What is the difference between SCADA and DCS?

SCADA provides supervisory monitoring and control over geographically distributed infrastructure with relatively low data rates and high latency tolerance. DCS provides tight, real-time control of complex continuous processes within a single facility, with high data rates and low latency requirements. SCADA manages infrastructure spread across wide areas; DCS manages the detailed process loops within a plant. Modern systems increasingly blur this distinction.

Definition

SCADA (Supervisory Control and Data Acquisition)

A control system architecture using networked computers to monitor and manage industrial processes. SCADA systems are common targets for nation-state attacks against critical infrastructure.

What is SCADA (Supervisory Control and Data Acquisition)?

A control system architecture using networked computers to monitor and manage industrial processes. SCADA systems are common targets for nation-state attacks against critical infrastructure.

Supervisory Control and Data Acquisition (SCADA) is an ICS architecture that provides centralized monitoring and supervisory control over geographically distributed industrial processes. SCADA systems collect data from RTUs, PLCs, and sensors across dispersed field sites — power transmission infrastructure, water distribution networks, oil and gas pipelines, railway systems — and present it to operators in a central control room via HMI software.

SCADA systems are the digital nervous system of critical infrastructure. They are what water utility operators use to monitor reservoir levels and control pump stations across a service area. They are what power grid operators use to manage transmission infrastructure across regions. They are what pipeline operators use to monitor pressure and control flow across hundreds of miles. Compromising a SCADA system gives attackers supervisory control over the physical infrastructure it manages.

Nation-state actors have specifically targeted SCADA systems as instruments of strategic influence. The 2015 and 2016 Ukraine power grid attacks used custom malware to manipulate SCADA systems and cause widespread power outages. The Triton/TRISIS attack on a Saudi petrochemical facility targeted safety instrumented systems adjacent to SCADA. The US and allies have publicly attributed SCADA targeting to Russian, Chinese, Iranian, and North Korean threat actors.

Key Facts

CISA's ICS-CERT publishes SCADA-specific security advisories averaging 80+ per year
The 2015 Ukraine grid attack used spear-phishing to compromise SCADA operator workstations
SCADA systems for US critical infrastructure are actively targeted by state-sponsored threat actors per FBI and CISA advisories
Internet-exposed SCADA interfaces are readily discoverable via Shodan — over 100,000 are publicly accessible globally

How ORDR Addresses SCADA (Supervisory Control and Data Acquisition)

ORDR provides SCADA-specific monitoring by discovering and classifying SCADA software components (historians, HMI servers, engineering workstations) alongside the field devices they manage. Behavioral monitoring detects anomalous command patterns — commands to field devices outside normal operating parameters, unexpected connections to SCADA servers, unusual data extraction from historians — that may indicate attacker activity.

See ORDR in action

Frequently Asked Questions

Back to Glossary

Protect your operational technology.

ORDR discovers and monitors every OT asset in real time—even legacy PLCs and SCADA systems that cannot run agents.

REQUEST A DEMO OT Security Solutions