Professional Documents
Culture Documents
SCADA S
SCADA S
net/publication/353142664
CITATIONS READS
2 7,532
1 author:
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
Integrated Security Systems for Smart Premises and Cities View project
Establishment of a Prototyping Si Foundry of Smart Power IC's for Photovoltaic Control Systems (SPICe-PV)) View project
All content following this page was uploaded by Muhammad Hamza El-Saba on 10 July 2021.
-285-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
In fact, the SCADA industry was essentially born out of a need for a user
friendly front-end to a control system containing PLC’s. While a PLC
does provide automated, pre-programmed control over a process, they are
usually distributed across a plant, making it difficult to gather data from
them manually. Additionally, the PLC information are usually in a crude
user-unfriendly format. The SCADA gathers information from the PLCs
via a communication method, and combines and formats the
information.In Europe, SCADA is called man-machine interface (MMI).
-287-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-289-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
The HMI package for the SCADA system typically includes a drawing
program that the operators or system maintenance personnel use to
change the way these points are represented in the interface. These
representations can be as simple as an on-screen traffic light, which
represents the state of an actual traffic light in the field, or as complex as
a multi-projector display representing the position of all of the elevators
in a skyscraper or all of the trains on a railway. Initially, more "open"
platforms such as Linux were not as widely used due to the highly
dynamic development environment and because a SCADA customer that
was able to afford the field hardware and devices to be controlled could
usually also purchase UNIX or OpenVMS licenses. Today, all major
operating systems are used for both master station servers and HMI
workstations.
Figure 7-3 shows a SCADA software architecture that is generic for the
products that were evaluated. SCADA solutions often have Distributed
Control System (DCS) components. Use of smart RTU’s or PLC’s, which
are capable of autonomously executing simple logic processes without
involving the master computer, is increasing.
-290-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-2.3 Communications
SCADA systems have traditionally used combinations of RF (radio
frequency) and direct serial or modem connections to meet
communication requirements, although Ethernet and IP (Internet
Protocol) over SONET (Synchronous Optical Network) is also frequently
used at large sites such as railways and power stations.
i- Internal Communication
Server-client and server-server communication is in general based on a
publish-subscribe and event-driven and uses a TCP/IP protocol, i.e., a
client application subscribes to a parameter which is owned by a
particular server application and only changes to that parameter are then
communicated to the client application.
ii- Access to Devices
The data servers poll the controllers at a user defined polling rate. The
polling rate may be different for different parameters. The controllers
pass the requested parameters to the data servers. Time stamping of the
process parameters is typically performed in the controllers and this time-
stamp is taken over by the data server. If the controller and
communication protocol used support unsolicited data transfer then the
-291-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
Fig. 7-4. Example of a SCADA network, for electricity distribution & control, over a
wide area network
7-2.4 Interfacing
The provision of client functionality for SCADA to access devices in an
open and standard manner is developing. The SCADA products on PC’s
usually provide:
ASCII import/export facility for configuration data,
Open Data Base Connectivity (ODBC) interface to the data in the
archive/logs, but not to the configuration database,
Library of API’s supporting C, C++, and Visual Basic (VB) to
access data in the RTDB, logs and archive. The API often does not
provide access to the SCADA product' internal features such as alarm
-292-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-2.5. Database
SCADA systems typically implement a distributed database which
contains data elements called points. A point represents a single input or
output value monitored or controlled by the system. Points can be either
"hard" or "soft". A hard point represents an actual input or output
connected to the system, while a soft point represents the result of logic
operations applied to other points. The point values are stored as value-
timestamp combinations. A series of value-timestamp combinations is the
history of that point.
7-2.6. Scalability
Scalability is understood as the possibility to extend the SCADA based
control system by adding more process variables, more specialized
servers (e.g. for alarm handling) or more clients. The products achieve
scalability by having multiple data servers connected to multiple
controllers. Each data server has its own configuration database and
RTDB and is responsible for the handling of a sub-set of the process
variables (acquisition, alarm handling, archiving).
7-2.7. Redundancy
The products often have built in software redundancy at a server level,
which is normally transparent to the user. Many of the products also
provide more complete redundancy solutions if required.
-293-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-294-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-3.3. Trending
The products all provide trending facilities and one can summarize the
common capabilities as follows:
the parameters to be trended in a specific chart can be predefined or
defined on-line
a chart may contain 8 trended parameters and an unlimited number
of charts can be displayed (restricted only by the readability)
real-time and historical trending are possible, although generally
not in the same chart
historical trending is possible for any archived parameter
zooming and scrolling functions are provided
parameter values at the cursor position can be displayed
7-3.5. Logging/Archiving
The terms logging and archiving are often used to describe the same
facility. However, logging can be thought of as medium-term storage of
data on disk, whereas archiving is long-term storage of data either on disk
or on another permanent storage medium. Logging is typically performed
on a cyclic basis, i.e., once a certain file size, or number of points is
reached the data is overwritten.
-295-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-3.7 Automation
The majority of SCADA products allow actions to be automatically
triggered by events. A scripting language provided by the SCADA
products allows these actions to be defined. In general, one can load a
particular display, send an Email, run a user defined application or script
and write to the RTDB. The concept of recipes is supported, whereby a
particular system configuration can be saved to a file and then re-loaded
at a later date. Sequencing is also supported whereby, as the name
indicates, it is possible to execute a more complex sequence of actions on
one or more devices. Sequences may also react to external events. Some
of the products do support an expert system but none has the concept of a
Finite State Machine.
7-4.1 Configuration
The process parameters and associated information of a SCADA system
(e.g. relating to alarm conditions) are defined through some sort of
parameter definition template, and linked where appropriate to the
process parameters. The SCADA products provide an ASCII
Export/Import utility for the configuration data (parameter definitions),
which enables large numbers of parameters to be configured in a more
efficient manner using an external editor such as Excel and then
importing the data into the configuration database. However, many of the
PC tools now have a Windows -based development studio.
-296-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-297-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-298-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
Specification Description
The originals! Used to move real-time data from PLC’s, DCS’s, and
OPC Data
other control devices to HMI’s and other display clients. The Data
Access
Access 3 specification is now a Release Candidate. It leverages earlier
versions and incorporating XML-DA Schema.
Provides alarm and event notifications on demand (in contrast to the
OPC Alarms &
continuous data flow of Data Access). These include process alarms,
Events
operator actions, informational messages, and tracking/auditing
messages.
This specification carries the OPC philosophy to the specialized needs
OPC Batch of batch processes. It provides interfaces for the exchange of
equipment capabilities (corresponding to the S88.01 Physical Model)
and current operating conditions.
This specification takes us from client/server to server-to-server with
OPC Data
communication across Ethernet fieldbus networks. This provides
eXchange
multi-vendor interoperability! And adds remote configuration,
diagnostic and monitoring/management services.
Where OPC Data Access provides access to real-time, continually
OPC Historical changing data, OPC Historical Data Access provides access to data
Data Access already stored. From a simple serial data logging system to a complex
SCADA system, historical archives can be retrieved in a uniform
manner.
All the OPC servers provide information that is valuable to the
OPC Security enterprise. OPC Security specifies how to control client access to these
servers in order to protect this sensitive information and hinders
unauthorized modification of process parameters.
Provides flexible, consistent rules and formats for exposing plant floor
OPC XML-DA
data using XML, leveraging the work done by Microsoft and others on
SOAP and Web Services.
OPC Complex A companion specification to Data Access and XML-DA that allows
Data servers to expose and describe more complicated data types such as
binary structures and XML documents.
OPC A Working Group has been formed to develop a new set of interfaces
Commands that allow OPC clients and servers to identify, send and monitor
control commands which execute on a device.
-299-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-300-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
In order to streamline security and help achieve security best practices for
SCADA systems, organization has developed a five-step process
covering the complete security management lifecycle, including phases
for Assessment, Design, Deployment, Management and Education
(ADDME™). The ADDME process identifies and analyzes gaps in the
current security state compared to requirements for security best
practices. It then designs and implements solutions to close those gaps
and ensure ongoing conformity. Figure 7-4 depicts the (ISS) approach to
SCADA networks and process management systems.
-301-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-302-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-9. Summary
-303-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-304-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-10. Problems
7-1) Show, with net sketches, the main architecture of a SCADA system
7-3) What are the main threats for a SCADA system, and how they can be
taken into account when designing a SCADA system?
-305-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
7-11. Bibliography.
-306-
Dr. Eng. Muhammad El-SABA
Measurement & Instrumentation Systems CHAPTER 7
-307-
Dr. Eng. Muhammad El-SABA