The Defense-In-Depth Architecture and the Supervisory Control and Data Acquisition (SCADA) Systems

225 views 3 pages ~ 621 words
Get a Custom Essay Writer Just For You!

Experts in this subject field are ready to write an original essay following your instructions to the dot!

Hire a Writer

Unauthorized Access to Network Resources and the Role of SCADA Systems

For many years now, there are increased cases of unauthorized access to network resources as well as critical data because of the proliferation of Internet of Things devices. Therefore, many organizations such as hospitals, schools, and government institutions are embracing the Supervisory control and data acquisition (SCADA) systems to offer protection against intruders, as a result minimize the risks of data breaches.

Defense-in-Depth Architecture

Defense-in-depth architecture, for many years, have been used to reduce the risks of supervisory control as well as data acquisition being accessed by intruders because it is built around a dual-data model. It is easy to connect various sensors and legacy systems through the dual-data approach. Numerous studies show that, defense-in-depth architecture is a secure system that is not found in many of the security networks, which often lack effective protection against intruders. The defense-in-depth-architecture is a multilayer architecture that involves two or more security mechanisms. This approach is commonly referred to as a defense in depth since, even if one measure fails, it cannot affect the whole system, as a result minimizing the business services to be interrupted. Using two or more firewalls, defense in depth approach creates demilitarized zone (DMZ) and employs intrusion detection and prevention system (IDS/IPS) devices. Additionally, it embraces effective security policies as well as business operations. Apart from protecting large architectures, the use of several DMZs provides extra security to separate functionalities. Further, the defense-in-depth architecture has several other features such as the API (xAPI), and the learning record store (LRS), which are respectively used to store as well as retrieve data across diverse platforms and stores data generated from SCADA (Wang, 2016).

SCADA System and its Application in Industrial Control Systems

SCADA system, on the other hand, is an industrial control system (ICS) used by organizations to monitor as well as control processes across remote sites. Over the years, ICS have found much use in critical infrastructure sectors such as water treatment, clean water supply, electricity, and transportation systems. SCADA infrastructure have found use in the collection of data from the field, transferring it to a control center, perform data abstraction, and presenting decision makers with information. Typically, the supervisory control and data acquisition systems are comprised of several basic parts such as sensors, PLCs, servers as well as master terminal units (MTUs), human machine interfaces (HMIs), and network and communication equipment (Wang, 2016).

Segregation and Security of SCADA and IoT Networks

SCADA and the IoT and corporate control networks should be segregated to enhance security. The security on the IoT and corporate control networks can be improved by using a two-port firewall between them. Further, the SCADA as well as the corporate networks are protected from hackers by establishing a demilitarized zone between them. Three interfaces must be offered by the firewall and separately connecting them to the corporate or IoT networks, the SCADA network, and lastly, to the shared or insecure servers. The use of the first firewall is to block arbitrary packets from entering into the SCADA network or DMZ servers. The second and the third firewalls protect the SCADA network from unwanted traffic and also protect the shared servers in the DMZ from the SCADA network traffic respectively. Additionally, the SCADA as well as the defense-in-depth architecture use a more robust authentication approach. The two systems use SSL protocols as well as smart sensors with inbuilt hardware encryption capabilities to encrypt or authenticate information (Wang & Kelly, 2017).


Wang, S. (2016). Dual-data defense in depth improves SCADA security. Signal, (10), 42-44.

Wang, S., & Kelly, W. (2017). Smart cities architecture and security in cybersecurity education.       In Journal of The Colloquium of Information Systems Security Education (CISSE).          Edition (Vol. 4, pp. 155-169).

September 11, 2023


Subject area:


Number of pages


Number of words




Writer #



Expertise Company
Verified writer

I enjoyed every bit of working with Krypto for three business tasks that I needed to complete. Zero plagiarism and great sources that are always fresh. My professor loves the job! Recommended if you need to keep things unique!

Hire Writer

This sample could have been used by your fellow student... Get your own unique essay on any topic and submit it by the deadline.

Eliminate the stress of Research and Writing!

Hire one of our experts to create a completely original paper even in 3 hours!

Hire a Pro

Similar Categories