SCADA systems have been a standard method for advanced management and monitoring of installations and activities in the oil, mining, water and manufacturing sectors. Traditionally, these services have been built around security and protection and have been segregated from other networks. This is no longer the case with the advent in technologies and the need for increased disclosure in organizational results. Legacy networks are now becoming less likely to support current standards for security and data management and are at high risk of failure at any point, so there is now a significant liability and the expense to asset owners will be much higher than they know.
Installing a new SCADA system or upgrading a legacy system can be seen as an investment in performance, protection and organizational visibility. Early in the PLC and SCADA growth days, the expense of investment in hardware and software, along with the design, installation and continuing maintenance of SCADA systems, was high, partially because many legacy systems are still in service. Another explanation is because hardware was usually built and produced with robustness in mind, some devices have been in use for more than 20 years.
The potential cost of replacing the legacy SCADA system has caused some asset owners to stop investing in new equipment instead of continuing to use legacy hardware and software and adapting it to current standards where they can. The continued use of legacy technologies has now reached a point where the benefits no longer outweigh the costs, and asset owners should be aware of the potential cost of a SCADA system breakdown with little to no upgrade plan.
Cyber Security Vulnerability
Perhaps the greatest danger to legacy SCADA systems is the possibility of hackers breaching and compromising the system, particularly where sensitive infrastructure is involved. Many of these legacy SCADA systems were developed decades ago, when cyber security was not a problem, but since they have become intertwined with more advanced services, security has become a more popular issue.
These legacy networks have very little adoption of standard protection mechanisms, such as encryption, which is difficult to sustain due to lack of computing capability and legacy protocols. Authentication can not be supported or allow very low-level authentication, such as SCADA PCs that share the same password that have been re-used for years or, in some cases, lack of password protection at all.
Another security-related concern is that most, if not all, legacy systems and support software such as SQL servers and network operating systems are no longer supplied by the original equipment manufacturer (OEM) or related provider. An example of this is the Windows XP operating system that has not been supported by Microsoft since 2014. We are aware of many legacy SCADA devices still running Windows XP (or even older OS versions) so that they are continuously exposed to cyber attacks, not to mention the hardware itself will be far past their planned design existence.
The burden of sustaining the legacy structure
Legacy SCADA systems and their modules, including PLCs, HMIs, PCs, servers and networking hardware, all need time-frame updates to keep up with the current technology advances, remain functional, conform with safety and regulatory requirements, and maintain and run cost-effectively.
Legacy devices are usually not sponsored by manufacturers or OEMs, which results in the need for fresh or second-hand hardware to be sourced from unsupported networks, each of which prices are inherently far higher and bear several dangers.
The true costs of continuing to operate the legacy system may not be immediately apparent, i.e. until a failure occurs, the results of which can at best be a minor disruption to the process or could result in an extended downtime while the components are being attempted, which in many cases have longer lead times and may not work as intended once installed.
Once a legacy system has been established, a type of conversion enhancement plan should be introduced, covering not only the initial hardware costs, but also the benefits of more efficient security, improved process performance, enhanced process flexibility, extension capability, lower average operating costs and improved system protection.
In certain cases, legacy SCADA devices may be transferred over time to a more updated model, often as part of other upgrades that might occur, such as meeting the current requirements and regulations, so that the overall costs can be shared over time without having to spend the total sum in advance.
Hardware Malfunction Chance
Legacy devices contain outdated hardware modules that will malfunction without warning at any moment. Unexpected device errors are one of the biggest risks and can often be very costly depending on the program and its criticality. In certain cases, replacement parts are just not usable, and the update is required to take place at the worst possible moment.
The cost of updates to the new hardware and software has to be balanced against the possible costs of unforeseen device errors that may last for days, weeks, or even months.
Benefits of upgrading the SCADA system
Although it can be tempting to take a ‘if it doesn’t crack, don’t repair it’ for legacy SCADA systems, particularly when taking into account the potential expense of upgrading, the advantages of improvements to the current SCADA system outweigh the negatives.
New SCADA systems are much more protected against cyber threats, provide more data to make educated asset choices, increase productivity and performance, are expandable and versatile, and can add new features such as redundancy if desired.
In order to optimize the benefits of improvements, it is necessary to consult with seasoned systems integration engineering companies such as Automation IT, who are impartial suppliers so that they can assist both major PLC and SCADA brands. Automation IT can help with all types of updates, from comparatively easy like-for-like conversion between small compatible systems to extensive system architecture analysis and improvement solutions for critical and non-critical locations with vast volumes of I/O and related dynamic process management.
For more information about Scada Systems Integrator, please visit https://www.hydrotrent.com