A control system refers to a computer based facility - system and equipment which is used to remotely monitor and control sensitive processes and physical functions. It collects and processes measured values and operational data in the field of facilities and conveys control commands to local or remote equipment. These control systems play the role of a central nervous system for energy-based facilities. If a control system were to undergo cyber attack from the outside, there could be negative consequences for public health and safety. These control systems have been regarded as safe from external threats of cyber attack up to now, but remote systems in the wrong hands could be utilized to cripple or shut down infrastructure systems through insertion of a virus or other malicious software which seriously damage other systems in the network, or associated networks in the industry (SQL injection attacks, DNS poisoning, Dos attacks). Data theft and hacking process control terminals that are left un-monitored are the major problems in oil and gas industry. Continuous monitoring regular scanning and updates of the software that are being used can leave us in safe zone. However, considering the cases of attacks recently reported abroad and the trend of openness and standardization of SCADA facilities, we cannot be sure about their safety from such cyber threats as hacking and cyber terror because of the potential threats posed by specific groups.
This paper explores the recent evolution of SCADA and its environment, it further explains the need for improved security in these systems, and describes some of the emerging research areas in SCADA security, especially for oil & gas industries, that offer promise for the future.