ABSTRACT
Real-time industrial control and data acquisition systems are typically classified as supervisory control and data acquisition systems (SCADA) or as distributed control systems (DCS). SCADA systems generally operate over a large geographic area such as an electric utility grid, and a DCS system operates in a more discrete setting such as a building or factory. Fundamentally they are the similar when it comes to using TCP/IP and UDP network protocols for controller and device communications. Many organizations allow these systems to communicate over their business networks. Once these systems begin operating on TCP/IP networks they inherit the typical security vulnerabilities associated with all networked systems, and furthermore they add security vulnerabilities that engineers and IT staff might not realize. A compromised SCADA or DCS system can result in financial losses, property and environmental damage, personal injury, or death.
