Much of Europe’s critical infrastructure which resides in sectors such as energy, transportation,water supply is largely managed and controlled by SCADA (Supervisory Control and Data Acquisition) systems, a subgroup of Industrial Control Systems (ICS). In the last decade SCADA technology has passed through a transformation, from isolated and proprietary systems into open architectures and standard technologies that are highly interconnected with other corporate networks and the Internet. A consequence of this transformation is the increased vulnerability to outside attacks.
One way to enhance the security of SCADA is through the application of patches. Ideally an organization would deploy patches as soon as they come available, however this is often not possible because of the complexity of the process in which SCADA systems are incorporated and because the systems often need to be operable at any given moment.