In SCADA systems, the three major categories of protocols involve the specifications for design and manufacture of sensors and actuators, specifications for RTUs, and the specifications for communications between components of a control system.
These can be segregated into three levels for a functional representation as shown in picture below:
SCADA system hardware components are designed for industrial environments, and offer robust features for operation in austere environments. Understanding how a SCADA system is designed requires understanding the environment it operates in, both for operations functions and management functions. Some question that should be answered includes:
• What environment factors will affect the process, either negatively or positively?
• What environment factors will affect the system components either negatively or positively?
• What is an acceptable level of interference by environmental factors?
• How should these factors be mitigated?
A complex system will likely have many interfaces, each of which may become an avenue of attack. All interfaces must be closely examined and evaluated in order to understand how it must be protected, both system wide and at the individual components.
Some questions that should be answered include:
• What interfaces exist for data to flow out of the system?
• What interfaces exist for instructions to flow into the system?
• What level of access is required to the feedback data returned by the process?