Re: SCADA in the Cloud?
I work for a company that develops cloud-based SCADA for utilities (no involvement with this project though). There are ways to address these issues.
1. In our system, equipment control (PLC) and alarm processing run at the site, not in the cloud. The cloud HMI sends control requests and receives status responses, alarms, performance data etc. If the cloud HMI goes down, the site will continue to do the last thing it was told, and record alarms and historical data values.
2. Communication from the HMI to the site is completely separate from communication between the HMI and the users. Also, site comms automatically fail over between multiple connections. Typically, at least one of these does not entail tunneling over the public internet.
3. If the HMI is down hard due to hack, crash, DOS, or whatever, there is a local HMI running at the site that a customer can either lay hands on (if at the site) or remote into (if not), which can also issue control requests to the PLC.
4. Since point data is recorded in an onsite SQL DB, when HMI comms come back up the operator has a complete picture of everything that took place during the comm outage.
We have other protections and redundancies in place as well. The point is, we're not idiots and we're not making $15 IOT light bulbs. We know that this is critical infrastructure, and we don't want it to be fragile or vulnerable.
No security is perfect, obviously. Natanz and Russia's attacks on Ukraine's grid are just two examples of how even air-gapped, non-cloudy SCADA can be vulnerable to a well-resourced attacker.