Ignition is an Integrated Software Platform for SCADA systems released by Inductive Automation in January 2010. It is based on an SQL Database-centric architecture. Ignition features cross platformweb based deployment through Java Web Start technology. The Ignition platform has three main components: the Ignition Gateway, the Designer, and runtime clients. Independent modules provide separate functionality in any or all of the platform components. Ignition SCADA modules provide features such as: Real-Time Status Control, Alarming, Reporting, Data Acquisition, Scripting, Scheduling, MES, and Mobile support.[1]
- 2Modules
- 3Module Architecture
- 6Scripting
Awards[edit]
Ignition received the 2011 Duke's Choice award at the JavaOne conference in San Francisco, CA on October 4, 2011. Oracle recognized the impact of Ignition as a significant Java-based product in Industrial Automation.[2][3]
There are four known issues that can cause the following error when attempting to start the Ignition service: Ignition is Pointing to the Wrong Version of Java. At many scada software, the function number which can be run by a button or other object are limited. However 256 function can be run with WinTr Scada Software Also you can trigger this functions when alarm occured or gone. Thousands WinTr scada may establish full or restricted access to each other via server and client functionality. What is Inductive University? Inductive University is a free online learning platform designed to help you master Ignition by Inductive Automation® SCADA software. With IU, you can watch training videos, test your knowledge, train your organization, and participate in our credential program.
Ignition received a 2011 Readers Choice award from Automation World in the SCADA and Information management categories.[4]
- Cirrus Link’s solutions are powered using Ignition® by Inductive Automation. A powerful IIOT/SCADA/MES platform providing cross-platform compatibility, unlimited free clients, unlimited tags, robust out-of-the-box SQL database support, and fast installation.
- Welcome to Ignition by Inductive Automation. Ignition is not like any other HMI / SCADA system you've seen before! Ignition is a single install, runs from a single location, is server based, and is sold by the server not by the client.
- Ignition is an Integrated Software Platform for SCADA systems released by Inductive Automation in January 2010. It is based on an SQL Database-centric architecture.Ignition features cross platform web based deployment through Java Web Start technology.
Modules[edit]
Module Marketplace[edit]
Ignition modules can be purchased through the Module Marketplace. It is an online store that opened on March 4, 2013.[5][6] Some modules are free while others are paid. All are developed using the Ignition SDK. Access to core Ignition apps are made available so that third party developers can create module apps for use with the company’s systems. All of these apps can be made available for download on the Module Marketplace site.[7]
SQL Bridge[edit]
SQL Bridge Architecture Diagram from Inductive Automation Web Site
SQL Bridge is an OPC based Middleware product that bridges the gap between industrial PLCs and SQL Databases. It is a drag and drop application that does not require scripting or programming for configuration.
Transaction groups are used to log data, synchronize PLCs, track downtime and manage recipes. Such groups support stored procedures, flexible execution scheduling, and triggering for precise control and monitoring.[8] Data logging can be achieved with transaction groups or SQLTags History.
Store-and-Forward is an engine that buffers SQL database writes to memory and caches them to a local disk when an external database connection is unavailable. Upon reconnection the data is forwarded to the server in aggregated time-efficient batches.[9]
The SQL Bridge module was created in January 2010 to replace the final version of FactorySQL in the 4.x.x series.[10]
Vision[edit]
The Vision module is the main visualization portion of the Ignition SCADA platform. containing three main components: the runtime, gateway, and designer.
- The Ignition Runtime or Client is a Java application typically launched from a web browser. It acts as the HMI interface for end users and can be used to view realtime or historical process data or control industrial applications. It can be launched one of three ways. As an Applet inside a web browser, via Java Web Start, or in Full Screen mode, where it occupies the whole screen without borders or toolbars, typical of an industrial Touchscreen application.
- The Gateway is a web page configurable, customized version of the Apache that uses JGroups multicasting for clustering. It runs a servlet that uses a single port to mediate client requests. It supports SSL/TLS and compresses communication between gateway and clients.
- The Designer is a WYSIWYGIDE that is used to create SCADA applications. Like the runtime, is a Java Web Start deployed application.
Reporting[edit]
The Reporting module creates dynamic reports. Reports may be generated from existing Adobe Acrobat (PDF) files or created from scratch. Data is introduced through the Ignition platform, providing access to any SQL database or OPC source. The Reporting Module supports: images, graphs, tables, and a variety of basic shape tools. Reports are viewed through Ignition’s web-based system.[11] The Reporting Module allows data aggregation and referencing between table and chart objects as displayed in the image screenshot.
SMS Notification Module[edit]
The Ignition SMS Alarm Notification Module enables both alarm notification and acknowledgement via text messages. By adding the SMS Notification Module to Ignition, alarm notifications can be sent and acknowledged via text messaging. SMS notification is an efficient and immediate method that makes it easier for users to respond. This module requires the Alarm Notification Module and a Sierra Wireless AirLink RV50 with a data and SMS cellular plan (not included in the module).[12]
Mobile[edit]
The Mobile Module allows the full Vision module to run on devices that do not support the Java Runtime Environment. This is accomplished by the mobile client viewing a remote session on the Ignition Gateway. The mobile module requires a JavaScript compliant browser that supports the canvas element. Compatible examples include: iPad, iPhone, Android 2.2+, and VNC clients.[13]
The mobile module allows operators and managers to respond from anywhere to critical data, such as system status, controls system alerts and provides the ability to make notations.[14]
OPC-UA[edit]
The OPC-UA Ignition module is an OPC server that supports modular drivers for PLCs and other devices and network connections. It is the first 100% native Java OPC UA stack.[15] The OPC-UA module includes a Quick Client that allows users to read and write PLC register values via an AJAX web page hosted on the Ignition Gateway.
Current drivers include A-BSuite, ModbusTCP, SiemensEthernet, and Simple TCP/UDP, allowing users to connect to a multitude of devices such as PLCs, solar cells, lights, generators, flow meters, bar code scanners, etc.
Inductive Automation offers the Ignition OPC-UA server for free. The required license must be obtained through the company web site or by direct contact.[16]
OPC-COM[edit]
The OPC-COM Module supports connections to local and remote OPC-DA servers. It works on both 32-bit and 64-bit systems. It has been tested for interoperability with third party OPC-DA servers at several OPC Interoperability conferences.[17]
Module Architecture[edit]
Inductive Automation Ignition Platform Architecture
MES Module Layer[edit]
MES Modules are separately licensed Ignition plug in modules that generally provide higher level functionality with less user development. MES Modules are designed to provide specific functionality and can be industry specific. Current modules available are: Downtime OEE, SPC, and Scheduling . The Changeover Management and Track & Trace / Genealogy Modules have been announced as upcoming as of January 2013.
HMI/SCADA Module Layer[edit]
The HMI/SCADA Module Layer contains mainstay products of the Ignition Platform. Vision is the main visualization module, SQL Bridge is a bidirectional OPC to SQL database historian and transaction manager, Reporting generates dynamic Pdf reports, and Mobile allows access to HTML 5 compatible devices such as iPads, iPods, Android, Smartphone, and Tablets.
Platform Layer[edit]
The Platform Layer includes the following core functionality to all modules: OPC-UA Client, Database, Web Server, System Logging, Licensing, Unified Development Environment, Auditing, Authentication, Module API, Alerting Core Functionality, Database Connectivity, Python Scripting Engine, Realtime Tag Database, Store & Forward, and Redundancy.[18]
History[edit]
In 2010, Inductive Automation consolidated FactorySQL and FactoryPMI with Ignition by Inductive Automation. It created a modular frameworks, providing a central design interface for FactorySQL and FactoryPMI. Ignition became the platform, and FactorySQL and FactoryPMI were refactored as modules. FactorySQL became the SQL Bridge Module, and FactoryPMI became the Vision Module. Two other modules included with the initial release were: the Ignition Reporting Module, and the Ignition OPC-UA Module. The OPC-UA module can also be downloaded for free, and used as a stand-alone OPC-UA server.
SQLTags[edit]
SQLTags is a proprietary technology that uses any SQL Database as a Tag Database. Tags can be derived from the following sources: OPC, expression, or constant and support various configuration options such as: alerting, scaling, and historical storage. SQLTags are stored in Tag Providers, which are automatically configured tables in an SQL database.[19]
SQLTags Historian is a proprietary data logging technology that manages historical data in any supported SQL Database. It is configured by defining an Ignition SQL database connection, then enabling the feature on a per tag basis. The system automatically creates and manages the tables without any user SQL input. Historical Scan Classes support different logging intervals by sets of tags as well as altering the logging rate dynamically. This allows the system to store high resolution history when needed, but lower resolution data for other periods. The system automatically partitions data into multiple database tables. This accomplishes two functions: ensures consistent performance over the long term, and provides a consistent mechanism for data archival and pruning.[20]
Scripting[edit]
The Ignition platform uses scripting to allow designers to add flexibility and customization. There are two major scripting languages in Ignition: Python and the Expression Language.
Python[edit]
Ignition uses an implementation of Python version 2.5 called Jython. Python script is used for component Event Handling. An example of this would be opening a popup window when a user clicks on a graphic object. Another common use are event scripts such as a timer that checks for alarms or a logon script.
Expression Language[edit]
The Ignition Expression Language is a simple language that was invented by Inductive Automation.[21] An expression language is a very simple kind of language where everything is an expression - which is a piece of code that returns a value. This means that there are no statements and no variables, just operators, literals, and functions. Consider an example from the expression language found in Microsoft_excel. Excel can calculate a cell's value dynamically by typing an expression such as '=SUM(C5:C10)', which performs the arithmetic sum of those 6 cells. The expression language in Ignition functions similarly. It is used to define dynamic values for tags and component properties.
Free download windows movie maker 2018. Current rating: 4.2.Average rating: 4.2/5 (151 votes)Your rating: not submittedWindows Movie Maker is a comprehensive software that will let you create, share and edit home movies. .
Expressions are divided in the following categories: Aggregates, Color, Date and Time, Logic, Math, String, Type Cast, and Advanced.
Development[edit]
An Ignition Module SDK is available for anybody to develop their own modules.[22] The SDK exposes the API and classes as separate JAR resources for the following: Client, Gateway, Designer, Common, Vision module. For example, a programmer wrote an Ignition module to integrate with QuickBooks, which uses SOAP to communicate with the QuickBooks Web Connector.[23]
Modules must be submitted to Inductive Automation for testing prior to approval. Once tested, they are digitally signed and ready for distribution to production Ignition systems.
Licensing[edit]
Ignition is typically sold with an unlimited licensing structure, favoring a per server model that avoids charging for: clients, PLC or SQL Database connections, tags, or visualization screens.[24]
The most common Ignition software package is The Works which includes unlimited versions of the following modules: SQL Bridge, Vision, Reporting, and Symbol Factory. Limited versions of the SQL Bridge and Vision Modules are restricted by functionality and concurrent clients, respectively.[25]
Performance[edit]
Ignition performance is based on tag changes per second and total number of concurrent clients. Inductive Automation released a 2008 white paper benchmarking SQLTags performance.[26] Although testing was conducted on FactorySQL and FactoryPMI, Ignition performance is expected to be at least comparable. Evaluation utilized 150 Amazon EC2 virtual machines using the following databases: MySQL with MyISAM data engine, MySQL with InnoDB engine, Microsoft SQL Server 2005 Express Edition, and Oracle 10g Express Edition. As a real world point of comparison, a Surefire SCADA distillery project sustains 30,000 discrete tag changes per second on a Linux platform.[27]
Security[edit]
Inductive Automation promotes IT departments supporting security using standard methodology.[28] Ignition supports the following security features:
- SSL/TLS All network traffic is encrypted with SSL/TLS technology.
- Active Directory Authentication Supports Microsoft Windows Active Directory authentication.
- Auditing allows administrators to review logs of activity.
The United States Computer Emergency Readiness Team (US-CERT) released advisory 11-231-01 that allowed malicious unauthenticated users to download sensitive information regarding project configuration. Inductive Automation responded by resolving the issue in version 7.2.8.178 and greater.[29]
Open Source[edit]
Inductive Automation is a promoter and contributor to the Open source community. FactoryPMI utilizes a number of such projects including: MySQL, Apache, JFreeChart, Jython, Hsqldb, jTDS, Bean Builder, and numerous others.
References[edit]
- ^'Inductive Automation Module Features'. Retrieved 5 Jan 2013.
- ^'Oracle Announces Winners of the 2011 Duke's Choice Awards'. Oracle Corporation. 14 October 2011. Retrieved 29 Dec 2012.
- ^'Inductive Automation's Java-based HMI and SCADA application built on OPC-UA standard wins award from Oracle'. Automation World. 11 November 2011. Retrieved 29 Dec 2012.
- ^'Leadership In Automation 2011: First Team Honorees'. Automation World. 21 January 2012. Retrieved 29 Dec 2012.
- ^'Inductive Automation to Launch First Community-Based Industrial Automation Software Module Store'. Inductive Automation. Archived from the original on 2013-07-29. Retrieved 10 Mar 2013.
- ^Gary Mintchell (18 Feb 2013). 'ARC Forum 2013: First Community-Based Industrial Automation Software Module Store'. Archived from the original on 2013-04-13. Retrieved 10 Mar 2013.
- ^Dave Greenfield (14 Feb 2013). 'Consumer Technology Drives Automation'. Automation World. Retrieved 10 Mar 2013.
- ^'Inductive Automation Realtime Control and Monitoring'. Retrieved 5 Jan 2013.
- ^'Inductive Automation Data Acquisition'. Retrieved 5 Jan 2013.
- ^'Upgrade for existing users'. Retrieved 5 Jan 2012.
- ^'Inductive Automation Reporting Module Information'. 8 Mar 2011. Retrieved 21 Jan 2013.
- ^'Ignition SMS Notification Module | SMS/Text Alarm Notifications'. inductiveautomation.com. Retrieved 2018-04-03.
- ^'Vendor mobile module information'. 8 Mar 2011. Retrieved 21 Jan 2013.
- ^Gary Mintchell (27 January 2011). 'Mobile HMI/SCADA Module'. Automation World. Retrieved 10 Mar 2013.
- ^Bond, Andrew Free OPC-UA Server Unlocks Linux's Potential, 3/2010
- ^'Free OPC-UA Server Offers More Than a Great Price'. 8 Mar 2011. Archived from the original on 2013-02-16. Retrieved 5 Jan 2013.
- ^'Inductive Automation OPC-COM site'. 8 Mar 2011. Retrieved 5 Jan 2013.
- ^'Vendor web site information'. Retrieved 29 Dec 2012.
- ^'Ignition User Manual'. Inductive Automation. Retrieved 16 Mar 2013.
- ^'Did You Know? SQLTags Historian Makes Storing and Charting Historical Data Fast, Efficient, and Easy'. Inductive Automation. 9 Mar 2010. Archived from the original on 2010-03-12. Retrieved 16 Mar 2013.
- ^'Ignition User Manual'. Inductive Automation. Retrieved 27 Jan 2013.
- ^'Free Tools for Developers'. Inductive Automation. 10 Aug 2010. Retrieved 10 Mar 2013.
- ^'Inductive Automation's Ignition'. Aug 2012. Retrieved 10 Mar 2013.
- ^'Ignition Unlimited Licensing'. Inductive Automation. Retrieved 27 Jan 2013.
- ^'Ignition Pricing'. Inductive Automation. Retrieved 27 Jan 2013.
- ^'Inductive Automation Benchmarks 2008'(PDF). Inductive Automation. 6 March 2008. Retrieved 27 January 2013.
- ^'Building SCADA on Linux-Ignition Delivers Performance and Reliability'(PDF). Inductive Automation. 6 May 2010. Archived from the original(PDF) on March 3, 2016. Retrieved 27 January 2013.
- ^'Security information from vendor web site'. Retrieved 21 Jan 2013.
- ^'ICSA-11-231-01—INDUCTIVE AUTOMATION IGNITION INFORMATION DISCLOSURE VULNERABILITY'(PDF). 19 Aug 2011. Retrieved 21 Jan 2013.
External links[edit]
Retrieved from 'https://en.wikipedia.org/w/index.php?title=Ignition_SCADA&oldid=918772304'
Part of a series of articles on |
Manufacturing |
---|
Manufacturing methods |
Improvement methods |
Information and communication |
Process control |
Supervisory Control and Data Acquisition (SCADA) is a control system architecture that uses computers, networked data communications and graphical user interfaces for high-level process supervisory management, but uses other peripheral devices such as programmable logic controller (PLC) and discrete PID controllers to interface with the process plant or machinery. The use of SCADA has been also considered for management and operations of project-driven-process in construction.[1]
- 4SCADA system components
- 9SCADA architecture development
Explanation[edit]
Ignition Scada Training
The operator interfaces that enable monitoring and the issuing of process commands, such as controller set point changes, are handled through the SCADA computer system. However, the real-time control logic or controller calculations are performed by networked modules that connect to the field sensors and actuators.
The SCADA concept was developed as a universal means of remote access to a variety of local control modules, which could be from different manufacturers allowing access through standard automation protocols. In practice, large SCADA systems have grown to become very similar to distributed control systems in function, but using multiple means of interfacing with the plant. They can control large-scale processes that can include multiple sites, and work over large distances as well as small distance.[2] It is one of the most commonly-used types of industrial control systems, however there are concerns about SCADA systems being vulnerable to cyberwarfare/cyberterrorism attacks.[3]
The SCADA concept in control operations[edit]
Functional levels of a manufacturing control operation
The key attribute of a SCADA system is its ability to perform a supervisory operation over a variety of other proprietary devices.
The accompanying diagram is a general model which shows functional manufacturing levels using computerised control.
Referring to the diagram,
- Level 0 contains the field devices such as flow and temperature sensors, and final control elements, such as control valves.
- Level 1 contains the industrialised input/output (I/O) modules, and their associated distributed electronic processors.
- Level 2 contains the supervisory computers, which collate information from processor nodes on the system, and provide the operator control screens.
- Level 3 is the production control level, which does not directly control the process, but is concerned with monitoring production and targets.
- Level 4 is the production scheduling level.
Level 1 contains the programmable logic controllers (PLCs) or remote terminal units (RTUs).
Level 2 contains the SCADA software and computing platform. The SCADA software exists only at this supervisory level as control actions are performed automatically by RTUs or PLCs. SCADA control functions are usually restricted to basic overriding or supervisory level intervention. For example, a PLC may control the flow of cooling water through part of an industrial process to a set point level, but the SCADA system software will allow operators to change the set points for the flow. The SCADA also enables alarm conditions, such as loss of flow or high temperature, to be displayed and recorded. A feedback control loop is directly controlled by the RTU or PLC, but the SCADA software monitors the overall performance of the loop.
Levels 3 and 4 are not strictly process control in the traditional sense, but are where production control and scheduling takes place.
Data acquisition begins at the RTU or PLC level and includes instrumentation readings and equipment status reports that are communicated to level 2 SCADA as required. Data is then compiled and formatted in such a way that a control room operator using the HMI (Human Machine Interface) can make supervisory decisions to adjust or override normal RTU (PLC) controls. Data may also be fed to a historian, often built on a commodity database management system, to allow trending and other analytical auditing.
SCADA systems typically use a tag database, which contains data elements called tags or points, which relate to specific instrumentation or actuators within the process system according to such as the Piping and instrumentation diagram. Data is accumulated against these unique process control equipment tag references.
Examples of use[edit]
Example of SCADA used in office environment to remotely monitor a process
Both large and small systems can be built using the SCADA concept. These systems can range from just tens to thousands of control loops, depending on the application. Example processes include industrial, infrastructure, and facility-based processes, as described below:
- Industrial processes include manufacturing, Process control, power generation, fabrication, and refining, and may run in continuous, batch, repetitive, or discrete modes.
- Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electric power transmission and distribution, and wind farms.
- Facility processes, including buildings, airports, ships, and space stations. They monitor and control heating, ventilation, and air conditioning systems (HVAC), access, and energy consumption.
However, SCADA systems may have security vulnerabilities, so the systems should be evaluated to identify risks and solutions implemented to mitigate those risks.[4]
SCADA system components[edit]
Typical SCADA mimic shown as an animation. For process plant, these are based upon the piping and instrumentation diagram.
A SCADA system usually consists of the following main elements:
Supervisory computers[edit]
This is the core of the SCADA system, gathering data on the process and sending control commands to the field connected devices. It refers to the computer and software responsible for communicating with the field connection controllers, which are RTUs and PLCs, and includes the HMI software running on operator workstations. In smaller SCADA systems, the supervisory computer may be composed of a single PC, in which case the HMI is a part of this computer. In larger SCADA systems, the master station may include several HMIs hosted on client computers, multiple servers for data acquisition, distributed software applications, and disaster recovery sites. To increase the integrity of the system the multiple servers will often be configured in a dual-redundant or hot-standby formation providing continuous control and monitoring in the event of a server malfunction or breakdown.
Remote terminal units[edit]
Remote terminal units, also known as (RTUs), connect to sensors and actuators in the process, and are networked to the supervisory computer system. RTUs are 'intelligent I/O' and often have embedded control capabilities such as ladder logic in order to accomplish boolean logic operations.[5]
Programmable logic controllers[edit]
Also known as PLCs, these are connected to sensors and actuators in the process, and are networked to the supervisory system in the same way as RTUs. PLCs have more sophisticated embedded control capabilities than RTUs, and are programmed in one or more IEC 61131-3 programming languages. PLCs are often used in place of RTUs as field devices because they are more economical, versatile, flexible and configurable.
Communication infrastructure[edit]
This connects the supervisory computer system to the RTUs and PLCs, and may use industry standard or manufacturer proprietary protocols.Both RTU's and PLC's operate autonomously on the near-real time control of the process, using the last command given from the supervisory system. Failure of the communications network does not necessarily stop the plant process controls, and on resumption of communications, the operator can continue with monitoring and control. Some critical systems will have dual redundant data highways, often cabled via diverse routes.
Human-machine interface[edit]
More complex SCADA animation showing control of four batch cookers
The human-machine interface (HMI) is the operator window of the supervisory system. It presents plant information to the operating personnel graphically in the form of mimic diagrams, which are a schematic representation of the plant being controlled, and alarm and event logging pages. The HMI is linked to the SCADA supervisory computer to provide live data to drive the mimic diagrams, alarm displays and trending graphs. In many installations the HMI is the graphical user interface for the operator, collects all data from external devices, creates reports, performs alarming, sends notifications, etc.
Mimic diagrams consist of line graphics and schematic symbols to represent process elements, or may consist of digital photographs of the process equipment overlain with animated symbols.
Supervisory operation of the plant is by means of the HMI, with operators issuing commands using mouse pointers, keyboards and touch screens. For example, a symbol of a pump can show the operator that the pump is running, and a flow meter symbol can show how much fluid it is pumping through the pipe. The operator can switch the pump off from the mimic by a mouse click or screen touch. The HMI will show the flow rate of the fluid in the pipe decrease in real time.
The HMI package for a SCADA system typically includes a drawing program that the operators or system maintenance personnel use to change the way these points are represented in the interface. These representations can be as simple as an on-screen traffic light, which represents the state of an actual traffic light in the field, or as complex as a multi-projector display representing the position of all of the elevators in a skyscraper or all of the trains on a railway.
A 'historian', is a software service within the HMI which accumulates time-stamped data, events, and alarms in a database which can be queried or used to populate graphic trends in the HMI. The historian is a client that requests data from a data acquisition server.[6]
Alarm handling[edit]
An important part of most SCADA implementations is alarm handling. The system monitors whether certain alarm conditions are satisfied, to determine when an alarm event has occurred. Once an alarm event has been detected, one or more actions are taken (such as the activation of one or more alarm indicators, and perhaps the generation of email or text messages so that management or remote SCADA operators are informed). In many cases, a SCADA operator may have to acknowledge the alarm event; this may deactivate some alarm indicators, whereas other indicators remain active until the alarm conditions are cleared.
Alarm conditions can be explicit—for example, an alarm point is a digital status point that has either the value NORMAL or ALARM that is calculated by a formula based on the values in other analogue and digital points—or implicit: the SCADA system might automatically monitor whether the value in an analogue point lies outside high and low- limit values associated with that point.
Examples of alarm indicators include a siren, a pop-up box on a screen, or a coloured or flashing area on a screen (that might act in a similar way to the 'fuel tank empty' light in a car); in each case, the role of the alarm indicator is to draw the operator's attention to the part of the system 'in alarm' so that appropriate action can be taken.
PLC/RTU programming[edit]
'Smart' RTUs, or standard PLCs, are capable of autonomously executing simple logic processes without involving the supervisory computer. They employ standardized control programming languages such as under, IEC 61131-3 (a suite of 5 programming languages including function block, ladder, structured text, sequence function charts and instruction list), is frequently used to create programs which run on these RTUs and PLCs. Unlike a procedural language such as the C programming language or FORTRAN, IEC 61131-3 has minimal training requirements by virtue of resembling historic physical control arrays. This allows SCADA system engineers to perform both the design and implementation of a program to be executed on an RTU or PLC.
A programmable automation controller (PAC) is a compact controller that combines the features and capabilities of a PC-based control system with that of a typical PLC. PACs are deployed in SCADA systems to provide RTU and PLC functions. In many electrical substation SCADA applications, 'distributed RTUs' use information processors or station computers to communicate with digital protective relays, PACs, and other devices for I/O, and communicate with the SCADA master in lieu of a traditional RTU.
PLC commercial integration[edit]
Since about 1998, virtually all major PLC manufacturers have offered integrated HMI/SCADA systems, many of them using open and non-proprietary communications protocols. Numerous specialized third-party HMI/SCADA packages, offering built-in compatibility with most major PLCs, have also entered the market, allowing mechanical engineers, electrical engineers and technicians to configure HMIs themselves, without the need for a custom-made program written by a software programmer.The Remote Terminal Unit (RTU) connects to physical equipment. Typically, an RTU converts the electrical signals from the equipment to digital values such as the open/closed status from a switch or a valve, or measurements such as pressure, flow, voltage or current. By converting and sending these electrical signals out to equipment the RTU can control equipment, such as opening or closing a switch or a valve, or setting the speed of a pump.
Communication infrastructure and methods[edit]
SCADA systems have traditionally used combinations of radio and direct wired connections, although SONET/SDH is also frequently used for large systems such as railways and power stations. The remote management or monitoring function of a SCADA system is often referred to as telemetry. Some users want SCADA data to travel over their pre-established corporate networks or to share the network with other applications. The legacy of the early low-bandwidth protocols remains, though.
SCADA protocols are designed to be very compact. Many are designed to send information only when the master station polls the RTU. Typical legacy SCADA protocols include Modbus RTU, RP-570, Profibus and Conitel. These communication protocols, with the exception of Modbus (Modbus has been made open by Schneider Electric), are all SCADA-vendor specific but are widely adopted and used. Standard protocols are IEC 60870-5-101 or 104, IEC 61850 and DNP3. These communication protocols are standardized and recognized by all major SCADA vendors. Many of these protocols now contain extensions to operate over TCP/IP. Although the use of conventional networking specifications, such as TCP/IP, blurs the line between traditional and industrial networking, they each fulfill fundamentally differing requirements.[7]Network simulation can be used in conjunction with SCADA simulators to perform various 'what-if' analyses.
With increasing security demands (such as North American Electric Reliability Corporation (NERC) and critical infrastructure protection (CIP) in the US), there is increasing use of satellite-based communication. This has the key advantages that the infrastructure can be self-contained (not using circuits from the public telephone system), can have built-in encryption, and can be engineered to the availability and reliability required by the SCADA system operator. Earlier experiences using consumer-grade VSAT were poor. Modern carrier-class systems provide the quality of service required for SCADA.[8]
RTUs and other automatic controller devices were developed before the advent of industry wide standards for interoperability. The result is that developers and their management created a multitude of control protocols. Among the larger vendors, there was also the incentive to create their own protocol to 'lock in' their customer base. A list of automation protocols is compiled here.
OLE for process control (OPC) can connect different hardware and software, allowing communication even between devices originally not intended to be part of an industrial network.
Standardisation in the field of mySCADA protocols resulted into the vendor independent protocol called OPC UA (Unified Architecture). OPC UA is starting to be widely adopted among multiple SCADA vendors.
SCADA architecture development[edit]
The United States Army's Training Manual 5-601 covers 'SCADA Systems for C4ISR Facilities'
Mw2 free mod menu. SCADA systems have evolved through four generations as follows:[9][10][11][12]
First generation: 'monolithic / Stand Alone'[edit]
Early SCADA system computing was done by large minicomputers. Common network services did not exist at the time SCADA was developed. Thus SCADA systems were independent systems with no connectivity to other systems. The communication protocols used were strictly proprietary at that time. The first-generation SCADA system redundancy was achieved using a back-up mainframe system connected to all the Remote Terminal Unit sites and was used in the event of failure of the primary mainframe system.[13] Some first generation SCADA systems were developed as 'turn key' operations that ran on minicomputers such as the PDP-11 series made by the Digital Equipment Corporation.[citation needed].
Second generation: 'distributed'[edit]
SCADA information and command processing was distributed across multiple stations which were connected through a LAN. Information was shared in near real time. Each station was responsible for a particular task, which reduced the cost as compared to First Generation SCADA. The network protocols used were still not standardized. Since these protocols were proprietary, very few people beyond the developers knew enough to determine how secure a SCADA installation was. Security of the SCADA installation was usually overlooked.
Third generation: 'networked'[edit]
Similar to a distributed architecture, any complex SCADA can be reduced to the simplest components and connected through communication protocols. In the case of a networked design, the system may be spread across more than one LAN network called a process control network (PCN) and separated geographically. Several distributed architecture SCADAs running in parallel, with a single supervisor and historian, could be considered a network architecture. This allows for a more cost-effective solution in very large scale systems.
Fourth generation: 'Web-based'[edit]
The growth of the internet has led SCADA systems to implement web technologies allowing users to view data, exchange information and control processes from anywhere in the world.[14][15] The early 2000s saw the proliferation of Web SCADA systems.[16][17][18] Web SCADA systems use internet browsers such as Google Chrome and Mozilla Firefox as the graphical user interface (GUI) for the operators HMI.[19][16] This simplifies the client side installation and enables users to access the system from various platforms with web browsers such as servers, personal computers, laptops, tablets and mobile phones.[16][20]
Security issues[edit]
SCADA systems that tie together decentralized facilities such as power, oil, gas pipelines, water distribution and wastewater collection systems were designed to be open, robust, and easily operated and repaired, but not necessarily secure.[21] The move from proprietary technologies to more standardized and open solutions together with the increased number of connections between SCADA systems, office networks and the Internet has made them more vulnerable to types of network attacks that are relatively common in computer security. For example, United States Computer Emergency Readiness Team (US-CERT) released a vulnerability advisory[22] warning that unauthenticated users could download sensitive configuration information including password hashes from an Inductive AutomationIgnition system utilizing a standard attack type leveraging access to the TomcatEmbedded Web server. Security researcher Jerry Brown submitted a similar advisory regarding a buffer overflow vulnerability[23] in a Wonderware InBatchClient ActiveX control. Both vendors made updates available prior to public vulnerability release. Mitigation recommendations were standard patching practices and requiring VPN access for secure connectivity. Consequently, the security of some SCADA-based systems has come into question as they are seen as potentially vulnerable to cyber attacks.[3][24][25]
In particular, security researchers are concerned about
- the lack of concern about security and authentication in the design, deployment and operation of some existing SCADA networks
- the belief that SCADA systems have the benefit of security through obscurity through the use of specialized protocols and proprietary interfaces
- the belief that SCADA networks are secure because they are physically secured
- the belief that SCADA networks are secure because they are disconnected from the Internet
SCADA systems are used to control and monitor physical processes, examples of which are transmission of electricity, transportation of gas and oil in pipelines, water distribution, traffic lights, and other systems used as the basis of modern society. The security of these SCADA systems is important because compromise or destruction of these systems would impact multiple areas of society far removed from the original compromise. For example, a blackout caused by a compromised electrical SCADA system would cause financial losses to all the customers that received electricity from that source. How security will affect legacy SCADA and new deployments remains to be seen.
There are many threat vectors to a modern SCADA system. One is the threat of unauthorized access to the control software, whether it is human access or changes induced intentionally or accidentally by virus infections and other software threats residing on the control host machine. Another is the threat of packet access to the network segments hosting SCADA devices. In many cases, the control protocol lacks any form of cryptographic security, allowing an attacker to control a SCADA device by sending commands over a network. In many cases SCADA users have assumed that having a VPN offered sufficient protection, unaware that security can be trivially bypassed with physical access to SCADA-related network jacks and switches. Industrial control vendors suggest approaching SCADA security like Information Security with a defense in depth strategy that leverages common IT practices.[26]
The reliable function of SCADA systems in our modern infrastructure may be crucial to public health and safety. As such, attacks on these systems may directly or indirectly threaten public health and safety. Such an attack has already occurred, carried out on Maroochy Shire Council's sewage control system in Queensland, Australia.[27] Shortly after a contractor installed a SCADA system in January 2000, system components began to function erratically. Pumps did not run when needed and alarms were not reported. More critically, sewage flooded a nearby park and contaminated an open surface-water drainage ditch and flowed 500 meters to a tidal canal. The SCADA system was directing sewage valves to open when the design protocol should have kept them closed. Initially this was believed to be a system bug. Monitoring of the system logs revealed the malfunctions were the result of cyber attacks. Investigators reported 46 separate instances of malicious outside interference before the culprit was identified. The attacks were made by a disgruntled ex-employee of the company that had installed the SCADA system. The ex-employee was hoping to be hired by the utility full-time to maintain the system.
In April 2008, the Commission to Assess the Threat to the United States from Electromagnetic Pulse (EMP) Attack issued a Critical Infrastructures Report which discussed the extreme vulnerability of SCADA systems to an electromagnetic pulse (EMP) event. After testing and analysis, the Commission concluded: 'SCADA systems are vulnerable to an EMP event. The large numbers and widespread reliance on such systems by all of the Nation’s critical infrastructures represent a systemic threat to their continued operation following an EMP event. Additionally, the necessity to reboot, repair, or replace large numbers of geographically widely dispersed systems will considerably impede the Nation’s recovery from such an assault.'[28]
Many vendors of SCADA and control products have begun to address the risks posed by unauthorized access by developing lines of specialized industrial firewall and VPN solutions for TCP/IP-based SCADA networks as well as external SCADA monitoring and recording equipment.The International Society of Automation (ISA) started formalizing SCADA security requirements in 2007 with a working group, WG4. WG4 'deals specifically with unique technical requirements, measurements, and other features required to evaluate and assure security resilience and performance of industrial automation and control systems devices'.[29]
The increased interest in SCADA vulnerabilities has resulted in vulnerability researchers discovering vulnerabilities in commercial SCADA software and more general offensive SCADA techniques presented to the general security community.[30] In electric and gas utility SCADA systems, the vulnerability of the large installed base of wired and wireless serial communications links is addressed in some cases by applying bump-in-the-wire devices that employ authentication and Advanced Encryption Standard encryption rather than replacing all existing nodes.[31]
In June 2010, anti-virus security company VirusBlokAda reported the first detection of malware that attacks SCADA systems (Siemens' WinCC/PCS 7 systems) running on Windows operating systems. The malware is called Stuxnet and uses four zero-day attacks to install a rootkit which in turn logs into the SCADA's database and steals design and control files.[32][33] The malware is also capable of changing the control system and hiding those changes. The malware was found on 14 systems, the majority of which were located in Iran.[34]
In October 2013 National Geographic released a docudrama titled American Blackout which dealt with an imagined large-scale cyber attack on SCADA and the United States' electrical grid.[35]
See also[edit]
References[edit]
- ^Antunes, Ricardo; Poshdar, Mani (2018). 'Envision of an integrated information system for project-driven production in construction'. Proc. 26th Annual Conference of the International. Group for Lean Construction (IGLC): 134–143. arXiv:1807.04966. doi:10.24928/2018/0511. Retrieved 27 December 2018.
- ^Boys, Walt (18 August 2009). 'Back to Basics: SCADA'. Automation TV: Control Global - Control Design.
- ^ ab'Cyberthreats, Vulnerabilities and Attacks on SCADA Networks'(PDF). Rosa Tang, berkeley.edu. Archived from the original(PDF) on 13 August 2012. Retrieved 1 August 2012.
- ^Boyer, Stuart A. (2010). SCADA Supervisory Control and Data Acquisition. USA: ISA - International Society of Automation. p. 179. ISBN978-1-936007-09-7.
- ^Jeff Hieb (2008). Security Hardened Remote Terminal Units for SCADA Networks. University of Louisville.
- ^Aquino-Santos, Raul (30 November 2010). Emerging Technologies in Wireless Ad-hoc Networks: Applications and Future Development: Applications and Future Development. IGI Global. pp. 43–. ISBN978-1-60960-029-7.
- ^'Introduction to Industrial Control Networks'(PDF). IEEE Communications Surveys and Tutorials. 2012.
- ^Bergan, Christian (August 2011). 'Demystifying Satellite for the Smart Grid: Four Common Misconceptions'. Electric Light & Powers. Utility Automation & Engineering T&D. Tulsa, OK: PennWell. 16 (8). Four. Retrieved 2 May 2012.
satellite is a cost-effective and secure solution that can provide backup communications and easily support core smart grid applications like SCADA, telemetry, AMI backhaul and distribution automation
- ^OFFICE OF THE MANAGER NATIONAL COMMUNICATIONS SYSTEMctober 2004. 'Supervisory Control and Data Acquisition (SCADA) Systems'(PDF). NATIONAL COMMUNICATIONS SYSTEM.
- ^'SCADA Systems april 2014'.
- ^J. Russel. 'A Brief History of SCADA/EMS (2015)'. Archived from the original on 11 August 2015.
- ^Abbas, H.A. (2014). Future SCADA challenges and the promising solution: the agent-based SCADA. IJCIS, 10, 307-333.
- ^Security Hardened Remote Terminal Units for SCADA Networks. ProQuest. 2008. pp. 12–. ISBN978-0-549-54831-7.
- ^R. Fan, L. Cheded and O. Toker, 'Internet-based SCADA: a new approach using Java and XML,' in Computing & Control Engineering Journal, vol. 16, no. 5, pp. 22-26, Oct.-Nov. 2005.
- ^R. J. Robles and T. H. Kim, “Architecture for SCADA with Mobile Remote Components”, Proceedings of the 12th WSEAS International Conference on Automatic Control, Modelling & Simulation.
- ^ abcAbbas, H.A. and Mohamed, A.M. (2011) ‘Review in the design of web based SCADA systems based on OPC DA protocol’, International Journal of Computer Networks, February, Vol. 2, No. 6, pp.266–277, Malaysia.
- ^Qiu B, Gooi HB. Web-based scada display systems (wsds) for access via internet. Power Systems, IEEE Transactions on 2000;15(2):681–686.
- ^Li D, Serizawa Y, Kiuchi M. Concept design for a web-based supervisory control and>
- ^'ICSA-11-231-01—INDUCTIVE AUTOMATION IGNITION INFORMATION DISCLOSURE VULNERABILITY'(PDF). 19 August 2011. Retrieved 21 January 2013.
- ^'ICSA-11-094-01—WONDERWARE INBATCH CLIENT ACTIVEX BUFFER OVERFLOW'(PDF). 13 April 2011. Retrieved 26 March 2013.
- ^D. Maynor and R. Graham (2006). 'SCADA Security and Terrorism: We're Not Crying Wolf'(PDF).
- ^Robert Lemos (26 July 2006). 'SCADA system makers pushed toward security'. SecurityFocus. Retrieved 9 May 2007.
- ^'Industrial Security Best Practices'(PDF). Rockwell Automation. Retrieved 26 March 2013.
- ^Slay, J.; Miller, M. (November 2007). 'Chpt 6: Lessons Learned from the Maroochy Water Breach'. Critical infrastructure protection (Online-Ausg. ed.). Springer Boston. pp. 73–82. ISBN978-0-387-75461-1. Retrieved 2 May 2012.
- ^http://www.empcommission.org/docs/A2473-EMP_Commission-7MB.pdf
- ^'Security for all'. InTech. June 2008. Retrieved 2 May 2012.
- ^'SCADA Security – Generic Electric Grid Malware Design'. Archived from the original on 7 January 2009.
- ^KEMA, Inc. (November 2006). 'Substation Communications: Enabler of Automation / An Assessment of Communications Technologies'. UTC – United Telecom Council: 3–21.Cite journal requires
|journal=
(help) - ^Mills, Elinor (21 July 2010). 'Details of the first-ever control system malware (FAQ)'. CNET. Retrieved 21 July 2010.
- ^'SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan'. Siemens. 21 July 2010. Retrieved 22 July 2010.
malware (trojan) which affects the visualization system WinCC SCADA.
- ^'Siemens: Stuxnet worm hit industrial systems'. Archived from the original on 25 May 2012. Retrieved 16 September 2010.
- ^'American Blackout'. National Geographic Channel. Retrieved 14 October 2016.
External links[edit]
Wikimedia Commons has media related to SCADA. |
Retrieved from 'https://en.wikipedia.org/w/index.php?title=SCADA&oldid=917406277'