1 Cloud Computing for SCADA Moving all or part of SCADA applications to the cloud can cut costs significantly while dramatically increasing reliability and scalability. A White Paper from InduSoft
2 Larry Combs, vice president of customer service and support, InduSoft Although cloud computing is becoming more common, it s relatively new for SCADA (supervisory control and data acquisition) applications. Cloud computing provides convenient, on-demand network access to a shared pool of configurable computing resources including networks, servers, storage, applications, and services. These resources can be rapidly provisioned and released with minimal management effort or service provider interaction. By moving to a cloud-based environment, SCADA providers and users can significantly reduce costs, achieve greater reliability, and enhance functionality. In addition to eliminating the expenses and problems related to the hardware layer of IT infrastructure, cloud-based SCADA enables users to view data on devices like smartphones and tablet computers, and also through SMS text messages and . Our company, along with a number of others, provides SCADA software and services for firms that want to use their own IT infrastructure, the cloud, or a combination of both to deploy their applications. We provide upfront consulting and advice to help customers make the best choice depending on their specific requirements and capabilities. Figure 1: A public cloud formation in which the SCADA system is running onsite and delivers data via the cloud A cloud can be public or private. A public cloud infrastructure is owned by an organization and sold as services to the public. A private cloud infrastructure is operated solely for a specific customer. It may be managed by the customer or by a third party; it may exist on premise or off premise. Hybrid clouds consist of private and public clouds that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability. Cloud computing can support SCADA applications in two fashions: The SCADA application is running on-site, directly connected to the control network and delivering information to the cloud where it can be stored and disseminated, or The SCADA application is running entirely in the cloud and remotely connected to the control network.
3 The first method is by far the most common and is illustrated in Figure 1. The control functions of the SCADA application are entirely isolated to the control network. However, the SCADA application is connected to a service in the cloud that provides visualization, reporting, and access to remote users. These applications are commonly implemented using public cloud infrastructures. The implementation illustrated in Figure 2 is common to distributed SCADA applications where a single, local SCADA deployment is not practical. The controllers are connected via WAN links to the SCADA application running entirely in the cloud. These applications are commonly implemented using private or hybrid cloud architectures. Service choices Most experts divide the services offered by cloud computing into three categories: infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). Figure 2: A private/hybrid cloud in which the controllers are connected via WAN links to the SCADA application running entirely in the cloud. An IaaS such as Amazon Web Services is the most mature and widespread service model. IaaS enables service provider customers to deploy and run offthe-shelf SCADA software as they would on their own IT infrastructure. IaaS provides on-demand provisioning of virtual servers, storage, networks, and other fundamental computing resources. Users only pay for capacity used, and can bring additional capacity online as necessary. Consumers don t manage or control the underlying cloud infrastructure but maintain control over operating systems, storage, deployed applications, and select networking components such as host firewalls. PaaS, like Microsoft s Azure or Google Apps, is a set of software and product development tools hosted on the provider s infrastructure. Developers use these tools to create applications over the Internet. Users don t manage or control the underlying cloud infrastructure but have control over the deployed applications and application hosting environment configurations. PaaS is used by consumers who develop their own SCADA software and want a common off-the-shelf development and runtime platform. SaaS, like web-based , affords consumers the capability to use a provider s applications running on a cloud infrastructure from various client devices through a thin client interface like a web
4 browser. Consumers don t manage or control the underlying cloud infrastructure but instead simply pay a fee for use of the application. SCADA vendors have been slow to adopt the SaaS service model for their core applications. This may change as the uncertainty of cloud computing begins to clear. For now, vendors are beginning to release only certain SCADA application components and functions as SaaS, such as visualization and historical reporting. Economical scalability With all three service models, scalability is dynamic and inexpensive because it doesn t involve the purchase, deployment, and configuration of new servers and software. If more computing power or data storage is needed, users simply pay on an as-needed basis. Companies don t have to purchase redundant hardware and software licenses or create disaster recovery sites they may never use. Instead they can provision new resources on demand when and if they need them. Add in the costs that a company would otherwise incur to manage an IT infrastructure, and the savings of moving to the cloud could be huge. Instead of numerous servers and backups in different geographic locations, the cloud offers its own redundancy. On-demand resource capacity can be used for better resilience when facing increased service demands or distributed denial of service attacks, and for quicker recovery from serious incidents. The scalability of cloud computing facilities offers greater availability. Companies can provision large data servers for online historical databases, but only pay for the storage they re using. Building an IT infrastructure is usually a long-term commitment. Systems can take months to purchase, install, configure, and test. Equivalent cloud resources can be running in as little as a few minutes, and on-demand resources allow for trial-and-error testing. The ability to easily switch back to a previous configuration makes it easier to make changes without having to start from scratch by taking a snapshot of a known working configuration. If a problem occurs when deploying a patch or update, the user can easily switch back to the previous configuration. On-site IT projects involve significant cost, resources, and long timelines and thus include significant risk of failure. Cloud computing deployments can be completed in a few hours with little or no financial and resource commitments, and therefore are much less risky. Manageability, security, and reliability The structure of cloud computing platforms is typically more uniform than most traditional computing centers. Greater uniformity promotes better automation of security management activities like configuration control, vulnerability testing, security audits, and security patching of platform components.
5 A traditional IT infrastructure environment poses the risk that both the primary and the single backup server could fail, leading to complete system failure. In the cloud environment, if one of the cloud computing nodes fails, other nodes take over the function of the failed cloud computing node without a blip. If a company chooses to implement its own IT infrastructure, access to user data in this infrastructure generally depends on the company s single Internet provider. If that provider experiences an outage, then users don t have remote access to the SCADA application. Cloud computing providers have multiple, redundant Internet connections. If users have Internet access, they have access to the SCADA application. The backup and recovery policies and procedures of a cloud service may be superior to those of a single company s IT infrastructure, and if copies are maintained in diverse geographic locations as with most cloud providers, may be more robust. Data maintained within a cloud is easily accessible, faster to restore, and often more reliable. Updates and patches are distributed in real time without any user intervention. This saves time and improves system safety by enabling patches to be implemented very quickly. Challenges and risks Cloud computing has many advantages over the traditional IT model. However, some concerns exist in regard to security and other issues. Data stored in the cloud typically resides in a shared environment. Migrating to a public cloud requires a transfer of control to the cloud provider of information as well as system components that were previously under the organization s direct control. Organizations moving sensitive data into the cloud must therefore determine how these data are to be controlled and kept secure. Applications and data may face increased risk from network threats that were previously defended against at the perimeter of the organization s intranet, and from new threats that target exposed interfaces. Access to organizational data and resources could be exposed inadvertently to other subscribers through a configuration or software error. An attacker could also pose as a subscriber to exploit vulnerabilities from within the cloud environment to gain unauthorized access. Botnets have also been used to launch denial of service attacks against cloud infrastructure providers. Having to share an infrastructure with unknown outside parties can be a major drawback for some applications, and requires a high level of assurance for the strength of the security mechanisms used for logical separation. Ultimately to make the whole idea workable, users must trust in the long-term stability of the cloud provider and must trust the cloud provider to be fair in terms of pricing and other contractual matters. Because the cloud provider controls the data to some extent in many implementations, particularly SaaS, it can exert leverage over customers if it chooses to do so.
6 As with any new technology, these issues must be addressed. But if the correct service model (IaaS, PaaS, or SaaS) and the right provider are selected, the payback can far outweigh the risks and challenges. The cloud s implementation speed and ability to scale up or down quickly means businesses can react much faster to changing requirements. The cloud is creating a revolution in SCADA system architecture because it provides very high redundancy, virtually unlimited data storage, and worldwide data access all at very low cost. TABLE 1: Benefits of cloud computing for SCADA Add new resources on demand when and if needed No need to purchase redundant hardware and software licenses, or set up disaster recovery sites that may not be used Provides huge amounts of storage capacity that can be purchased incrementally Provides improved reliability and redundancy via multiple Internet connections and more backup servers New infrastructure can be running in a few minutes Makes real-time and historical information available on any type of Internet-connected device, including laptops and Smartphones Easier to manage updates and patches, and Provides testing advantages through the ability to clone machines Remote SCADA with local HMI look and feel Vipond Controls in Calgary provides control system and SCADA solutions to the oil and gas industry, including Bellatrix Exploration. To keep up with customer demand for faster remote data access, Vipond developed iscada as a service to deliver a high-performance SCADA experience for each client.
7 One of the greatest challenges in developing iscada was the state of the Internet itself as protocols and web browsers weren t designed for real-time data and control. Common complaints of previous Internet-based SCADA system users included having to submit then wait, or pressing update or refresh buttons to show new data. Many systems relied only on web-based technologies to deliver real-time data. Because the HTTP protocol was never designed for real-time control, these systems were always lacking and frustrating to use whenever an operator wanted to change a setpoint or view a process trend. Users were asking for an Internet-based SCADA system with a local HMI look and feel, and that became the goal of Vipond Controls. This goal was reached with iscada as a service by giving each customer an individual virtual machine within Vipond s server cloud. All data is now kept safe and independent of other machines running in the cloud. A hypervisor allows multiple operating systems or guests to run concurrently on a host computer, and to manage the execution of the guest operating systems. The hypervisors are highly available and portable, so in the event of a server failure, the virtual machine can be restarted on another hypervisor within minutes. All the SCADA software runs within the virtual machine, and users are offered a high degree of personal customization. Customers can connect directly to on-site controllers, and Vipond can also make changes to controllers and troubleshoot process problems. This cloud-based SCADA solution can reduce end-user costs up to 90% over a traditional SCADA system, thanks to the provision of a third-party managed service and the reduction of investment required for IT and SCADA integration, development, hardware, and software. About the Author: Larry Combs is vice president of customer service and support at InduSoft. About InduSoft: Founded in 1997, InduSoft provides a powerful family of industrial software products for developing applications in industrial automation, instrumentation, and embedded systems for all Microsoftsupported operating systems. InduSoft develops tools and technologies that empower people and companies to develop graphical interfaces for embedded PCs, PCs, and mobile devices to highly redundant systems. Today more than 125,000 InduSoft Operator Interface, SCADA, control and data acquisition systems are operating worldwide through direct and partner sales.
Moving from Legacy Systems to Cloud Computing A Tata Communications White Paper October, 2010 White Paper 2010 Tata Communications Table of Contents 1 Executive Summary... 4 2 Introduction... 5 2.1 Definition
The cloud - ULTIMATE GAME CHANGER =========================================== When it comes to emerging technologies, there is one word that has drawn more controversy than others: The Cloud. With cloud
Overview The purpose of this paper is to introduce the reader to the basics of cloud computing or the cloud with the aim of introducing the following aspects: Characteristics and usage of the cloud Realities
white paper Public or Private Cloud: The Choice is Yours Current Cloudy Situation Facing Businesses There is no debate that most businesses are adopting cloud services at a rapid pace. In fact, a recent
The Impact of Cloud Computing on Organizations in Regard to Cost and Security Mihail Dimitrov Ibrahim Osman Department of informatics IT Management Master thesis 1-year level, 15 credits SPM 2014.22 Abstract
Kent State University s Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
Getting Familiar with Cloud Terminology Cloud computing is a hot topic in today s IT industry. However, the technology brings with it new terminology that can be confusing. Although you don t have to know
FRAUNHOFER RESEARCH INSTITUTION AISEC CLOUD COMPUTING SECURITY PROTECTION GOALS.TAXONOMY.MARKET REVIEW. DR. WERNER STREITBERGER, ANGELIKA RUPPEL 02/2010 Parkring 4 D-85748 Garching b. München Tel.: +49
JANUARY 2013 REPORT OF THE DEFENSE SCIENCE BOARD TASK FORCE ON Cyber Security and Reliability in a Digital Cloud JANUARY 2013 Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
White paper Cloud Storage.. And Backup.. Whether to complement a storage strategy or replace it, cloud computing offers cost-effective models for optimizing today s complex IT infrastructures. Executive
Masaryk University Faculty of Informatics Master Thesis Database management as a cloud based service for small and medium organizations Dime Dimovski Brno, 2013 2 Statement I declare that I have worked
White Paper Cloud-Based SCADA Systems: The Benefits & Risks Is Moving Your SCADA System to the Cloud Right For Your Company? White Paper Is Moving Your SCADA System to the Cloud Right for Your Company?
AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,
IT@Intel White Paper Intel Information Technology Business Solutions June 2010 An Enterprise Private Cloud Architecture and Implementation Roadmap The private cloud is a shared multi-tenant environment
Hybrid Cloud The Way to a Successful Hybrid Cloud Strategy > Whitepaper May 2015 In cooperation with Introduction We already use many different cloud services in our daily lives these days. Even our non-technically-inclined
THE BENEFITS OF CLOUD NETWORKING 1 White Paper The Benefits of Cloud Networking Enable cloud networking to lower IT costs & boost IT productivity 2 THE BENEFITS OF CLOUD NETWORKING Table of Contents Introduction
Red Hat Cloud Foundations: Cloud 101 Table of contents 2 Executive summary 3 Introduction 3 Clouds today and tomorrow 5 The cloud taxonomy 7 What cloud computing isn t 7 Why cloud computing 8 Who creates
A new Breed of Managed Hosting for the Cloud Computing Age A Neovise Vendor White Paper, Prepared for SoftLayer Executive Summary Traditional managed hosting providers often suffer from issues that cause
Customer Cloud Architecture for Big Data and Analytics Executive Overview Using analytics reveals patterns, trends and associations in data that help an organization understand the behavior of the people
A Fresh Graduate s Guide to Software Development Tools and Technologies Chapter 1 Cloud Computing CHAPTER AUTHORS Wong Tsz Lai Hoang Trancong Steven Goh PREVIOUS CONTRIBUTORS: Boa Ho Man; Goh Hao Yu Gerald;
Security Issues: Public vs Private vs Hybrid Cloud Computing R.Balasubramanian ME in Computer Science M S University,Tamilnadu,India. M.Aramudhan, PhD. ME in Computer Networks P K I of Engg& Tech. Karaikal,
Cloud Computing: Transforming the Enterprise Cloud computing is not just a trend. It is changing the way IT organizations drive business value. THINK SMART. ACT FAST. FLEX YOUR BUSINESS. EXECUTIVE SUMMARY