Beschreibung:
In recent years, critical infrastructure utilities have been faced with conflicting attitudes and cultural differences of where SCADA (Supervisory Control and Data Acquisition) and IT fit into an organizational structure. This lack of understanding between SCADA, IT processes, and business operations remains a concern for many utilities within the SCADA community. The importance of SCADA and IT relationships is an area of the SCADA landscape that is often unrecognised. This paper examines the results and findings of a SCADA and IT relationship survey that was undertaken to identify where SCADA operations fit within organizations around the world. It describes several proposed models that define the role and responsibility of SCADA within an organizational structure. It also presents a concept model for SCADA security responsibility and identifies key observations of SCADA and IT working together at the INL Control System Cyber Security Training in Idaho, USA. The main findings of the research suggest that clear defined roles and responsibilities for SCADA operations and SCADA security need to be established and secondly, that immediate cultural driven change is required in order to improve SCADA and IT relationships.