Slide 1 - FAU College of Engineering

advertisement
SCADA Software Architecture
Meha Garg
Dept. of Computer Science and Engineering
Florida Atlantic University
Boca Raton, FL, USA
December 18, 2008.
1
Secure Systems Research Group - FAU
Agenda
•
•
•
•
Motivation
Objective
Introduction
SCADA – Use Cases and Application of
Patterns
• Questions
• Recommendations
2
Secure Systems Research Group - FAU
Motivation
• Critical Infrastructure systems like Supervisory, Control
and Data Acquisition Systems (SCADA), Distributed
Control System (DCS), used in Energy Industry and
Process Industries are highly distributed and complex.
• It would be interesting to study SCADA using Use Case
diagrams and applying various patterns – Layers, Model
View Controller, Web Services, Broker, etc., applying our
secure software methodology
• This kind of work will help understanding of SCADA
systems and Cyber Physical Systems, apply Non
Functional Requirements, and do model checking.
3
Secure Systems Research Group - FAU
Objective
To discuss Use Case Diagram for SCADA, then
define a software architecture using patterns
4
Secure Systems Research Group - FAU
Introduction
•SCADA (Supervisory Control and Data Acquisition) systems are used to monitor and
control a plant or equipment in industries such as telecommunications, water and waste
control, energy, oil and gas refining, and Transportation (airport, traffic control, rails)
•These systems encompass the transfer of data between a SCADA central host
computer and a number of Remote Terminal Units (RTUs) and/or Programmable Logic
Controllers (PLCs), and the central host and the operator terminals
•A SCADA system gathers information (such as where a leak on a pipeline has
occurred), transfers the information back to a central site, then alerts the home station
that a leak has occurred, carrying out necessary analysis and control, such as
determining if the leak is critical, and displaying the information in a logical and
organized fashion
•These systems can be relatively simple, such as monitoring environmental conditions
of a small office building, or very complex, such as a system that monitors all the
activity in a nuclear power plant or the activity of a municipal water system
5
Secure Systems Research Group - FAU
Use Case Diagram for SCADA System
• Description: The goal is to supervise, control, monitor and
acquire data for critical infrastructure systems, operate from
remote end and ensure security and safety
• Actors:
– Field Devices
– Local Control Center (LCC)
– Remote Telemetry Units (RTU)
– Master / Central Control Terminal Unit (MTU)
– Operator
– Supervisor
6
Secure Systems Research Group - FAU
Use Cases
1. System Shut Down / Startup
2. Gather Field Information
3. Perform Local Control
4. Transfer Field Information
5. Manage Field Information
6. Perform Remote Control
7. Analyze System State
8. Schedule Task
9. Balance Load
10. Adjust Settings
11. Check Status
12. Manage Logging
7
Secure Systems Research Group - FAU
SCADA System
Gather Field
Information
<<actor>>
Field Devices
Perform
Local
Control
<<actor>>
Remote Terminal Unit
Transfer
Information
<<actor>>
Local Control Center
Manage
Field
Information
<<include>>
Perform
Remote
Control
<<actor>>
Central Control Terminal Unit
Analyze
System
State
Schedule
Task
Operator
Balance
Load
Supervisor
Adjust
Settings
Manage
Logging
System
Startup/
Shutdown
Check
Status
8
Secure Systems Research Group - FAU
Pre Conditions for SCADA
System
1. The operator is logged in.
2. The system is real time system.
9
Secure Systems Research Group - FAU
Layers
System
Startup/Shutdown
Switches
Transport
Layer
Data
Gathering
Field Device
Units
Check Status
Printers
ModBus
IEC 61850
RTU
Adjust Settings
HMI
DNP 3
IED
Field
Devices
Actuators
GPS
Perform Control
System Level
Routers
Ethernet: TCP/IP
Bay Control
Units
Sensors
Application
Layer
Protocols
Communication
System
Distribution
Layer
Hardware
Layer
10
Secure Systems Research Group - FAU
Layer Pattern
• SCADA system being highly complex and distributed, it is important to
understand SCADA in Terms of Layers for simplicity as shown in Figure
above. The intent, forces, advantages for the layer Patterns are the
same. However here we apply this pattern on the real physical system.
• Layer 1: It is the field Units, considering the Generation, Transmission
and Distribution at one place, we have all the process controls, I/Os,
status, metering, measuring values, etc. It also includes local control.
• Layer 2: The field values, I/O – analog, digital, measuring and other
commands, operations, are taken to RTUs, IEDs, PLCs, BCUs, and
other I/O cards to communicate to higher end.
• Layer 3: This includes all the communication cables, protocol
architecture required for higher end communication interfaced with all
field signals. It is the backbone in the modern control centers, which has
11
Secure Systems Research Group - FAU
Layer Pattern
immensely reduced physical wiring, big marshalling and increased the
reliability and more improved quality signals. Today latest protocols like
IEC 61850, Modbus and other proprietary protocols are used.
• Layer 4: This includes the Control centre equipped with dynamic
changing states of the system displayed on HMI, which is powerful to
read values, prompt and diagnosis system change and with a click on
HMI, to carry out operations.
• Layer 5: Connection with the outside world using Internet and various
new technology related to mobile / cell phone operations.
12
Secure Systems Research Group - FAU
More Patterns
We can apply more patterns:
• Broker (Inter substation control)
• Client – Sever – Dispatch (Between Main
system and operator console)
• Web Services (Internet Control)
• Model View Controller (HMI)
• Three-tier
Unified Physical Access Control to
Buildings and information
13
Secure Systems Research Group - FAU
Future Work
• Safety Monitor
– Implementation in SCADA System
• Unifying Safety with Security
• Implementing more patterns in SCADA
• Formalization of safety
14
Secure Systems Research Group - FAU
Recommendations and Questions
Feedback:
15
Secure Systems Research Group - FAU
Download