Hijacking a Water Distribution Pump Station

摘要

A large metropolitan water utility converted from manual/panel board and tone-telemetry gear to a radio and PLC based supervisory control (SCADA) system in the early 1990s. The system design and architecture employed was very much the "norm" for automation technology being provided by most vendors through the 1990s. During the installation and commissioning of the system, using laptop PC "test set" and protocol analyzer software, in combination with portable radio gear, it was discovered that the system could be "fooled" into accepting the test set as a "real" RTU site and that the RTU sites could be controlled by the test set, overriding the actual SCADA system. This (not unexpected) capability was very convenient for testing and commissioning purposes. But, after the events of 9/11, with the heightened concerns about "cyber security" this capability was rightly seen by the utility as a dangerous "cyber" weakness in the system. Unfortunately, this utility's concerns are similar to those of countless other utilities that have deployed equivalent automation technologies. This paper discusses the different approaches considered and actually taken, in an effort to make the pump stations (and other field facilities) less susceptible to potential cyber assaults.