Critical infrastructure

Process control network (PCN) evolution

Nitesh Malviya
August 27, 2019 by
Nitesh Malviya

A Process Control Network (PCN) is a network composed of real-time industrial control systems which manage, monitor and control industrial infrastructure. PCNs make use of software, hardware, networks and their connectivity for accessing, controlling and transferring data with each other. PCNs are also known as Distributed Control Systems (DCS) or Supervisory Control and Data Acquisition (SCADA).

SCADA systems are used in various production environments. To name a few, they are used in power generation, wastewater treatment/purification, transportation systems, oil/gas pipeline/production, wind farms and more.

Learn ICS/SCADA Security

Learn ICS/SCADA Security

Explore realistic critical infrastructure scenarios and build your security skills with hands-on labs, on-demand courses and live boot camps.

PCN overview and setup 

PCN networks more or less consist of the following components:

  1. Human-Machine Interface (HMI): The Human-Machine Interface (HMI) is a device which shows data to the human operator for monitoring and controlling remotely installed systems. Examples include command-line interfaces, web-based interfaces, touchscreen interfaces and Graphical User Interface (GUI)
  2. Programmable Logic Controller (PLC): The Programmable Logic Controller (PLC) is a kind of controller for various processes like water flow and water level, speed, status of valve, temperature and so on. A PLC has a set of inputs for various processes and accordingly produces outputs for controlling them
  3. Remote Terminal Unit (RTU): The Remote Terminal Unit (RTU) is a system which is connected to various sensors involved in the process. It converts sensor data to digital form and sends it to SCADA systems
  4. Master Terminal Units (MTU): Master Terminal Units (MTUs) is the master of the PCN network. What the CPU is to the computer, MTU is to the PCN. They are central monitoring and control stations which control multiple RTUs placed at remote locations

General overview of PCN communication 

The steps listed below give a small overview of how communication happens in the PCN. They are:

  1. End user/operator has access to the Human-Machine Interface (HMI) 
  2. The HMI is further connected to the Master Terminal Unit (MTU), whose role/job is to control the Remote Terminal Units
  3. These RTUs monitor and control various Programmable Logic Controllers (PLCs), and PLCs are connected to various actuators and sensors deployed at a remote location

Communication network options

The communication steps mentioned above can transfer and receive data through a number of mediums. Below are a few of them:

  1. Ethernet network 
  2. Telephone line (for system utilizing electric signals)
  3. Optical fiber
  4. Radio/wireless
  5. Cellular
  6. Satellite
  7. Wi-Fi

Usage of communication medium relies on many factors like the finance involved in setting up the PCN system, legacy of SCADA systems, infrastructure setup requirements and so on.

PCN architecture development

PCN systems have existed since the 1970s and have been through four generations. They are: 

  1. Standalone/monolithic: These systems were the first/earliest SCADA systems involving minicomputers. These systems were standalone systems and weren’t connected to other systems. The protocols used were written and developed by RTU equipment vendors and were proprietary
  2. Distributed: In distributed systems, all the data and information processing were distributed among multiple stations/systems and these stations were connected in a LAN. Each station/system was assigned a particular task, and they shared information with other stations/systems in the LAN
  3. Networked: One major improvement in these systems was the use and support of WAN protocols such as Internet Protocol (IP). These systems use the IP protocol for communication with the master station and other equipment for sharing and transferring data. Also, the RTUs used in these generation of systems make use of an Ethernet connection, thus making it easier and simple to monitor, process and control the PCN
  4. Web-based: This is the latest generation of PCNs in which operators make use of web browsers like Chrome and Firefox as the GUI. These systems have been on the market since 2000 and enable operators to access PCN systems from browser-based systems on mobile, server, laptop, tablet and so on

Security in a PCN system

PCN systems and computers perform sensitive and critical tasks for managing and handling critical infrastructure. Thus, these systems are considered to be excellent targets by cyberattackers, and a successful attack on one can incur a huge loss to the country and its economy.

In fact, vulnerabilities and attacks on PCN and SCADA systems have gone up 600% since 2010. (Source

The main problem with PCN/SCADA systems is that they were not designed to be connected to the internet This means that issues pertaining to the digital security of these systems were not considered during development and design.

PCN security overview

Some of the prime reason why PCN/SCADA systems are so vulnerable are: 

  1. Unsupported/outdated systems 
  2. Increased connectivity to internet: Many PCN systems are now widely being connected to the internet via LAN or a wireless access point, resulting in an increase in unauthorized access to PCN systems and exposing it to the internet
  3. Lack of server hardening and procedures for the protection of PCN systems
  4. Software: Poor configuration and implementation
  5. Inadequate authentication and authorization
  6. Inadequate monitoring

How to mitigate/prevent attacks

Majority of the attacks on PCN systems can be mitigated by implementing available frameworks, legislation and guidelines. The following are the sources for frameworks, legislation and guidelines available:

  1. Critical Infrastructure Protection (CIP) 
  2. Department of Homeland Security guidelines
  3. Guide to Industrial Control Systems (ICS) Security by NIST
  4. Good practice guide process control and SCADA security by CPNI
  5. Control System Cyber Security Self-Assessment Tool (CS2SAT)
  6. NISCC [NISC09] — Good Practice Guide Process Control and SCADA Security
  7. ISO 27001 guidelines for PCN/SCADA systems
  8. NIST Special Publication 800-53

Conclusion

PCN systems are complex in design and implementation due to integration with different components, but it’s imperative to implement security in these systems. The security audit process must be a part of an industrial system project, and the timely audit of such systems should take place during the entire life cycle of the system.

Learn ICS/SCADA Security

Learn ICS/SCADA Security

Explore realistic critical infrastructure scenarios and build your security skills with hands-on labs, on-demand courses and live boot camps.

Sources

Nitesh Malviya
Nitesh Malviya

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog - https://nitmalviya03.wordpress.com/ and Linkedin - https://www.linkedin.com/in/nitmalviya03/.