The existence of Stuxnet was first reported in mid 2010 – perhaps a little early to have influenced the subject projects of this year’s crop of scada review projects.
And yet, since our introduction to S A Instrumentation and Control’s scada review 2008, we have been expressing concern about the lack of attention to viral vulnerabilities of scada systems.
This year, for the first time, we had an end-user specifically withhold responses on security and data protection.
In the post-Stuxnet world next year’s scada reviews we look forward to seeing more emphasis being placed by vendors, SIs and end-users on the elimination of possible virus transmission vectors.
Questionnaire format
For the second year our scada review questionnaires have included sections for end-users respondents, SIs and vendors in order to provide readers with multiple perspectives on the reviewed scada systems. We believe that each of these three groups provides its own unique perspectives on the subject projects from which potential purchasers can learn.
Takeaways
In Adroit’s response we see a highly integrated project solution with intelligent use of terminal services to limit network bandwidth requirements and .NET scripting for intersystem communication.
Yokogawa’s subject project shows how modern scada systems are requiring fewer man-hours to configure and deploy – in their case in a Java environment, which does not demand high-end hardware to achieve acceptable performance.
Siemens’ solution also reflects the ability to fast-track scada solutions, with the client making use of the specialised WinCC powerrate module for monitoring energy consumption.
Wonderware has showcased the Tongon Mine application engineered by SI, Systems Anywhere, and incorporating SA’s specialised mill optimisation software.
What is missing?
The majority of end users do not practice formalised total cost of ownership (TCO) analysis in product selection.
Fibre-optic cable has not yet become the norm for physical network infrastructure on scada systems.
Based on the responses received we believe that there is still insufficient attention being paid to system vulnerabilities:
* A lack of formal configuration control.
* No respondents explicitly stating that they practice any kind of disk imaging for either engineering/configuration data or for operational archives.
* No respondents mentioning offsite/cloud data storage.
Trends to watch for
* More browser-based information presentation for operators and management.
* Tablet PCs/mobile phone interfaces for scada.
* Dedicated data diode type devices to prevent incoming data to C&I networks.
* Greater deployment of managed switches.
Thank you
On behalf of our readers we thank those end-users, SIs and vendors who spent time completing our scada questionnaire this year, for sharing their expertise and continuing to expand the knowledge base of the C&I industry in South and southern Africa.
Notes:
1. The order of appearance of scada reviews is based on the order in which they are received by S A Instrumentation and Control.
2. Some reviewer responses have been edited due to space considerations.
3. A ‘No’ or ‘N/A’ response to a question in the project-specific responses does not necessarily mean that the scada system lacks that feature; only that the feature was not implemented in the subject project.
4. Where a respondent has not answered a question or has answered off topic that response has been omitted.
| Tel: | +27 31 764 0593 |
| Email: | [email protected] |
| www: | www.technews.co.za |
| Articles: | More information and articles about Technews Publishing (SA Instrumentation & Control) |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version