The recent outages have kept me busy. Many people in the upper Midwest have generators for such contingencies, not a few of them purchased at fire sales after Jan 1, 2000 and 2002. The remarkable disconnectedness of control systems in the face of intimately connected power distribution is not a surprise to some of us. Other facets of our national infrastructure have a very 1980s software approach–trivial, hardcoded login credentials, increasingly Internet connected, etc. In my opinion these are areas where the market forces are not capable of appropriate compensation–the low probability, high risk events. The costs will be manageable to have independently audited and tested high-reliability power distribution and other critical infrastructure systems.
Do I have a bias as a seller and designer of SCADA systems? Sure–I’m highly motivated to get you the right system, whether that be a Mitsubishi Alpha or more sophisticated MOSCAD wireless network backed with MDS microwave relays. The critical infrastructure systems should have their own radio networks to continue working in the face of a major telecom failure. Leased lines are too expensive, POTS dialup is fidgety.
Municipalities and utilities small to large, and especially the small can’t afford to rely on weak communications command and control linkages. Old systems based on DTMF (!) and other hacked together systems can be replaced with MOSCAD or the like having timestamped, encrypted anti-playback capability. Given recent events, the ability of a modestly motivated adversary to get surplus equipment from online auctions to wreak national havoc cannot be overlooked.
No more factory-default passwords, make the SCADA equipment require a sufficiently sophisticated password. Find ways to make certificates and other “beyond password” measures a reality with embedded critical control systems. Your utility or municipality can benefit from an objective third party in reviewing proposals and statements of work, ensuring that critical areas aren’t missed. Sometimes adding just 2% percent to a system cost adds 15% more value. Sometimes, vendors are proposing the same old one-size-fits-all, and you could consider an out-of-area vendor with a more tailored approach. For example, using narrowband data to pumps and broadband data to substations can reduce antenna needs for the narrowband stations, allowing increased robustness in remote areas. Triggered camera recording with periodic snapshotting allows identification of malfeasants over a modest data pipeline–do you really need thousands of hours of unwatched video, or instead have high speed video when your installation is approached.
These approaches exploit the latest in encrypted, license-free data radio technology, allowing rapid upgrades without dealing with contentious cross-border licensing issues. The higher directivity of 900MHz yagis vs. VHF yagis allows denser networks and less interference from tropospheric ducting a.k.a. “skip” from hundreds of miles away. Multipoint operation reduces the need for a tall central tower(s)–or have multiple “master” locations with more modest elevation.