Web SCADA Employing Application Program Interface as Data Source



Similar documents
A Proposed Integration of Hierarchical Mobile IP based Networks in SCADA Systems

Scheme to Secure Communication of SCADA Master Station and Remote HMI s through Smart Phones

Vulnerabilities in SCADA and Critical Infrastructure Systems

Design and Implementation of SCADA System Based Power Distribution for Primary Substation ( Monitoring System)

Wireless Communications for SCADA Systems Utilizing Mobile Nodes

Introduction To SCADA and Telemetry

SCADA Systems. Make the most of your energy. March 2012 / White paper. by Schneider Electric Telemetry & Remote SCADA Solutions

High rate and Switched WiFi. WiFi QoS, Security 2G. WiFi a/b/g. PAN LAN Cellular MAN

SCADA. The Heart of an Energy Management System. Presented by: Doug Van Slyke SCADA Specialist

An Introduction to SCADA-ICS System Security. Document Number IG-101 Document Issue 0.1 Issue date 03 February 2015

CLOUD BASED SCADA. Removing Implementation and Deployment Barriers. Liam Kearns Open Systems International, Inc.

NEW GENERATION PROGRAMMABLE AUTOMATION CONTROLLER

OPC COMMUNICATION IN REAL TIME

Assessment of the Vulnerabilities of SCADA, Control Systems and Critical Infrastructure Systems

PLCs and SCADA Systems

Dong-Joo Kang* Dong-Kyun Kang** Balho H. Kim***

Semaphore T BOX Applications in Data Center Facilities

Technical Training Module ( 30 Days)

Real Time Remote Monitoring over Cellular Networks. Wayne Chen Marketing Specialist

The data can be transmitted through a variety of different communications platforms such as:

AutoLog ControlMan. Remote Monitoring & Controlling Service

Intelligent Device Management with DCS, PLC, and RTU

Kepware Whitepaper. Enabling Big Data Benefits in Upstream Systems. Steve Sponseller, Business Director, Oil & Gas. Introduction

A Conceptual Approach to Data Visualization for User Interface Design of Smart Grid Operation Tools

Understanding Programmable Automation Controllers (PACs) in Industrial Automation

Off-the-shelf Packaged Software Systems And Custom Software Analysis By Gamal Balady MASS Group, Inc.

Optimizing and Securing an Industrial DCS with VMware

OPERATIONS CAPITAL. The Operations Capital program for the test years is divided into two categories:

What Risk Managers need to know about ICS Cyber Security

Complete SCADA solution for Remote Monitoring and Control

The Advantages of an Integrated Factory Acceptance Test in an ICS Environment

Using Cellular RTU Technology for Remote Monitoring and Control in Pipeline and Well Applications

CHAPTER 12 MONITORING AND CONTROL SYSTEMS

AUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005

Maintenance in instrumentation Maintenance with concept and technology focusing on results

Real-time Video Monitoring Increases the Efficiency of SCADA Process Management

Fuel Management System. Fuel Tank Monitoring TB-9001

CLEANING IN PLACE AUTOMATION FOR PROCESS INDUSTRY USING PLC AND SCADA SOFTWARE

Automated Software Tools Streamline Railway SCADA Project

From SCADA and ICS to the Internet of Things. Andy Swift Infrastructure Team Lead CNS Group

How To Protect Power System From Attack From A Power System (Power System) From A Fault Control System (Generator) From An Attack From An External Power System

Flygt Aquaview SCADA Software. Safer monitoring and simpler at a glance

THE SCADA REVIEW: SYSTEM COMPONENTS, ARCHITECTURE, PROTOCOLS AND FUTURE SECURITY TRENDS

Technical information

Monitoring & Control of Small-scale Renewable Energy Sources

Testing Intelligent Device Communications in a Distributed System

FOXBORO. I/A Series SOFTWARE Product Specifications. I/A Series Intelligent SCADA SCADA Platform PSS 21S-2M1 B3 OVERVIEW

Control of Boiler Operation using PLC SCADA

ABB North America. Substation Automation Systems Innovative solutions for reliable and optimized power delivery

Cloud Computing for SCADA

Cyber Security of the Smart Grid

Wide-area Integrated SCADA System Designed to Improve Availability and Flexibility

Security Testing in Critical Systems

A Data Collection Revolution?

SEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID

Security Aspects of SCADA and Corporate Network Interconnection: An Overview

Testing Automated Manufacturing Processes

SCADA Controlled Multi-Step Automatic Controlled Capacitor Banks & Filter Banks

Data Logger & Net Client Software (Windows, ipad, Android) Instant On. Touch. Drop & Drag Opera on. No more proprietary display equipment!

Industrial Control Systems Vulnerabilities and Security Issues and Future Enhancements

TECHNICAL SPECIFICATION

Optimizing Energy Operations with Machine-to-Machine Communications

Modicon M580 The next generation controller for PlantStruxure architecture

PLC Support Software at Jefferson Lab

SCADA Cyber Attacks and Security Vulnerabilities: Review

SCADA Protocols and Security

SHORT TRAINING COURSES

Monitoring Underground Power Networks

Substation Automation Systems. Nicholas Honeth

Plant automation and telecontrol in one system. SIMATIC PCS 7 TeleControl SIMATIC PCS 7. Answers for industry.

Critical Infrastructure & Supervisory Control and Data Acquisition (SCADA) CYBER PROTECTION

Supervisory Control and Data Acquisition (SCADA) Systems

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

Reference report Oil & Gas

Communication Interface Units. CIU Prime & CIU Plus

SIMATIC IT Historian. Increase your efficiency. SIMATIC IT Historian. Answers for industry.

Functionality Considerations in Custom SCADA Development Tools

Holistic View of Industrial Control Cyber Security

of The New England Water Works Association

CIM Computer Integrated Manufacturing

Guide to Industrial Control Systems (ICS) Security

The Information Revolution for the Enterprise

On the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks

Keeping the Lights On

SCADA System Fundamentals

Integration of Supervisory Control and Data Acquisition Systems Connected to Wide Area Networks

Network-based Control System STARDOM. Network-based Control System. Bulletin 34P02A00-11E. Versatile Data Server Software

Site Attendance Guidelines for Automated/Unattended Monitoring and Process Controlled Facilities

PIPELINE ENGINEERING - Pipeline System Automation and Control - C. Bruce Warren and Mike S. Yoon PIPELINE SYSTEM AUTOMATION AND CONTROL

Transcription:

보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Web SCADA Employing Application Program Interface as Data Source Hoon Ko 1) Abstract An Application programming interface or API is a set of routines, protocols, and tools for building software applications. A good API makes it easier to develop a program by providing all the building blocks. A programmer then puts the blocks together. Many companies provide free API services which can be utilized in Control Systems. SCADA is an example of a control system and it is a system that collects data from various sensors at a factory, plant or in other remote locations and then sends this data to a central computer which then manages and controls the data. In this paper, we designed a scheme for Weather Condition in Internet SCADA Environment utilizing data from an external Application Program Interface. The scheme was designed to double check the weather information in SCADA. Keywords. SCADA, Control Systems, Application Program Interface 1. Introduction Data acquisition is the process of retrieving control information from the equipment which is out of order or may lead to some problem or when decisions are need to be taken according to the situation in the equipment. So this acquisition is done by continuous monitoring of the equipment to which it is employed. The data accessed are then forwarded onto a telemetry system ready for transfer to the different sites. To improve the accuracy of data and to improve the performance of SCADA systems, we design a double checking scheme for Weather. This scheme uses data from weather API Providers. Many API Provider such as Google, Yahoo, etc have Weather API s. Weather API s can give weather condition and forecast about a specific place. 2. SCADA and API 2.1 SCADA Systems Supervisory Control and Data Acquisition software can be divided into proprietary type or open type. Received(September 21, 2010), Review request(september 22, 2010), Review Result(1st:October 07, 2010, 2nd:October 20, 2010) Accepted(December 31, 2010) 1 4200-072 GECAD (Knowledge Engineering & Decision Support Research Group), ISEP/IPP (Institute of Engineering-Polytechnic of Porto), Rua Dr. Antonio Bernardino de Almeida, 431, Dr. Investigator. email: hko@isep.ipp.pt 567

Web SCADA Employing Application Program Interface as Data Source Proprietary software are developed and designed for the specific hardware and are usually sold together. The main problem with these systems is the overwhelming reliance on the supplier of the system. Open software systems are designed to communicate and control different types of hardware. It is popular because of the interoperability they bring to the system. [1] Wonder Ware and Citect are just two of the open software packages available in the market for SCADA systems. Some packages are now including asset management integrated within the SCADA system. Typically SCADA systems include the following components: [2] 1. Operating equipment such as pumps, valves, conveyors and substation breakers that can be controlled by energizing actuators or relays. 2. Local processors that communicate with the site s instruments and operating equipment. 3. Instruments in the field or in a facility that sense conditions such as ph, temperature, pressure, power level and flow rate. 4. Short range communications between the local processors and the instruments and operating equipment. 5. Long range communications between the local processors and host computers. 6. Host computers that act as the central point of monitoring and control. The measurement and control system of SCADA has one master terminal unit (MTU) which could becalled the brain of the system and one or more remote terminal units (RTU). The RTUs gather the data locally and send them to the MTU which then issues suitable commands to be executed on site. A system of either standard or customized software is used to collate, interpret and manage the data. Supervisory Control and Data Acquisition (SCADA) is conventionally set upped in a private network not connected to the internet. This is done for the purpose of isolating the confidential information as well as the control to the system itself. Because of the distance, processing of reports and the emerging technologies, SCADA can now be connected to the internet. This can bring a lot of advantages and disadvantages which will be discussed in the sections. Conventionally, relay logic was used to control production and plant systems. With the discovery of the CPU and other electronic devices, manufacturers incorporated digital electronics into relay logic equipment. Programmable logic controllers or PLC's are still themost widely used control systems in industry. As need to monitor and control more devices in the plant grew, the PLCs were distributed and the systems became more intelligent and smaller in size. PLCs (Programmable logic controllers) and DCS (distributed control systems) are used as shown in Figure 1. 568

보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 [Fig. 1] Typical SCADA System 2.1.1 Hardware and Software SCADA systems are an extremely advantageous way to run and monitor processes. They are great for small applications such as climate control or can be effectively used in large applications such as monitoring and controlling a nuclear power plant or mass transit system. SCADA can come in open and non proprietary protocols. Smaller systems are extremely affordable and can either be purchased as a complete system or can be mixed and matched with specific components. Large systems can also be created with off the shelf components. SCADA system software can also be easily configured for almost any application, removing the need for custom made or intensive software development. 2.1.2 Human Machine Interface SCADA system includes a user interface which is usually called Human Machine Interface (HMI). The HMI of a SCADA system is where data is processed and presented to be viewed and monitored by a human operator. This interface usually includes controls where the individual can interface with the SCADA system. HMI's are an easy way to standardize the facilitation of monitoring multiple RTU's or PLC's (programmable logic controllers). Usually RTU's or PLC's will run a pre programmed process, but monitoring each of them individually can be difficult, usually because they are spread out over the system. Because RTU's and PLC's historically had no standardized method to display or present data to an operator, the SCADA system communicates with PLC's throughout the system network and processes information that is easily disseminated by the HMI. HMI's can also be linked to a database, which can use data gathered from PLC's or RTU's to provide graphs on trends, logistic info, schematics for a specific sensor or machine or even make 569

Web SCADA Employing Application Program Interface as Data Source troubleshooting guides accessible. In the last decade, practically all SCADA systems include an integrated HMI and PLC device making it extremely easy to run and monitor a SCADA system. 2.2 Application Program Interface [Fig. 2] Human Machine Interface of SCADA API's or application program interface, are set of routines, protocols, and tools for building software applications. A good API makes it easier to develop a program by providing all the building blocks. A programmer then puts the blocks together. [5] [Fig. 3] Data transmission of Weather API s Most operating environments, such as MS-Windows, provide an API so that programmers can write 570

보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 applications consistent with the operating environment. Although APIs are designed for programmers, they are ultimately good for users because they guarantee that all programs using a common API will have similar interfaces. This makes it easier for users to learn new programs. [5] Many API Provider such as Google, Yahoo, etc have Weather API s. Weather API s can give weather condition and forecast about a specific place. [Fig. 4] An Example of Weather API 3. Proposed Solution Weather API s can be integration to SCADA systems to double check the weather condition. Weather sensors of SCADA systems may not gather correct data. This is very crucial and integration of API s can improve the data gathered. [Fig. 5] SCADA Service Provider getting information from API service server 571

Web SCADA Employing Application Program Interface as Data Source SCADA controller or SCADA master station can get both data from the sensor (x) and the data from the Weather API ( γ). Usually, the controller only bases the commands on the sensor data. Since we integrate the Weather API to the system, we can also gather its data and we propose to get the average between the Sensor data and the API s data to get the base data ( λ) in which the commands will be based. λ = (x + γ ) / 2 (1) Formula (1) will be the bases of the SCADA Controller in executing commands to the remote terminals. In Figure 5, we can see the comparison between the gathered Sensor data, API data and the average data. We will notice that there s sometimes a difference between the Sensor data and API data. [Fig. 6] Comparisons of Gathered Sensor Data, API Data and the Average 4. Conclusion A SCADA system gathers information, such as where a leak on a pipeline has occurred, transfers the information back to a central site, alerting the home station that the leak has occurred, carrying out necessary analysis and control, such as determining if the leak is critical, and displaying the information in a logical and organized fashion. systems can be relatively simple, such as one that monitors environmental conditions of a small office building, or incredibly complex, such as a system that monitors all the activity in a nuclear power plant or the activity of a municipal water system. The data that is gathered by the system is very important. The system reacts to the data it gets. Imagine what will happen if the data is not accurate. It can damage the society. To improve the accuracy of data and to improve the performance of SCADA systems, we design a double checking scheme for Weather Condition in Internet SCADA Environment. This scheme uses data from weather API Providers. 572

보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 References [1] D. Bailey and E. Wright (2003) Practical SCADA for Industry [2] Andrew Hildick-Smith (2005) Security for Critical Infrastructure SCADA Systems [3] D. Wallace (2003) Control Engineering. How to put SCADA on the Internet http://www.controleng.com/article/ca321065.html Accessed: January 2009 [4] Internet and Web-based SCADA http://www.scadalink.com/technotesip.htm Accessed: January 2009 [5] "What is API? A word definition from the Webopedia Computer Dictionary" http://www.webopedia.com/term/a/api.html Accessed: April 2010 Authors Hoon Ko Hoon Ko got the B.S. degree in computer science from Howon University, Kunsan-City, S. Korea, in 1998, and M.S. degree in computer science from Soongsil University, Seoul, S. Korea in 2000 and Ph D. degree in 2004. He had joined in Daejin University as visiting professor from 2002 to 2006. He had worked at Information & Communications University (ICU), Korea Advanced Institute of Science and Technology (KAIST) in 2007. Now, he is joining at GECAD, ISEP, IPP in Porto, Portugal as a Doctor Researcher since 2008. He is interested to Urban Computing Security, Ubiquitous Computing Security, AmI Security, Context-Aware Security, MSEC(Multicast Security), RFID Security, Home Network Security, etc. 573

Web SCADA Employing Application Program Interface as Data Source 574

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information