#3:Ahighlevelofskepticismbytheclientthatourproposedsolutionwouldsolvetheirproblems.Ultimately,theclientdidfinallycommittolettingushelpsolvetheirproblems.

Dueconsiderationwastakentoselecttheproductsbecauseofthelocationoftheplant(inthesouthernCaliforniaDesert),havinghighdeserttemperatures,andexposedtoadustyenvironment.Withits158°Ftemperatureratinganditsresistancetothecorrosiveenvironmentofsalty,moistairfoundatthebase,theControlMicrosystems’SCADAPackcontrollersweretheobviouschoice.Further,thehightemperatureratingallowedustoforgocontrolpanelairconditioners.Themodel357wasselectedasitsI/OcountprettymuchmatchedtheI/Orequirementpersite.FortheSCADAmanagementsoftware,ControlMicrosystems’ClearSCADAwasconsideredandchosenbecauseofseveralfactors:itsopenarchitecture,openindustrystandardinterfaces,suchasOPC,ODBC,.NETforintegrationwithbusinesssystems;anintegratedevent–basedhistorian;andanintegratedzero-configurationwebserver,makingremoteaccesseasy.AsthiswasNAIT’sfirstexperienceworkingwithSCADAPackcontrollers,itgaveusachancetoworkwithnewproductsandprotocols.Duringprogramdevelopment,wefoundtheSCADAPackprogrammingalmostidenticaltotheModiconseriesofcontrollers.TheprogrammingsoftwareforthecontrollerswassimilarenoughthatusingTelePACEwasamajorplus.Inshort,wediscoveredthatthepriceofaSCADAPack357wasclosetothatofaModiconCompact(withlimitedI/O),butwegot(almost)alltheI/Oweneededforthisfairlylargeproject,plusthePLCprogrammingsoftwareenabledustohitthegroundrunning.Additionally(andhere’stherealicingonthecake),thiscontrollerhasthesamecommandsetasthemostexpensivecontrollersyoucanbuy,anditsupportsTCP/IP,USB,RS232,andRS485rightoutofthebox.WeendedupusingaprimarycontrolpanellocatedinthewaterplantcontrolbuildingnexttotheMotorControlCenter,withoneremoteterminalunit(RTU)locatednexttothefilterunits.ThetwopanelscommunicateusingModbusoverRS485.ImplementingClearSCADAwasanentirelydifferentsituation.Thelearningcurveinitiallyseemedsteep,sinceClearSCADAisdramaticallydifferentfromtheotherSCADAsoftwarewehadbeenusingforthelast20years.Wecanactuallysaythough,fiveimplementedsystemslater,wehavefoundthatusingClearSCADAasaSCADAmanagementsoftwaresavesdevelopmenttimeandallowsmanymoreoptionswithoutthelaboriousnecessityofusingcustomprogramming,asopposedto

configuration.WewillnevergobacktotheotherHMIpackages.Theeaseofconnectingtoenddevicesisoneofthemostimportantfeaturesofthissoftwareoveralltheothers.ThecontrolsystemimplementedfortheNavyhasnowbeeninoperationforabout3years.Afterthecompleteautomationupgrade,theplantsitstheremostofthetimemakinghighqualitypotablewaterwithoutoperatorintervention,asdesigned.Itisworthmentioningthat,sincetheupgrade,bothfilterunitsarerarelyused;theplantalmostalwaysrunswithonlyoneofthetwofiltersonline,andbackwashesautomaticallybasedonthewatercolumnwithinthefilterunit.OuroutdoorNEMA4RTUpanel,whichislocatedinanuncoveredmetallicenclosureregularlysubjectedto

temperaturesinexcessof115degrees,hasnotexperiencedasinglefailure.Sincethislevelofautomationwasestablishedattheplant,theNavyhascycledthroughthreedifferentcontractoperatorsuntilfindingonetheyarehappywith.Theyfeelthiswouldnothavebeenpossiblewithouttheplantrunning,andcontinuingtoproducehighqualitypotablewater,onitsownduringthechangeoverandfamiliarityperiodsofthenewoperationsstaff.Attheconclusionofthisproject,weteamedwithControlMicroSystemsasanAuthorizedSCADAPartner,andconsidertheirproductstobeourfrontlinehardwareandsoftware.—KentSurrattNorthAmericanIndustryTech(NAIT)

Navy Seals the Deal with SCADA Partner

Sage Siting

Control Microsystems’ Evolution OurevolutiontoSchneiderElectric,theglobalspecialistinenergymanagement,re-affirmsourcommitmenttoprovideyouwithinnovativeremoteSCADAandtelemetrysolutions,best-in-classcustomerservice,andexceptionalqualityineverythingwedo.Weareproudtobeyourpartner,andwearededicatedtohelpingyoumakethemostofyourenergy.

About Schneider Electric:Asaglobalspecialistinenergymanagementwithoperationsinmorethan100countries,SchneiderElectricoffersintegratedsolutionsacrossmultiplemarketsegments,includingleadership

positionsinenergyandinfrastructure,industrialprocesses,buildingautomation,anddatacentres/networks,aswellasabroadpresenceinresidentialapplications.Focusedonmakingenergysafe,reliable,andefficient,thecompany’s100,000plusemployeesachievedsalesof15.8billioneurosin2009,throughanactivecommitmenttohelpindividualsandorganizations“Make the most of their energy.”www.schneider-electric.com

Control Microsystems is becoming Schneider ElectricContinued from page 1


determinelittlemorethanthefactthatamessagehasbeensentfromonedevicetoanother.EncryptionmakesspyingonandtamperingwithSCADAnetworksmuchmoredifficult.Themannerinwhichencryptionisachievediscomplexandrequiresthecommunicatingdevicestosharesecretknowledge.Ingeneral,thissecretknowledgetakestheformofasequenceofcharacters,knownasakey.Agoodkeyhassimilarpropertiestoagoodinternetpassword.Itshouldbelongandhaverandomcharacters.Anyonewhodoesnothavethekeycannotdeterminethemeaningofthemessagewithoutagreatdealofeffort.Howmucheffort?Likeanyformofphysicalorelectronicsecurity,encryptioncanbedefeated,whichisdonebyobtainingthekey.Therearedifferentwaystoobtainakey.Abruteforceapproachinvolvestestingrandomkeysuntiltherightkeyisfound.Thisoftenrequiresalargesampleoftransactiondataandlotsofcomputerprocessingtime.Sometypesofencryptionmightrequirehundredsofyearsofcomputerprocessingtimetobreakinthisway.Thehugecomputationalcostrenderssuchanapproachimpractical.Itismucheasiertoobtainakeybytrickingoperatorsorinfiltratingcomputersystemsandaccessingstoredkeys,orevenbybreakingintoasiteandstealingafielddevice.Thisiswheretheonionmodel

comesin.Theotherlayersofsecurity,likephysicallocks,operatingproceduresandseparatecorporatenetworks,keeptheencryptionkeysafe.Thereisapricetobepaidforthesecurityofencryption.Firstly,encryptinganddecryptinginvolvenumerousmathematicalcalculations.ASCADAdevicemustbepowerfulenoughtoperformthesecalculationswhilestillcarryingoutitstraditionaltasksofcommunication,monitoringandcontrol.Secondly,encryptedcommunicationstakeupmorebandwidth.Allencryptedmessageshaveextraheaderinformation

tohelphandleroutingandencrypting.Shortmessagesmustbestuffedwithextrarandombytes,sothatthemessagetypeisnotmadeobviousbyitssize.Lastly,thesystem’sconfigurationbecomesmorecomplicated,asalldevicesonanencryptednetworkmustbegivensecuritykeys.Thiscostofinconvenienceistrueofanykindofsecurity,andisnotlimitedtoencryption.Itcanbeminimisedbyhavingacommonkeyfortheentirenetwork,butthiswillmakethenetworkmorevulnerableshouldthatsinglekeyfallintothewronghands.Attheoppositeendofthesecurityspectrum,everysinglepairofdevicescouldhaveasecuritykey.Whilethissystemwouldbemorecomplextosetup,alargenumberofkeyswouldhavetobediscoveredbeforethesystemwasseriouslycompromised.

Authentication – Challenge & ResponseAuthenticationistheprocessofonepartofaSCADAsystemprovingitsidentitytoanother.WheneveraSCADAdevicereceivescommandstoperformcontrolsorrespondwithdata,itwillchallengethesendingdeviceusingaspecialmessage.Thesendingdevicemustthenprovidethechallengeresponse.Ifthereceivingdeviceissatisfiedwiththechallengeresponse,thenitwillactontheoriginalcommand.ThinkofthislikeabouncerdemandingtoseeIDbeforeheletsyouintoanightclub:ChallengeandResponse.

Likeencryption,authenticationrequirestwoSCADAdevicestohaveamutuallyknownsecretkey.Whereasencryptionusesitskeytotransformentiremessagesintoencryptedbytes,challengesandchallengeresponsesarecreatedbyusingthekeytocreateaspecialdigitalsignature.Themathematicsissimilartothatofencryption,butonlyasmallamountofdataneedstobemanipulated.Thismeansthatauthenticationiscomputationallyfarcheaperthanencryption.AuthenticationpreventsmaliciouspartiesfromcontrollingtheSCADAdevice,butitwillnotstopthemfrominterceptingandreadingmessages.

Atthispoint,itmayseemlikeauthenticationisastrippeddownversionofencryption,butthisisnottrue.Authenticationguaranteesthatthesenderofthecontrolhastheauthoritytoperformthatcontrol.Withencryption,themessagecouldbeforwardedfromaSCADAdevicethatisencryptingamessageonbehalfofasenderwhodoesnothavetheauthoritytoissuesuchacontrol.Forexample,amisconfiguredpeerdeviceoramalicioususermaybethesourceofthecontrol,butwithouttheauthenticationkey,anysuchrequestswillbedenied.Authenticationisassociatedwithusers.AusercanbeadeviceontheSCADAnetworkoranoperatorusingapieceofinterfacesoftware.Therecanbeasinglegenericauthenticationuserusedbyallstaffanddevicesonanetwork.Attheotherextreme,therecanbeanauthenticationuserforeachSCADAdeviceandindividualwhoneedstoperformprotectedoperations.Authenticationcomeswithcostssimilartothatofencryption.Theextraprocessorperformanceoverheadissmallerthanthatofencryption,butisstillpresent.ExtrabandwidthisrequiredfortheheaderinformationandChallenge/Responsemessages.Keysmuststillbemanagedproperly,lesttheyfallintothewronghands.

Choosing the layersThegovernmentmandatesthedeploymentofsecuritytechnologyforsomeSCADAsystems,whileleavingothersfreetouseitorleaveit.Wemustrememberthat,evenwithinasecuritymandate,thereisscopeforchoiceabouthowtoimplementthesecuritysystem:authenticationorencryption,orboth.RememberthatencryptionhidesthemessagesonyourSCADAnetwork.Ifyouhavesensitivedatabeingtransmitted,youneedtohideit.Authenticationleavesthe

messagesvisible,butverifiestheidentityofthesenderofthemessage.Ifyouhavecriticalcontrols,youneedtoguaranteetheyarelegitimate.

Keys to SecurityAspreviouslymentioned,anencryptionsystemcanuseasinglekeyoraseparatekeyforeverycommunicationlinkinthesystem,dependingonthedesiredcomplexity.AnauthenticationsystemcanhaveagenericuserorauserforeveryoperatorandSCADAdevice.Morekeysmeanmoresecurity,aswellasmoreoverheadinkeepingthekeysup-to-dateandsecure.Whileitisdifficulttogeneralizethisdecision,astraightforwardchoiceisauthenticationkeysforafewcategoriesofusersandencryptionkeysforseverallogicalsubgroupsoftheSCADAnetwork.PerhapsthewisestapproachistostartwithaverysimplesecuritysetupandreviseitupwardsastheorganisationbecomesmorefamiliarwithasecureSCADAsystem.Itisbeyondthescopeofthisarticletodiscussthemanyotheraspectsofsecurity,butkeepinmindthattheothersecuritylayerswillneedtoprotectthekeysoftheencryptionandauthenticationlayers.Wellsecuredphysicalsites,goodlogauditinganddisciplinedkeydistributionandupdateproceduresallgoalongwaytowardsthisend.Theeverexpandingdigitalagemeansthatcybersecurityissuesarewithusandareheretostay.Itisineveryone’sinteresttobeinformedaboutSCADAsecurity.EncryptionandauthenticationarethenewestlayersinacomprehensiveplanforasecureSCADAnetwork.Layeruponlayeruponlayer,justliketheonion.— Metin Ozturk, Senior Engineering Specialist and SCADA Analyst, Control Microsystems, a Schneider ElectricCompany

The “Onion” Perspective Continued from page 1

WIRELESSSpread Spectrum & Licensed Radios

Broad-band Mesh Networks Wireless Transmitters

SCADAHMI Software &

Controllers

Out-of-the-Box Pump Controller

WIN-911 Alarm Notification Software from Specter Instruments

KYOCERA Solar Arrays & Charge Controllers

SECURITYAnalog & IP Cameras, Video Surveillance

Hardware & Software

PureActiv Video Analytics & Camera Management

1-888-ASK-SAGE • 1-888-FAX-SAGEwww.SageDesignsInc.com

Acknowledgements: SCADAPack™, FlowStation™, and ClearSCADA™ are trademarks of Control Microsystems Inc. Win-911® is a registered trademark of Specter Instruments. HotPort™, HotClient™, and HotView™ are trademarks of Firetide, Inc.. Firetide® is a registered trademark of Firetide, Inc.

S C A DA , S e C u r i t y & Au to m At i o n n e w S l e t t e rCa lendar of Events

SAvE A TREE

150 Shoreline Hwy., Suite #8AMill Valley, CA 94941-3634

Return Service Requested

STANDARD MAILuS poSTAGE pAID

pERMIT 191SANTA RoSA CA

September9,2010 CWEA/Tri-Counties September Workshop & Exhibit, SanLuisObispo,CA

September14,2010 CWEA/San Diego Section & SDCWWG 3rd Annual Joint Vendor Fair, Poway,CA

September16,2010 CWEA Northern Regional Training Conference, Modesto,CA

September28-29,2010 Tri-State Seminar on the River,Primm,NV

October2-6,2010 WEFTEC ’10 – 83rd Annual Technical Exhibition & Conference, NewOrleans,LA

October5-8,2010 CA-NV AWWA 2010 Fall Conference, Sacramento,CA

Oct17-19,2010 Control Microsystems’ 2010 SCADA & Wireless Instrumentation Symposium*, SanAntonio,TX.

October26,2010 ISA/Orange County Section AutomationOC Expo & Oktoberfest,HuntingtonBeach,CA

November3,2010 Free SCADA Seminar*, NewportBeach,CANovember4,2010 Free SCADA Seminar*, WalnutCreek,CANovember15-17,2010 SCADAPack TelePACE Studio Training*, MillValley,CADecember13-16,2010 ClearSCADA Training Course*, CorteMadera,CA

February1-3,2011 DistribuTECH 2011 Conference & Exhibition,SanDiego,CA

February15-17,2011 SCADAPack TelePACE Studio Training*, MillValley,CAFebruary28–March3,2011 ClearSCADA Training Course*, MillValley,CA

April13-14,2011 CWEA Annual Conference,Ontario,CA

*Downloadtheregistrationformfromourwebsiteorcallformoreinformation.

Documents

SCADA, SeCurity & AutomAtion · PDF file• Training Classes • SCADA Symposium ... are sent using a given protocol format, such as MODBUS or DNP3. ... report by texting Win-911 with