Laboratory SCADA Systems – the State of Art and the Challenges

— The present review considers the hardware and control system structure of the modern SCADA systems. The commonly used communication infrastructure and data transmission protocols are described. Especially the trends in using wireless communication technology applications are analyzed. A number of different SCADA system applications are represented and its advantages and disadvantages are also discussed.

I. INTRODUCTION UPERVISORY Control and Data Acquisition Systems, known as SCADA systems, belong to the group of systems for management of processes with the name -Industrial Control Systems -ICS and are used to manage geographically dispersed sites, which are scattered thousands of square kilometers.They can be pipelines, water supply systems, power lines, railway transport, and various production and experimental systems.An essential characteristic is the requirement for reliable real-time management.SCADA systems can be of varying degree of complexity depending on the controlled process and the specific implementation [1,2].
During last years the SCADA systems are commonly used in the field of scientific investigation process, where more and more complex systems are examined.The R&D in this field adds challenges and specific requirements to measurement, monitoring and control system, used under installation tests.

A. Hardware and communication architecture
Despite all the differences SCADA systems share a common structure related to the different units and their functions.Management actions related to the production process are performed by remote terminals (Remote Terminal Units or RTU), PLCs (Programmable Logic Controllers or PLC) and intelligent electronic devices (IED -Intelligent Electronic Device) in automatic mode, which transmit telemetry data to the system and/or change the state of the objects based on the control messages.RTU devices communicate with the MTU (Master Terminal Unit), which has a direct connection to the HMI (Human Machine Interface).By the HMI the parameters of the managed process are monitored, the measured values are archived and new control values are issued if needed [3,4].The overall structure is presented in Fig. 1.The MTU monitor and control the entire information flow in the SCADA system and by HMI provides convenient human-machine interface [5].MTU manages all related remote terminals that can be located physically on a large area.In modern SCADA systems it is always based on computer on which operates specialized SCADA software.It may consist of a group of servers, where each one performs a different part of the taskdatabase connection, communication with the RTU devices, communication and user interface and etc. MTU can monitor and manage the process, even when the operator is missing.This is achieved by incorporating a schedule of commands and actions that to be carried out in the process management [3].
RTU devices interact directly with controlled process in real time via a link with thermometers, level meters, valves, actuators and other sensors and devices that have a direct connection with the physical processes.By them the remote terminals perform the basic tasks -management and data collection.RTU devices usually have no information on what they measure -they follow the control commands of the main terminal and sent information of the result [6].Communication with the various sensors and actuators is done through serial protocols -RS485, Industrial Ethernet and others that are using various media as a physical layer -copper Laboratory SCADA Systemsthe State of Art and the Challenges S. Lishev, R. Popov, and A. Georgiev S cable -twisted pair, coaxial cable or optical fiber.Often are used wireless protocols -ZigBee, Wi-Fi [7,8].Most RTU devices store collected information in memory and wait for request from the main terminal to send it.Management instructions are usually stored locally because of the limited speed of the communication with the MTU device.These instructions are usually placed in programmable logic controllers, which in the past were separated from RTU devices.Over time, the border between them has languished and terms have become interchangeable [9].The HMI is used to monitor and control the managed process by human.It consists of one or many computer terminals connected to the main terminal MTU by the network, which provide a suitable interface for managementmonitors, keyboards, mice and etc. Specialized software for SCADA is used, which ensures an intuitive visualization of the managed process, so that the operator can quickly respond in case of emergency or other extreme event.The basic requirements for human-machine interface are to provide global visibility of the managed process, information on its progress, and to allow monitoring to be carried out at different levels of abstraction.Alarms and error messages and deviations from norms are an important part of the functions of the HMI [10].
An important part of the structure of the SCADA system is the medium of communication between server and RTU devices.It can be realized through cable, telephone or radio.Primary requirement is to be "transparent"link-level abstraction of commands and responses should not depend on whether an RTU device is connected via cable or radio.

B. SCADA control systems architecture
It could be distinguished three main ways of connecting different units in terms of how to implement management [7]: • local control; • centralized control; • distributed control.The first type of control is done locally and the controller manages the process, sensors and actuators.It has a human machine interface that can be used to set control parameters and to monitor various parameters of the process.The connection to the supervisor level serves for simple commands to start/end or change a parameter, and sending status information and alarms.This type of management is usually used for simple systems.
In the second type the sensors and actuators are connected to the control room, where are located the MTU, HMI and all other units.The advantage of this architecture is that the operator can monitor and manage the entire system from one place and can react quickly in case of emergency.The disadvantage is the high price because connections to the sensors and actuators in the managed process must be duplicated, and the main controller has to ensure the sustainability of the system to accidents.This type of management has been used in the past, but now is rarely used.
The third type of architecture -distributed control, is one of the most commonly used because it combines the advantages of the other two.Controllers that perform control are near the managed process, but are connected by a network to a central controller in the control room.It receives a full management information and can change individual parameters and the entire algorithm and sequence of control.This type of architecture has a high degree of reliability because a fault in a controller does not affect the work of others and also individual controllers can continue to operate in case of loss of connection with the master terminal.The disadvantage of such systems is security, because it can be made intrusion in the algorithm of operation if it is used the global network.Therefore, if using this architecture, it is required to take special actions to protect from intrusion.

III. COMMUNICATION PROTOCOLS
Protocols for communication between different parts of a SCADA system are essential to the functionality and reliability of the system.Various protocols define the rules and scheme of communication between remote terminals and the main terminal -commands MTU-RTU, status information, presentation and transformation of data, setting the addresses of remote terminals, monitoring and control.Protocols for SCADA systems are designed to be compact [4].Typically used model is "master/slave" -remote terminals wait for command or query for status and then send a reply.In some cases, they can send messages on its own initiativewhen there is a failure of the sensor, actuator, or other emergency situation [5].For this reason, each protocol consists of two parts -the format of the messages from MTU to RTU devices, and format of the messages in the opposite direction -RTU-MTU.Mainly are used Internet-based protocols [6].
Some of the most frequently used protocols are [5]:

A. Modbus
Modbus is an entirely open serial protocol that is widely used for industrial automation [11].In terms of the OSI model is the 7th level -application layer.It provides client-server communication between devices connected to different networks.When used on the TCP/IP stack data exchange is carried out through port 502 [12].Modbus is suitable in cases where the transfer rate is low.

B. DNP3
DNP3 (Distributed network protocol) protocol is based on the three-layer model EPA (Enhanced Performance Architecture) to effectively connect IED in SCADA systems.It can be used to exchange messages between IED and RTU, and between the RTU and the main terminal.It is characterized by that it ensures high data integrity, has a flexible structure and a small amount of overhead.For this reason it can be used in a low-speed connection with a speed even of 1200 b/s.Most often it is specified on physical layer such as RS-232 or RS-485, using copper wire, optical fiber, radio or satellite.Newer implementations use an Ethernet connection [12].

C. IEC 60870-5
Protocol proposed by the International Electrotechnical Commission -IEC to be used in the electrical industry, but is also used in other industries.Fully open protocol for controlling processes that are distributed on a large territory controlled by SCADA systems -Telemetry and Control [13].

D. Profibus
It is based on the model master/slave, where the master device sends periodic queries to slave devices, and they should answer in the given time.Profibus supports more than one master device, because the right of access is given from one master device to the next [13].

E. Foundation Fieldbus
It is a protocol designed for communication in the field between networked devices -sensors, actuators, PLC controllers, drives and human-machine interfaces [14].

F. CANopen
The communication protocol of high level is based on CAN (Controller Area Network) protocol.It is designed for embedded systems, mainly automobiles and industrial systems, where there is movement.In terms of the OSI model it implement the above five layers -network, transport, session, application and presentation layer.The lower twophysical and data link are realized by CAN protocol [15].In SCADA systems is used to connect sensors and actuators to PLC / RTU controllers.
In recent years a set of new protocols are implemented for use in SCADA systems.Most of them are developed on the basis of the existing telecommunication network protocols, such as TCP/IP, GPRS, 3G/4G mobile network data exchange protocols, WiFi network protocols, low range data transmission wireless protocols ZigBee, Bluetooth, e.c.t.

IV. OVERVIEW OF THE EXISTING SCADA SYSTEMS -HARDWARE AND SOFTWARE TOOLS
The general concept of SCADA systems can be implemented in different ways according to the specific needs and requirements.We will look at various hardware and software tools in relatively simple systems, such as research laboratories with remote access, as well as more complex industrial applications.There are realized tree of the most commonly implemented in recent years approaches:  PC -PLC approach;  PLC WEB server approach  PC -DAQ board or embedded control board approach.
The any combination of these approaches is also usefull.

A. PC -PLC approach
A commonly used approach isan industrial computer with SCADA software, connected to PLC controllers, which control the physical process.The control functions are performed locally, by PLC and supervisory level sets the parameters of control and collects the results.
In [16] a system for laboratory remote access is described.It consisting of a couple of PLC Siemens S7-200, connected through CAN bus to a computer, on which operates LabVIEW™ [17] software.The structure of a remotecontrolled laboratory is shown on Fig. 2. Two experimental setups are connected to the PLC controllersan elevator experimental platform and a screw experimental platform.Each PLC has the capability to expand functionality through additional modulesthey can support protocols such as PROFIBUS, RS485 and Industrial Ethernet.The computer is equipped with interface module ZLG CAN PCI-5110 for CAN connection, and PLC controllers are connected via their RS485 port to an intelligent interface converter CAN485MB.Control instructions are located in the PLC.The capabilities of LabVIEW software to generate HTML pages from the front panel of virtual instruments allow remote Web access to control parameters.Fig. 2 Structure of a remote-controlled laboratory -source [16] In [18] is offered a similar solution for Web-based laboratory for experiments -devices that are managed are 3-phase induction motor, position encoder and magnetic powder brake.The system (Fig. 3) has a local control, but allows remotely changing the operating points and the algorithm that is used.Fig. 3 Web-based remote laboratory -source [18] The design is based on PLC Siemens S7-200 and PC with SCADA software SIMATIC WinCC.The programming of the controller is done by SIEMENS Step7 Microwin.It can use two languages -a list of commands and ladder diagram.The connection between the PLC and the PC is done via RS485 interface converter and PPI (Point-to-Point-Interface) connection to RS232 port.Remote access is done by a Web server whose Web interface is built using Visual Studio ASP.NET.At one time, only one user can use the control functions by registering with a user name and password.

B. PLC WEB server approach
We will look at another example of a laboratory that is based on the programmable logic controller Siemens S7-200.The laboratory has several workstations for experiments [19].Each workstation consists of a digital oscilloscope Tektronics TDS3014B, equipped with an Ethernet interface, a training model of a rectifier with change of phase angle and PLC controller (Fig. 4).Workstations are connected by a switch to a personal computer that combines the functions of SCADA and Web server.The use of Ethernet technology has its advantages because it is supported by multiple devices, besides almost every programming language allows the creation of programs with Internet connectivity [13].
Fig. 4 Remote laboratory architecture -source [19] In [20] a low cost, easy to implement system that is described.It uses (Fig. 5) a PLC controller VIPA and industrial router eWON4005CD.
Fig. 5 Operational architecture of on-line laboratory plant -source [20] The PLC and the laboratory equipment form the control level.To create a control program Siemens Step 7 software environment is used.
PLC controller is connected to the Internet through a router that supports Web and FTP server, remote management of PLC, data logging and translation of industrial protocols such as Modbus and Profibus.The user can connect via browser running on the personal computer or even a smartphone.The router and the connected user form the supervisory layer.The implementation of Web GUI used HTML5, CSS, jQuery and XML.Created experimental installation shows that traditional approaches to building remote laboratory equipment can be simplified with the use of appropriate software and hardware resources.
In [21] we see an example of industrial control system, which uses optical fiber link between PLC controllers and remote control room, in which is located the main terminal.The use of fiber optic cable has a number of advantages such as high speed transfer, resistance to electromagnetic interference, small physical size.The described system uses several HMI stations, so changing a parameter or occurrence of alarm can be registered by all operators, which makes it a good protection to human error.
In other project [22] the Global System for Mobile Communications is chosen for the wireless communication.
The system topology is shown on Fig. 6.Continuous monitoring of the process can be done through the SCADA software by interfacing it with an industrial modem to PLC.This could update us continuously about the process parameters.The type of PLC chosen here is 1762 MicroLogix 1200 Controllers.It contains isolated RS-232/RS-485 combo port for serial and networked communication.Tag Database, generated by SCADA software maintains a list of tags which are configured with an address, which could be either input address or output address from the PLC.These addresses are continuously monitored by the SCADA to provide a continuous real time representation of the process.There is possibility to monitor to certain tags directly from GSM mobile phone by using short message services (SMS).
Fig. 6 -The remote monitoring system topology -source [22] In [23] a SCADA/PLC system is used to control a whole oil refinery instead of the conventional control through DCS.It consists of four main units: a crude oil storage unit, a crude oil pretreatment unit, a distillation unit and products storage/dispatch unit (Fig. 7).The Multipoint Interface/ Decentralized Peripherals (MPI/DP) connection in main control loop is used, instead of Ethernet connection by the reason of higher data transfer speed through the system.Fig. 7 shows the GUI home page with the operation sequence diagram.

C. PC -DAQ board or embedded control board approach
Another approach used in the implementation of specialized SCADA systems is to use a combination of computer as the main terminal unit connected to Data Acquisition Board (DAQ board) or a specialized embedded system controller, designed for specific needs.If only DAQ boards are connected the system is a centralized control type.In a case, when specialized embedded system controllers are also included and performed local control functionsthe system is distributed control type.The last scenario is typically applied when high speed equipment is controlled in real time mode, which requires a high exchange rate of information between controller and equipment.
In [24] a microcontroller system for regulating the temperature, developed by board with digital and analog inputs and outputs is described.It is based on a 8-bit microcontroller ATMEGA 2560 from the company Atmel.The supervision level consists of PC with SCADA software Vijeo Citect v7.2 from Schneider Electric.Communication between the board with microcontroller and computer is done through the Modbus protocol running on the physical layer RS232.Temperature control is achieved by proportional control of the fan speed or by turning it on/off.The authors are proposing system with low cost and good scalability, because with the necessary hardware and software tools the inputs and outputs could be easily increased, in case to meet the needs of running a small factory.Such solution with microcontroller for temperature measurement is described in [25] where a LabVIEW is used as SCADA software and the connection to the PC is made also by RS232 interface.
A hybrid heating system, consisting of solar collectors, thermal accumulators based on phase change material and borehole heat exchangers is described in [26] Dozens of parameters are measured -temperatures, flow rates, electrical power and energy, solar radiation and others.The SCADA system consists of DAQ board LabJack™ UE9, connected to a computer by Ethernet with option to connect to Wi-Fi router.The various sensors and actuators are connected to a dedicated signal conditioning and interface board, which converts the signals so that they are compatible with the inputs and outputs of the DAQ module.The Data collection and management of the different modes of the system operation is performed by the software.The front panel of the operator interface is presented on Fig. 8. Fig. 8 The HMI panel for controlling a hybrid thermal system -source [24] LabVIEW application generates on a WEB server the secured html page with the same HMI monitoring screen and an ActiveX controls.It is available through the Internet from the remote computers.Another page is generated to be displayed by the smartphone browser.
In [27] a different type of system is described in terms of HMI operator interface.The system is used for the production of composite materials by pulsed plasma sintering by performing control and monitoring of the manufacturing process.The main element of the system is PLC controller with a processor RX3i CPE305.V. CONCLUSIONS Development of SCADA systems, in recent years indicates the presence of several distinct trends.Increasingly heterogeneous structure applies of their construction, both in terms of hardware resources, and in terms of communication networks used in them.
The most often-purpose structure in large SCADA systems distributed in large geographical regions is PC -PLC approach with integrated WEB server.
In smaller systems, particularly in research laboratories and laboratories for distance learning often applied PC -DAQ board or embedded control board approach.
The transmission of communication through the Internet allows global access and remote monitoring of the system.This has already become a standard feature in modern SCADA systems.Web-based SCADA system uses the Internet to transfer data between the RTUs and the MTU and/or between the operators' workstations and the MTU.The connection over the Internet requires the use of additional resources to protect the system from unauthorized access and hacker attacks.
Wireless communications is rapidly growing segment of the communications industry, with the potential to provide highspeed and high-quality information More and more often in SCADA systems a wireless communication technologies are used for short range (WiFi, Buetooth, ZigBee), and for long range (Private Radio Networks -PRN, Satelite, 3G, 4G) data transmission.Wireless SCADA replaces or extends the fieldbus to the Internet.It is required in those applications when wireline communications to the remote site is prohibitively expensive or it is too time consuming to construct wireline communications.It can reduce the cost of installing the system.It is also easy to expand.
New trends in teaching and learning strategies, in which blended learning is one of the most promising, can benefit from remote laboratories as valuable pedagogical add-ons.Experiments conducted in a real laboratory are undoubtedly the essential learning experience.However, remote laboratory facilities allow the students to access the laboratory infrastructure at nonworking hours.From the point of view of the teaching institution that offered services, this pleases the students very much.

Fig. 1
Fig. 1 Common structure of SCADA system

Fig. 7 .
Fig.7.The oil plant home page GUI with the operation sequence diagram -source[24]