Emergency Plan - Grand Strand Water and Sewer Authority
Emergency Plan - Grand Strand Water and Sewer Authority
Emergency Plan - Grand Strand Water and Sewer Authority
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
SCADA Failure / Cyber-Attack<br />
EVENT SPECIFIC GUIDELINES 9 (ESG-9)<br />
SCADA FAILURE / CYBER-ATTACK<br />
3.2.28. SITUATION<br />
GSWSA utilizes Supervisory Control <strong>and</strong> Data Acquisition (SCADA), sometimes<br />
referred to as telemetry, throughout the water <strong>and</strong> wastewater systems.<br />
SCADA is used to monitor a number of parameters at the wastewater lift stations, such<br />
as power outage, pump failure, high level in the Wet Well, etc.<br />
SCADA is used to monitor a number of parameters at the wastewater treatment plants,<br />
such as power outage, pump failure, high tank/basin level, chlorine leak, etc.<br />
SCADA is used to monitor a number of parameters at the water treatment plant <strong>and</strong><br />
remote well <strong>and</strong>/or tank sites, such as power outage, plant shutdown, pump failure,<br />
chlorine leak, etc. It is also used to control many aspects of the water plant, including<br />
starting / stopping pumps, opening/closing valves, etc.<br />
SCADA is used to monitor <strong>and</strong> control the rate <strong>and</strong> volume of supplemental water<br />
being provided to other utilities, <strong>and</strong> to monitor certain water quality parameters.<br />
SCADA monitoring <strong>and</strong> control signals are transmitted to <strong>and</strong> from remote sites via an<br />
800 MHz radio system.<br />
3.2.29. THREAT or HAZARD INFORMATION<br />
A failure of the SCADA system would result in a loss of the above remote<br />
functionality.<br />
A cyber-attack, or “hacker”, taking control of the SCADA system would give them<br />
remote control over many aspects of GSWSA’s water treatment plant <strong>and</strong> water system.<br />
Another potential scenario involves a physical attack on our facilities being “hidden”<br />
by forcing all SCADA conditions to appear normal or preventing an Operator from<br />
responding to investigate alarm conditions. This could significantly delay our detection<br />
of unauthorized access to or even damage to our facilities.<br />
3.2.30. CONCEPT of OPERATIONS<br />
GSWSA employs several layers of security for remote access to the SCADA system.<br />
These include, but are not limited to the following:<br />
In order to make any operational changes through the SCADA system, an ID <strong>and</strong><br />
password must be correctly entered.<br />
3.2.31. EMERGENCY PROCEDURES<br />
<strong>Gr<strong>and</strong></strong> <strong>Str<strong>and</strong></strong> <strong>Water</strong> & <strong>Sewer</strong> <strong>Authority</strong> 115 CONFIDENTIAL MATERIALS<br />
<strong>Emergency</strong> Management <strong>Plan</strong><br />
SECURITY SENSITIVE<br />
June 7, 2013<br />
NOT FOR PUBLIC DISCLOSURE