Skip to content

Real Cyber Crime

ramblings of a cyber professional

  • Home
  • Skills
  • Notes
  • About
Menu

Industrial Control System Field Components

Posted on October 24, 2015April 18, 2017 by RealCyberCrime
Reading Time: 3 minutes

You may see an uptick in SCADA/ICS related posts since I’ve been studying and preparing for the SANS GICSP (Global Industrial Cyber Security Professional) certification. It’s a lot of interesting material and just wanted to share a little about industrial control system field components.

Field Components

PLC (Programmable Logic Controller) is a computer-based solid-date device that controls industrial equipment and processes.

Figure 1 | Allen Bradley PLC

RTU (Remote Terminal Unit) is used to report local system information and communicate with the upstream supervisory system.

RTU
Figure 2| Remote Terminal Unit

PLC vs RTU

  • Both have an array of input/output connections and software/logic for operations input/output for automation and safety
  • RTU’s are generally less capable than PLCs
  • RTU’s are more suitable for large geographical areas. They utilize wireless communications to communicate back to the supervisory system.
  • PLCs are generally suited for a local control system that resides entirely at once local and uses physical media for communications.
  • The lines between the two are blurring more recently though

DPR (Digital Protective Relay) are single purpose microcontrollers to detect faults in a system and often report to an RTU. DPRs measure voltages and currents.

IED (Intelligent End Device), a DPR is an example of an IED.

PMU (Phasor Measurement Unit) is a device that measures that electrical waves on an electricity grid using a common time source for synchronization.

RTOS (Real Time Operating Systems)

  • Process input in real time
  • Examples
    • QNX
    • VxWorks
    • Windows CE
  • QNX
    • Microkernel OS (only does three things – CPU scheduling, interrupts, and interprocess communication)
    • Runs on MIPS, PowerPC, Arm, x86
  • VxWorks
    • Memory separated kernel (kernel and user-space processes have isolated memory segments)
    • Commonly found to have debug tools still installed on production systems. Can be used for forensic analysis or attacks.
  • Windows CE
    • Much smaller kernel
    • Visual Studio for development/debugging
    • Runs on multiple architectures
    • Sometimes offers internet explorer even

Sensor Networks are spatially distributed and monitor environmental qualities like temperature, humidity, vibration, sound, and air pressure.

Other Fields Devices

  • Valves, solenoids, pumps, agitators, burners, compressors, etc.
  • Wiring ties the devices to the things
  • Basic communication is referred to as “I/O” (Input/Output)

Digital I/O is an input or output where the specified value is communication as simple on/off signals.

Analog I/O is an input or output where the specified value is communicated by varying the voltage or current of a signal.

A setpoint is the desired process output that an automatic control system will aim to reach. An example is a boiler might have a temperature setpoint that the control system aims to attain.

SIS (Safety Instrumented System) detect and remediate unsafe situations.

Sources:

  1. SANS GICSP Course Materials
  2. PLC – http://www.windtechautomation.com/
  3. RTU – http://www.energy.siemens.com/

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Posted in cyber to physical

Post navigation

Cyber Security Analyst’s “Hierarchy of Needs”
Where to look for suspicious computer activity?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Theme Design & Developed By OpenSumo