What is SCADA? Supervisory Control and Data Acquisition

By | March 26, 2026
0 Comment

SCADA stands for Supervisory Control And Data Acquisition. It is a system that lets you watch and control industrial processes from one central place. It collects data from equipment in the field, shows it to operators on screens, raises alarms when something goes wrong, and sends control commands back to equipment.

SCADA is common in:

  • Power grids
  • Water and wastewater treatment
  • Oil and gas pipelines
  • Manufacturing plants
  • Mining operations
  • Building services

It is used when assets are spread across a wide area, or when you need one control room to see the whole operation.

In simple terms, SCADA does five things:

  1. Data acquisition — Gets measurements from field devices.
  2. Supervisory control — Lets operators supervise and send high-level commands.
  3. Visualization — Shows the process clearly on screens.
  4. Alarm handling — Tells people fast when something is wrong.
  5. History and reporting — Stores data and turns it into trends and reports.

SCADA vs PLC vs DCS

These terms often get mixed up. They work together, but they are not the same thing.

PLC (Programmable Logic Controller) A PLC is a controller. It runs control logic in real time, close to the process. For example, it starts a pump when a tank level is low and stops it when the level is high.

DCS (Distributed Control System) A DCS is used in continuous process plants like refineries and chemical plants. The control and operator stations are tightly linked in one system. A DCS usually assumes all assets are on the same site or plant network.

SCADA SCADA is built for watching many devices, often spread over wide areas. It focuses on monitoring, alarms, and remote operations. The actual control loops usually run in PLCs or RTUs — not inside the SCADA server itself.

How they work together: The PLC or RTU handles fast, local control. SCADA handles the big picture — monitoring, alarms, and operator actions.

Where SCADA Is Used

Water and Wastewater

Reservoir levels, tank levels, pump stations, chlorine dosing, flow rates. Remote sites are often connected by radio or cellular. Operators need alarms for high levels, pump failures, and power loss.

Electric Power

Substation monitoring, breaker status, transformer temperatures, feeder currents and Fault detection. Fast event data may come from protection relays and RTUs. Systems often use IEC 61850 inside substations and ICCP/TASE.2 for links between control centers.

Oil and Gas Pipelines

Pressure, flow, valve positions, and compressor stations. Many remote sites with long-distance communications. Bandwidth can be limited in some areas.

Manufacturing Utilities

Boilers, compressors, chillers, power distribution, and water systems. SCADA may sit above several PLC-controlled lines.

What a SCADA System Actually Does

1. Real-Time Monitoring

Shows live values like pressure, flow, speed, temperature, and equipment status. Updates may come every second, every few seconds, or only when a value changes.

2. Operator Control (Supervisory Control)

Operators can start and stop equipment, open and close valves, and change setpoints — with proper permissions. These are “supervisory” commands. The low-level logic still runs in the PLC or RTU.

3. Alarm Management

Covers high/low limits and digital alarms, alarm priorities and categories, acknowledgement and shelving, and alarm history for review.

4. Data Historian (Trends and Reports)

Stores time-series data. Allows trending, comparisons, and performance checks. Supports reports like daily flow totals or energy use.

5. Event Logging and Audit Trails

Records operator actions and configuration changes. Helps with troubleshooting and compliance.

6. Remote Access (Carefully Controlled)

Provides engineering access for support and operator access for remote control rooms. Typically controlled by jump hosts, VPN, multi-factor authentication, and strict access rules.

Core Building Blocks of a SCADA System

A SCADA system is not one box. It is a stack of parts.

A. Field Instruments and Actuators (Level 0)

These are the physical devices that touch the process:

  • Sensors: Pressure transmitters, flow meters, temperature probes.
  • Switches: Limit switches, float switches.
  • Actuators: Valves, motors, pumps, breakers.

They produce raw signals — analog (4–20 mA, 0–10 V), digital (on/off), or smart digital (HART, Profibus, IO-Link).

B. Controllers: PLCs and RTUs (Level 1)

These devices collect signals from instruments and run logic.

  • PLC: Common in plants and factories. Good for fast logic and automation.
  • RTU (Remote Terminal Unit): Common at remote sites. Built for harsh environments and low power. Often has strong communication options.

Their key jobs are to read inputs, run local control logic, write outputs, and send data upstream to SCADA. Local logic matters — it keeps the process safe if communications fail.

C. Communications Network

SCADA needs a data path between remote sites and the control center. Common options include fiber or copper Ethernet (in-plant), licensed or unlicensed radio, cellular (4G/5G/LTE), microwave links, satellite (for remote areas), and serial links (still found in older sites).

The important qualities of the network are latency, bandwidth, reliability, security, and coverage.

D. SCADA Servers (Level 2)

These run the SCADA software and handle data collection from PLCs and RTUs, alarm processing, the tag database, user login and permissions, command routing, and interfaces to historians and other systems.

Servers are often split into roles: I/O or communication servers, alarm servers, application servers, and redundant pairs (primary and standby).

E. HMI / Operator Workstations

HMI stands for Human-Machine Interface. This is what operators see and work with — mimic diagrams, trends, alarm lists, control popups, and maintenance pages.

HMI quality matters a lot. A poor HMI increases the chance of operator mistakes.

F. Historian and Reporting

A historian stores time-series data in a way that is efficient to query. It supports process improvement, incident review, compliance reporting, and KPI dashboards. Historians can be separate products or built into the SCADA platform.

G. Engineering Workstations

Used for system configuration, tag management, graphics editing, and PLC programming. Engineering access needs strong controls because it is a high-risk path into the system.

How SCADA Data Flows

Here is a typical cycle:

  1. A sensor measures a value in the field.
  2. A PLC or RTU reads the sensor.
  3. The PLC/RTU sends the value to the SCADA server through a protocol.
  4. SCADA updates the operator screen and checks alarm limits.
  5. If a limit is exceeded, SCADA raises an alarm.
  6. An operator acknowledges the alarm and may send a command.
  7. The command goes back to the PLC/RTU.
  8. The PLC/RTU carries out the action and reports the new status.
  9. The historian stores the data for later trending and reports.

SCADA Architectures

1. Single-Site SCADA

One control room, one plant network, many PLCs. Often called “factory SCADA.”

Pros: Simpler network. Lower communication complexity. Cons: Can still have security and reliability issues if not designed well.

2. Multi-Site / Wide-Area SCADA

Many remote sites. A central control center collects data from all of them. Communications may be unreliable or slow.

Pros: Central visibility. Remote operations. Cons: Must handle communication loss gracefully. More complex security boundaries.

3. Redundant SCADA

Dual servers, dual networks, dual historians. Can be hot standby or active/active, depending on the platform.

Pros: Higher uptime. Cons: Higher cost and more complexity. Redundancy must be tested regularly to be trusted.

4. Hybrid SCADA + IIoT / Cloud

Edge gateways push data to cloud or enterprise systems. SCADA still handles day-to-day operations. The cloud may be used for analytics, dashboards, and long-term storage.

Pros: Better data sharing and analytics. Cons: Larger attack surface. Governance and data ownership become harder to manage.

Common SCADA Protocols

Protocols define how SCADA talks to PLCs, RTUs, and other systems.

Modbus (RTU/TCP): Simple and widely supported. Often used for meters and PLCs.

DNP3: Common in power and water. Handles events better than Modbus.

IEC 60870-5-101/104: Common in electric power, especially outside North America.

IEC 61850: Used for substation automation. Uses MMS and GOOSE messaging.

OPC DA and OPC UA: Used for plant integration. OPC UA is the newer version and has better security features.

MQTT / Sparkplug: Growing in IIoT-style designs for publish/subscribe messaging.

Protocol choice affects performance, event handling, time stamping, cybersecurity controls, and vendor compatibility.

Key Design Goals

SCADA design is about trade-offs. These goals come up in most projects.

Availability

Operators need the system running. Downtime can stop production or reduce safety. Typical measures include redundant servers, redundant power, redundant network paths, and regular backup and restore tests.

Reliability

Data should be correct, and commands should work as expected. This requires good tag quality checks, proper scaling and units, clear communication status indicators, and handling for stale data and bad quality flags.

Performance

The system must refresh screens fast enough for operators. Performance depends on poll rates, number of tags, alarm rates, historian load, and graphics complexity.

Safety

SCADA is not the safety system in most designs, but it must not make safety worse. Safety functions stay local in the PLC or SIS. SCADA commands go through permissives and interlocks in PLC logic. Manual vs. auto states and control ownership must be clear.

Maintainability

These systems run for 10 to 20 years. People change. Vendors change. Good maintainability needs naming standards, documentation, template-based graphics, a clean alarm philosophy, and configuration management.

Alarm Management

Alarms are one of the main reasons SCADA exists. But bad alarms create noise and reduce trust.

A practical alarm approach includes:

  • Clear priorities (High, Medium, Low).
  • Meaningful messages (e.g., “Pump 3 motor overload”).
  • Operator action guidance (e.g., “Check MCC breaker, then reset overload”).
  • Avoidance of duplicate alarms (e.g., one “Comms fail” should not trigger 200 derived alarms).
  • Alarm suppression rules during maintenance.
  • Regular alarm reviews after incidents.

Many sites use an “alarm philosophy” document to keep things consistent.

Time and Data: Historian Basics

If you want trends you can trust, you need to think about time.

Key points:

  • Decide where time stamps come from — the PLC/RTU or the SCADA server.
  • Use time synchronization. NTP is common. PTP may be used in some environments.
  • Define sampling rules: periodic (every 1s, 5s, or 1min), or exception-based (store only when the value changes).
  • Store quality flags. Do not hide bad data.

A historian is not just storage. It is part of operations and incident review.

Cybersecurity in SCADA

SCADA systems are targets. Attacks can cause real-world damage.

1. Network Segmentation

Separate the network into zones and limit the pathways between them. A common structure is:

  • OT control network — SCADA servers, PLC communications.
  • OT DMZ — Data sharing layer.
  • IT network — Email, internet, business apps.

Use firewalls between zones. Control which ports and protocols are allowed to cross.

2. Least Privilege and Role-Based Access

Operators should not have admin rights. Engineers should use separate accounts for admin tasks. Use unique accounts and avoid shared logins.

3. Secure Remote Access

Remote access is useful but risky. Good patterns include VPN with multi-factor authentication, a jump server or bastion host, session recording where possible, and time-limited access windows.

4. Patch and Vulnerability Management

OT patching is hard because downtime is expensive. But you still need an asset inventory, patch testing, planned maintenance windows, and compensating controls for systems that cannot be patched.

5. Backups and Recovery Testing

Backups that were never tested are not real backups. Back up SCADA servers, historians, HMI configurations, PLC programs (where allowed), and network device configurations. Test restores regularly and document the steps.

6. Monitoring and Logging

You want visibility without breaking OT operations. Common controls include central log collection (SIEM or OT monitoring tools), alerting on unusual logins or rule changes, and network anomaly detection for OT protocols.

7. Standards and Guidance

Many teams align with IEC 62443 (industrial security) or NIST SP 800-82 (ICS security guidance). Even if you do not fully comply, they provide a solid checklist to work from.

Integration With Other Systems

SCADA data is valuable outside OT, but integration must be controlled.

Common integration paths include historian replication to IT, an OPC UA gateway in the DMZ, a data diode (one-way transfer) for high-security sites, and MQTT brokers for selected telemetry.

Good practice: Do not connect SCADA servers directly to the internet. Do not let enterprise apps talk directly to PLCs. Put integration layers in the DMZ.

SCADA Lifecycle

1. Requirements and Scope

Define sites and assets, number of tags, alarm philosophy, reporting needs, uptime targets (and what “downtime” means), and cybersecurity requirements.

2. Design

Create network diagrams, server architecture and redundancy design, naming standards, user roles and permissions, and interface lists (protocols, IPs, ports).

3. Build and Test

Run a Factory Acceptance Test (FAT) in a lab environment, then a Site Acceptance Test (SAT) at the real site, along with loop checks and point-to-point tests.

4. Commissioning and Cutover

Plan migration steps, a rollback plan, operator training, and alarm tuning after go-live.

5. Steady Operations

Keep the system healthy with routine backups, periodic restore tests, system health checks, alarm reviews, user access reviews, and patch cycles.

Common Mistakes in SCADA Projects

Mistake 1: Treating SCADA as just “screens”

SCADA is a full system — communications, servers, security, procedures, and training. Design the whole stack, not just the HMI.

Mistake 2: Too many alarms

If everything is an alarm, nothing is. Use an alarm philosophy and focus on alarms that require action.

Mistake 3: Poor naming and no standards

Messy tag names lead to mistakes and slow troubleshooting. Create naming rules early and use templates.

Mistake 4: Remote commands with weak interlocks

A wrong click can cause damage. Put permissives and interlocks in PLC logic. Use command confirmations and control ownership rules.

Mistake 5: No real disaster recovery plan

Many sites only discover this gap during an outage. Document recovery steps, test restores, and keep spares and system images.

Mistake 6: Weak security defaults

Default passwords and flat networks are common failure points. Segment networks, enforce MFA for remote access, and remove unused services.

Practical SCADA Checklist for IT/OT Teams

Operations

  • Are communication failures clearly visible to operators?
  • Are alarms actionable and prioritized?
  • Is there a way to see stale or bad-quality data?

Engineering

  • Are tag names consistent?
  • Are graphics template-based?
  • Are changes tracked and reviewed?

Infrastructure

  • Is there server redundancy where needed?
  • Are backups automated?
  • Are restore tests documented and repeated?

Security

  • Are networks segmented with firewalls?
  • Is remote access controlled by MFA and jump hosts?
  • Are admin actions logged and reviewed?

Integration

  • Does IT get data through a controlled interface (DMZ, historian replication)?
  • Is PLC access restricted to OT tools only?

Glossary

TermMeaning
TagA named data point in SCADA (e.g., Tank1.Level).
HMIHuman-Machine Interface — operator screens for viewing and control.
RTURemote Terminal Unit — a remote device that collects data and communicates to SCADA.
PLCProgrammable Logic Controller — runs logic and controls equipment.
HistorianA database built for time-series process data.
AlarmA condition that needs operator attention.
EventA logged change, like a breaker opening.
DMZDemilitarized Zone — a buffer network between IT and OT.
Purdue ModelA layered model for organizing and segmenting industrial networks.
SISSafety Instrumented System — dedicated system for safety-critical functions.
MFAMulti-Factor Authentication — requires more than one proof of identity to log in.
OPC UAOpen Platform Communications Unified Architecture — a modern protocol for plant data integration.

Summary

A SCADA system is the control room layer that helps teams monitor, alarm, trend, and supervise industrial processes. It sits above PLCs and RTUs. It relies on communication networks and server infrastructure. Done well, SCADA improves uptime and response time. Done poorly, it creates alarm noise, confusion, and security risk.

Blog
Author: Zakaria El Intissar

I'm an automation and industrial computing engineer with 12 years of experience in power system automation, SCADA communication protocols, and electrical protection. I build tools and write guides for Modbus, DNP3, IEC 101/103/104, and IEC 61850 on ScadaProtocols.com to help engineers decode, analyze, and troubleshoot real industrial communication systems.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *