A Peaker-power plant typically has several OEM servers and PC workstations operating as a real-time SCADA, Historian, remote-access servers, and view node clients. These take up substantial space and require a lot of IT manpower to ensure the latest security patches, and virus definition files have been installed and all hardware is operating at peak performance. Some server and PC hardware at aging Peaker-plants may be close to or out of warranty in additional to their operating systems (OS) being obsolete and unsupported. At times, the parts needed to support the servers & PCs are hard to find and further limited by legacy software restrictions. In the event of a hardware failure, operators, that do not possess a migration strategy, are in a bind. The legacy SCADA software will not run on modern operating systems (OS) that come with modern server and PC hardware.

For those plants that do not possess the capital budget to pull the trigger on a complete SCADA modernization project, one solution available is SCADA infrastructure virtualization. In this context, virtualization in its purest form converts SCADA systems, dependent on obsolete hardware and operating systems (OS) into a software file that can run on a hypervisor program like Microsoft’s Hyper-V or VMware’s EXSi software. If configured correctly the operators should see no degradation in performance of the system.  It helps owners reduce the number of servers and PCs that IT personnel must support and helps with rapid recovery from hardware failures and disaster recovery (ransomware, OS and/or software corruption).  In addition, it provides a more efficient, cost-effective way to manage a Peaker plant’s hardware and protect critical infrastructure.

In the following picture, one will notice that five (5) and five (5) workstations were virtualized and replace with two (2) servers and three (3) thin clients. There will be a savings in electrical energy consumed due to a reduction in the amount of hardware needed and the amount of heat dissipated into the environment that will need to be removed by the HVAC unit. Security of SCADA assets will be increase since the servers can be physically locked away in an IT closet and the USB ports turned off on the thin clients thereby eliminating the opportunity of rogue USB thumb drives being plugged in.

Advantages of infrastructure virtualization include:

  • A longer life cycle of critical infrastructure,
  • Increased security for NERC while eliminating direct physical access to the actual SCADA servers,
  • A lower cost of ownership (IT administration),
  • An ability to migrate older legacy servers and software into modern equipment,
  • Fewer points of failure with appropriate redundancy,
  • Lower support requirements,
  • An increased critical infrastructure reliability,
  • An ability to migrate into the virtualized environment without needing the OEM,
  • An increased ability for testing of patch management offline without impacting production, and
  • A faster disaster recovery upon system failures without relying on the OEM.

The number of servers, amount of storage, and the anticipated future growth determines the appropriate infrastructure virtualization hardware for a site. Most commonly, virtual environments consist of two physical servers, arranged as a two-node cluster, supporting one virtual Network Attached Storage (NAS), virtual licensing server, and a virtual terminal server. The terminal server will make the HMI screens available to the thin clients.

Planning is the key to success here. Most systems allow for a live migration into the virtual environment with a short outage to make the cut from the physical system to the migrated virtual system. Some systems require scheduled downtime for migration to prevent data loss or corruption, which is common for database servers and data acquisition (OPC/Modbus, DNP3, 61850) servers.