Selecting the right SCADA technology
Mobile clients take the Web-based thin client concept to another level by providing access to the SCADA system via handheld devices such as smartphones and tablets (see Figure 2). Not only does this promote exceptional mobility, it can also lower both communications and hardware costs. Advantages of mobile clients include:
- User is not tied to a fixed location
- Lowest hardware costs
- Lower communication costs than Web-based thin clients
- Users can use personal devices
- Apps allow quick connection and two-way access.
Communication costs are lower because many cell network providers charge less than Internet providers. Cell providers are able to provide inexpensive data access because this type of traffic doesn’t have the real-time requirements of voice calls, making it possible for providers to use data traffic as a fill-in to wring the most out of their network capacity.
Hardware costs are lower because smartphones and tablets are less expensive than PCs and embedded computing platforms. Some companies are reducing costs further by implementing bring-your-own-device policies, which require employees to use their personal cell phones and tablets for SCADA remote access and other tasks. In most cases, employees already have these devices, and companies pay employees a fixed amount, typically amounting to a portion of their monthly provider fees.
Access options can be configured to provide users with read-only access to certain or all tag values and alarm conditions, or remote control options may be offered. Remote access to SCADA systems by mobile devices is typically achieved via a Web browser or an app. There is a debate over which method provides better access, but in both cases, screen images must be optimized for the smaller screens as compared to PCs and embedded computing platforms.
Incorrectly sized screens for smartphones and small tablets can make remote access unwieldy. Loading graphics can slow down data retrieval to the point that the application times out before the user sees the data, and excessive scrolling is often required to view content designed for a larger screen. Correctly sizing the screens alleviates this issue, and a well-designed app can provide further benefits along these and other lines.
Browsers or apps?
If remote users are going to be accessing many screens or graphics, an app is often a better choice than browser-based access in terms of speed and usability. Apps are designed specifically for smartphones and other handheld devices, so screens are generally sized correctly, eliminating the need for excessive scrolling and long retrieval times.
Many HMI/SCADA software packages provide a mobile phone app for free or for a very nominal charge. As with thin client and mobile browser access, remote users benefit from full-featured two-way communication. As compared to a browser, these SCADA apps connect and load screens faster to deliver more rapid response times. While many of these apps don’t require users to do screen conversions, there is a small level of effort required for setup, typically similar to what a user would execute when loading an app for his or her cell phone.
Whether implementing browser or app access, it’s important to select the right SCADA development package. Because the programming languages used for Apple products are different from those used for Android-based and other tablets and smartphones, less innovative SCADA suppliers must write apps and browser-based applications separately for each operating system type. This means users often have to wait months for their smartphone or tablet application to be developed or upgraded.
However, this problem is easily overcome by choosing the right SCADA package, specifically from a supplier that programs its remote access applications in HTML5. This latest version of HTML works on an open standard that enables the development of Web applications for multiple types of devices, including iPhones and Android-based phones at the same time. A SCADA software package with HTML5 support will eliminate the development delays for different types of handheld operating systems.
SCADA security is of utmost importance. The general media has publicized alarming stories on the vulnerability of SCADA systems, and enabling Internet or cell network access to SCADA systems does require additional security measures such as firewalls, passwords, and possibly encrypted virtual private networks.
Most SCADA users are familiar with the Stuxnet worm that was discovered in June 2010. In addition to gaining access to the SCADA system, it was the first major instance of malware used to destroy equipment. Stuxnet was an important wake-up call to many companies. However, many continue to erroneously believe it demonstrates the dangers of the Internet. The Stuxnet worm initially spread using infected removable drives (USB flash drives), and it then used peer-to-peer remote procedure calls to infect other computers inside private networks that weren’t connected to the Internet.
This example is used to show that any network—regardless of how it’s accessed—is vulnerable to attacks if it’s not properly protected. It’s equally important to prohibit unauthorized access from the PCs connected to a private network as it is to create firewalls for Web-based and cell network access. Industrial security experts advise treating SCADA security with an in-depth strategy that leverages common IT practices and security measures including firewalls, encryption, and proper procedures.
A firewall is a hardware appliance or software application that monitors network traffic based on user-defined or preconfigured rules to prevent unauthorized access. There are different types of firewalls, with some offering enhanced safeguards for industrial use. Password protection and encryption will further strengthen the network against intrusion.
Many companies use a virtual private network (VPN) to secure communications between multiple networks or multiple hosts. A VPN establishes a protected tunnel across the Internet or other communication network that keeps data safe from unauthorized access. Communications are safeguarded regardless of the path taken or the distance traveled. Fortunately, today’s advanced SCADA systems offer a high level of protection and functionality for remote access if implemented correctly, and if correct security procedures are followed.
Regardless of the device and method used, inevitably the vast majority of SCADA systems need to provide some sort of remote access. The very nature of these systems is to facilitate the monitoring and control of remote processes and operations, so trying to isolate the SCADA system creates a real risk of falling behind competitors. The good news is now SCADA users have many options for providing that remote access, with different ones to suit each application.
Jeff Payne is the product manager for the Automation Controls Group at AutomationDirect Inc.
- Events & Awards
- Magazine Archives
- Digital Reports
- Global SI Database
- Oil & Gas Engineering
- Survey Prize Winners