Cloud SCADA

One of our current projects is upgrading a client’s SCADA computer. This computer had reached the end of its lifecycle and was beginning to be unreliable and extremely slow. Although the project started with the desire to replace this computer with new on-premises hardware, we quickly reevaluated this option with the customer due to ongoing supply chain issues that originated from the worldwide chip shortages.

In Industrial Control Systems (also called Operational Technology or OT), SCADA computers tend to have one of the shortest life cycles as they follow the IT replacement schedule (replace every 3 to 4 years depending on their utilization). However, in practice we often don’t see this schedule followed and computers are frequently being used until they fail. For the project mentioned above, the client experienced two unplanned computer failures in their SCADA infrastructure within the past 4 years. These kinds of outages can leave a municipality operating its water and/or wastewater system blind and can result in significant overtime resources until a replacement can be put in place.

When using a hardware-based city-wide SCADA system you often have a network bottleneck, as all PLCs across a city are required to speak to the site that your computer is installed at (figure 1). While the network bottleneck can be mitigated by having redundant network paths back to the SCADA computer, the impact if a failure occurs on that path is significant.

Figure 1: Typical SCADA Network

In light of these considerations, for this project we decided to implement a cloud-hosted SCADA solution (see figure 2). This helps further mitigate against many of the issues discussed. Primarily, the SCADA computer does not need to be replaced at a regular interval. Hardware failure is a non-issue. Based on this particular customer’s “availability” needs, a public cloud service provider was chosen. Such providers (e.g. Google, Amazon, and Microsoft) are responsible for maintaining the hardware that operates the cloud infrastructure. The risk caused by the network bottleneck is also reduced as most of the network utilized to communicate with the cloud-hosted SCADA is maintained by internet service providers (ISPs) and the cloud service providers, both of which would have a lot larger budget allocated for network maintenance.

Figure 2: Typical Cloud Network

Utilizing a cloud-based SCADA system has the following further advantages:

  • Computer hardware is maintained through a cloud services contract. This creates a structured cost (see below) and improves resiliency and scalability of the system. Physical security of the SCADA server is no longer a concern.
  • Remote access and performance of the overall system is improved. Cloud services are readily accessible for authorized users, and cloud infrastructure is designed with criticality and redundancy as a priority.
  • No static IP or carrier level internet is a requirement for SCADA computer location, this provides a monthly cost savings from ISP.
  • No regular replacement of hardware needed for the SCADA server. As suggested above, computer hardware is recommended to be replaced about every 3 years. With the cloud option, replacement hardware for the server is not required. Only view node stations need to be updated, and they do not need to be replaced as frequently.
  • The SCADA functionality is no longer reliant upon the local SCADA computer internet connection, standby generator, UPS, batteries, or local physical infrastructure being active and online.
  • Disaster recovery is streamlined with minimal downtime – no site visits are required to maintain versioned backups.
  • Cloud platforms can provide an uptime guarantee.
  • Total cost of ownership of a SCADA system is reduced on a typical 4-year term.

A key difference in pricing scheme to highlight between a physical server and a cloud server is the cost structure. A physical server requires an investment every 3 to 4 years for updated computer hardware, including the cost to migrate the SCADA system to that new hardware, with ongoing maintenance for windows updates and backups. Additionally, hardware failure can result in unplanned expenditures and periods of SCADA downtime while new hardware is deployed and configured. A cloud-hosted SCADA system requires an initial migration of the SCADA server within cloud infrastructure. Remaining ongoing fees from that point forward are for maintenance and server costs. Therefore, no investment in new server infrastructure is required in 3, 6, 9, etc. years, as costs are distributed over time.

If you are interested in migrating your SCADA to the Cloud, give us a call at 250-372-1486 or contact us at https://xenoncyber.ca/contact-us/.
Jason Marchese, P.Eng PMP
Project Engineer


1 Static IP requirement based on SCADA location being a VPN Endpoint as seen in figure 1.

2 Local internet connection at SCADA view station only required for viewing data at that site. SCADA server will continue to collect data as long as the cloud service provider has internet access and connection to at least one PLC.