Pipeline SCADA systems in general form a critical IT-Infrastructure which gets nowadays more and more exposed to well-directed cyber attacks. A very popular example would be the Stuxnet-Worm which has been specifically developed and distributed to attack modern control systems.
In order to protect a critical IT-Infrastructure against modern cyber-attacks various aspects have to be considered during the design as well as during operation and maintenance of these systems. The presented paper will provide examples of IT threats within process control systems. It will briefly explain the developments of the control system components and it’s system architecture during the last decade in order to identify and flag their vulnerability. Based on it the required IT-Security within a process control environment will be explained and the classification of problem areas will be identified.
The presentation will provide examples for a security guideline of a critical IT-Infrastructure – like a pipeline SCADA system – to mitigate modern cyber attacks. These guidelines need to be reflected already during the design and commissioning phase of a new SCADA system but they need also a strict follow up for operation and maintenance during the life cycle of the plant.