The City of Wilsonville, Oregon, initiated a project to completely redesign and replace both of its water and wastewater supervisory control and data acquisition (SCADA) systems. The existing leased telephone line communication systems were replaced with
independent, secure licensed frequency wireless radio networks. The existing legacy
hardware for the central Master Telemetry Units (MTU) and Remote Telemetry Units
(RTU) were replaced with Programmable Logic Controllers (PLC).
This paper describes the security design considerations and system integration methods
for the project. Key elements include the hardware and software security features of the
selected communication and control components. The communication system radio
modems provide multiple layers of security from four main threats to wireless data
communication. The engineering and configuration software for the PLC components
adds an additional security layer through unique node addressing and password protected
login requirements. Monitoring and control access is implemented at the local level
through Operator Interface System security constraints and login procedures. Remote
intrusion alarming and monitoring is implemented via physical security hardware.
Data from the City's utility systems is collected by three data historian applications. The
system design includes secure access to each of the four utility control system networks
from five separate locations over the City's business LAN network, and from authorized
external nodes. These connections are used for data access, management and reporting,
Operator Interface control, and PLC engineering work station functions for the MTU and
RTU sites. Discussion includes implementation of the control system network access and
security policy, procedures and practices. Includes 7 references, table, figures.
| Edition : | Vol. - No. |
| File Size : | 1
file
, 1.6 MB |
| Note : | This product is unavailable in Ukraine, Russia, Belarus |
| Number of Pages : | 35 |
| Published : | 11/01/2009 |
