Industrial Control System Field Components

Posted on by RealCyberCrime

You may see an uptick in SCADA/ICS related posts since I’ve been studying and preparing for the SANS GICSP (Global Industrial Cyber Security Professional) certification. It’s a lot of interesting material and just wanted to share a little about industrial control system field components.

Field Components

PLC (Programmable Logic Controller) is a computer-based solid-date device that controls industrial equipment and processes.

Figure 1 | Allen Bradley PLC

RTU (Remote Terminal Unit) is used to report local system information and communicate with the upstream supervisory system.

RTU
Figure 2| Remote Terminal Unit

PLC vs RTU

  • Both have an array of input/output connections and software/logic for operations input/output for automation and safety
  • RTU’s are generally less capable than PLCs
  • RTU’s are more suitable for large geographical areas. They utilize wireless communications to communicate back to the supervisory system.
  • PLCs are generally suited for a local control system that resides entirely at once local and uses physical media for communications.
  • The lines between the two are blurring more recently though

DPR (Digital Protective Relay) are single purpose microcontrollers to detect faults in a system and often report to an RTU. DPRs measure voltages and currents.

IED (Intelligent End Device), a DPR is an example of an IED.

PMU (Phasor Measurement Unit) is a device that measures that electrical waves on an electricity grid using a common time source for synchronization.

RTOS (Real Time Operating Systems)

  • Process input in real time
  • Examples
    • QNX
    • VxWorks
    • Windows CE
  • QNX
    • Microkernel OS (only does three things – CPU scheduling, interrupts, and interprocess communication)
    • Runs on MIPS, PowerPC, Arm, x86
  • VxWorks
    • Memory separated kernel (kernel and user-space processes have isolated memory segments)
    • Commonly found to have debug tools still installed on production systems. Can be used for forensic analysis or attacks.
  • Windows CE
    • Much smaller kernel
    • Visual Studio for development/debugging
    • Runs on multiple architectures
    • Sometimes offers internet explorer even

Sensor Networks are spatially distributed and monitor environmental qualities like temperature, humidity, vibration, sound, and air pressure.

Other Fields Devices

  • Valves, solenoids, pumps, agitators, burners, compressors, etc.
  • Wiring ties the devices to the things
  • Basic communication is referred to as “I/O” (Input/Output)

Digital I/O is an input or output where the specified value is communication as simple on/off signals.

Analog I/O is an input or output where the specified value is communicated by varying the voltage or current of a signal.

A setpoint is the desired process output that an automatic control system will aim to reach. An example is a boiler might have a temperature setpoint that the control system aims to attain.

SIS (Safety Instrumented System) detect and remediate unsafe situations.

Sources:

  1. SANS GICSP Course Materials
  2. PLC – http://www.windtechautomation.com/
  3. RTU – http://www.energy.siemens.com/

Leave a Reply

Your email address will not be published. Required fields are marked *