SCADA
What is SCADA?
SCADASupervisory Control and Data Acquisition systems that gather telemetry from remote field devices and let operators monitor and command large industrial processes.
SCADA (Supervisory Control and Data Acquisition) is a category of ICS that centralizes the monitoring and control of geographically distributed assets such as pipelines, electric grids, and water networks. A typical architecture combines field devices (PLCs, RTUs, IEDs), communication links (cellular, radio, fiber), SCADA servers, historians, and HMIs in a control room. SCADA traffic often uses unauthenticated protocols (Modbus, DNP3, IEC 60870-5-104), making it vulnerable to spoofing, replay, and command injection if exposed to untrusted networks. High-profile incidents — including Stuxnet, Industroyer, and the Oldsmar water hack — show how attackers can manipulate SCADA to disrupt operations or threaten safety.
● Examples
- 01
A transmission system operator using SCADA to open and close circuit breakers across a national grid.
- 02
A municipal water utility monitoring pump stations and reservoirs from a central SCADA console.
● Frequently asked questions
What is SCADA?
Supervisory Control and Data Acquisition systems that gather telemetry from remote field devices and let operators monitor and command large industrial processes. It belongs to the OT / ICS / IoT category of cybersecurity.
What does SCADA mean?
Supervisory Control and Data Acquisition systems that gather telemetry from remote field devices and let operators monitor and command large industrial processes.
How does SCADA work?
SCADA (Supervisory Control and Data Acquisition) is a category of ICS that centralizes the monitoring and control of geographically distributed assets such as pipelines, electric grids, and water networks. A typical architecture combines field devices (PLCs, RTUs, IEDs), communication links (cellular, radio, fiber), SCADA servers, historians, and HMIs in a control room. SCADA traffic often uses unauthenticated protocols (Modbus, DNP3, IEC 60870-5-104), making it vulnerable to spoofing, replay, and command injection if exposed to untrusted networks. High-profile incidents — including Stuxnet, Industroyer, and the Oldsmar water hack — show how attackers can manipulate SCADA to disrupt operations or threaten safety.
How do you defend against SCADA?
Defences for SCADA typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for SCADA?
Common alternative names include: Supervisory Control and Data Acquisition.
● Related terms
- ot-iot№ 529
Industrial Control System (ICS)
An umbrella term for systems that automate and supervise industrial processes, including SCADA, DCS, PLCs, RTUs, and safety controllers.
- ot-iot№ 864
Programmable Logic Controller (PLC)
A ruggedized industrial computer that executes deterministic control logic to read sensors and drive actuators in real-time processes.
- ot-iot№ 502
Human-Machine Interface (HMI)
Software or panel that lets operators visualize process state and issue commands to PLCs, DCS, and SCADA systems.
- ot-iot№ 334
DNP3
Distributed Network Protocol 3, an event-driven ICS protocol used in electric utilities, water, and oil & gas to communicate between SCADA masters and remote outstations.
- ot-iot№ 702
Modbus
A simple, openly documented industrial protocol for polling registers and coils on PLCs, RTUs, and field devices, available over serial (RTU/ASCII) and TCP.
- ot-iot№ 1111
Stuxnet
A highly sophisticated 2010 worm that sabotaged Iran's uranium-enrichment centrifuges by reprogramming Siemens PLCs, widely attributed to the United States and Israel.