Developer(s) | Siemens |
---|---|
Initial release | 1996 |
Stable release | V8.0 / March 2023 |
Operating system | Microsoft Windows |
Type | SCADA |
Website | SIMATIC WinCC |
SIMATIC WinCC is a supervisory control and data acquisition (SCADA) and human-machine interface (HMI) system from Siemens. SCADA systems are used to monitor and control physical processes involved in industry and infrastructure on a large scale and over long distances. SIMATIC WinCC can be used in combination with Siemens controllers. WinCC is written for the Microsoft Windows operating system. [1] [2] It uses Microsoft SQL Server for logging and comes with a VBScript and ANSI C application programming interface. [3]
In 2010, WinCC and PCS 7 were the first known SCADA systems to be specifically targeted by malware. The Stuxnet worm can spy on and even reprogram infected systems. [4]
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on exploiting the advantages of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
A programmable logic controller (PLC) or programmable controller is an industrial computer that has been ruggedized and adapted for the control of manufacturing processes, such as assembly lines, machines, robotic devices, or any activity that requires high reliability, ease of programming, and process fault diagnosis.
In the industrial design field of human–computer interaction, a user interface (UI) is the space where interactions between humans and machines occur. The goal of this interaction is to allow effective operation and control of the machine from the human end, while the machine simultaneously feeds back information that aids the operators' decision-making process. Examples of this broad concept of user interfaces include the interactive aspects of computer operating systems, hand tools, heavy machinery operator controls and process controls. The design considerations applicable when creating user interfaces are related to, or involve such disciplines as, ergonomics and psychology.
SCADA is a control system architecture comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes. It also covers sensors and other devices, such as programmable logic controllers, which interface with process plant or machinery.
A distributed control system (DCS) is a computerized control system for a process or plant usually with many control loops, in which autonomous controllers are distributed throughout the system, but there is no central operator supervisory control. This is in contrast to systems that use centralized controllers; either discrete controllers located at a central control room or within a central computer. The DCS concept increases reliability and reduces installation costs by localizing control functions near the process plant, with remote monitoring and supervision.
Open Platform Communications (OPC) is a series of standards and specifications for industrial telecommunication. They are based on Object Linking and Embedding (OLE) for process control. An industrial automation task force developed the original standard in 1996 under the name OLE for Process Control. OPC specifies the communication of real-time plant data between control devices from different manufacturers.
An energy management system (EMS) is a system of computer-aided tools used by operators of electric utility grids to monitor, control, and optimize the performance of the generation or transmission system. Also, it can be used in small scale systems like microgrids.
Citect is now a group of industrial software products sold by Aveva, but started as a software development company specialising in the Automation and Control industry. The main software products developed by Citect included CitectSCADA, CitectSCADA Reports, and Ampla. As of August 2021, Citect SCADA is now known as AVEVA Plant SCADA.
VBA32 is antivirus software from the vendor VirusBlokAda for personal computers running Microsoft Windows. It detects and neutralizes computer viruses, computer worms, Trojan horses and other malware in real time and on demand.
Inductive Automation is a supplier of web-based industrial automation software based in Folsom, California, US. The Ignition SCADA platform is the company's main product line.
CPLINK and Win32/CplLnk.A are names for a Microsoft Windows shortcut icon vulnerability discovered in June 2010 and patched on 2 August that affected all Windows operating systems. The vulnerability is exploitable when any Windows application that displays shortcut icons, such as Windows Explorer, browses to a folder containing a malicious shortcut. The exploit can be triggered without any user interaction, regardless where the shortcut file is located.
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, multiple independent news organizations recognize Stuxnet to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency.
Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200. Duqu has exploited Microsoft Windows's zero-day vulnerability. The Laboratory of Cryptography and System Security of the Budapest University of Technology and Economics in Hungary discovered the threat, analysed the malware, and wrote a 60-page report naming the threat Duqu. Duqu got its name from the prefix "~DQ" it gives to the names of files it creates.
Ignition is an Integrated Software Platform for SCADA systems released by Inductive Automation in January 2010. It is based on a SQL Database-centric architecture. Ignition features cross-platform, web-based deployment through Java Web Start technology. The Ignition platform has three main components: the Ignition Gateway, the Designer, and the runtime clients. Independent modules provide separate functionality in any or all of the platform components. Ignition SCADA modules provide features such as: Real-Time Status Control, Alarming, Reporting, Data Acquisition, Scripting, Scheduling, MES, and Mobile support.
SCADA Strangelove is an independent group of information security researchers founded in 2012, focused on security assessment of industrial control systems (ICS) and SCADA.
Operational technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events. The term has become established to demonstrate the technological and functional differences between traditional information technology (IT) systems and industrial control systems environment, the so-called "IT in the non-carpeted areas".
IntegraXor is a supervisory control and data acquisition (SCADA) and human-machine interface (HMI) software system developed by Ecava and first released in 2003.
SIMATIC is a series of programmable logic controller and automation systems, developed by Siemens. Introduced in 1958, the series has gone through four major generations, the latest being the SIMATIC S7 generation. The series is intended for industrial automation and production.
Pipedream is a software framework for malicious code targeting programmable logic controllers (PLCs) and industrial control systems (ICS). First publicly disclosed in 2022, it has been described as a "Swiss Army knife" for hacking. It is believed to have been developed by state-level Advanced Persistent Threat actors.