SCADA Security

In an increasingly connected world strong SCADA security is important to protect your equipment from un-authorized access.

Fernhill SCADA provides these defensive measures to protect your system:

Transport Layer Security (TLS) is used to encrypt and protect all communications between client applications and the Fernhill SCADA Server.
The Fernhill SCADA Server uses a 2048-bit RSA public key to secure communications with client applications. Each Fernhill SCADA Server generates a unique key, which is renewed annually.
The Fernhill SCADA Server checks all requests from client applications. Any request that contains out of bounds data is silently disconnected by the SCADA Server to provide minimal information to an adversary.
User authorization is delegated to the host operating system. In a domain environment, you can manage which users access the SCADA Server from a central point.
What users are allowed to do is controlled by zones and privileges.

Note: No software guarantees absolute security. The design and architecture of Fernhill SCADA aims to make an attack infeasible even for organisations with extensive resources.

Zones and Privileges

Changes or actions in Fernhill SCADA are protected by privileges.

The security editor allows you to control the privileges of individual users, or user groups:

Privileges can be granted globally or to specific zones. You can use the Configuration Tool to configure which zone each tag belongs to.

If you would like more information, see User Rights in the online documentation.