Key Considerations for Modern SCADA Systems

Q&A with Rockwell Automation

Published March 4, 2026

RandyRandy Stott
Publisher & Editor-in-Chief
AutomationMesh
The difference between loosely connected layers and a unified platform can make or break SCADA scalability.

The difference between loosely connected layers and a unified platform can make or break SCADA scalability.

AutomationMesh sat down with Paul Haikal, Senior Commercial Product Manager at Rockwell Automation, to discuss the latest trends in SCADA, including what manufacturers need to know about the evolving state of manufacturing software in today's age of artificial intelligence and concerns over cybersecurity.

Paul Haikal, Senior Commercial Portfolio Manager, Rockwell Automation

Paul Haikal, Senior Commercial Portfolio Manager, Rockwell Automation

About our expert: Paul Haikal is a Senior Commercial Portfolio Manager at Rockwell Automation with 20+ years in industrial automation spanning remote support, enablement, and product and portfolio leadership, advancing enterprise visualization to deliver intuitive, connected operations. He has led programs improving customer outcomes and enabling large-scale deployments, helping teams move faster from operational data to action through secure, scalable design and data-driven decision support across HMI and SCADA offerings like FactoryTalk View and the FactoryTalk Optix portfolio.

Q: How has SCADA evolved from the simple monitoring tools of the past?

A: SCADA, or Supervisory Control and Data Acquisition, began as a monitoring and supervisory control layer, focused on signals, alarms, and operator actions. Today, manufacturers expect SCADA to be secure by design, easier to integrate, and capable of delivering contextrich operational insight to a much broader audience.

Q: What key factors should manufacturers be aware of before attempting to install a new SCADA system?

A: Four considerations consistently drive outcomes:

  1. Security alignment across OT and IT. Treat SCADA as part of an IT and OT environment, not a standalone tool. A successful design usually combines segmentation and controlled access patterns, often implemented with industrial DMZ boundaries, strong identity and access management, and ongoing operational security practices. At the same time, it must respect OT realities like uptime, safety, and deterministic performance. This is why partner selection matters as much as product selection. Manufacturers benefit when a supplier can bring hardware, software, network infrastructure, and services together, so security and operations can be sustained across the full lifecycle. Cybersecurity is ultimately a lifecycle commitment, not a one-time installation.
  2. Interoperability and extensibility by design. Modern plants need secure connectivity and flexible integration patterns to avoid short term integration effort and long-term integration tax. Look for platforms that are open by design, able to integrate cleanly using open standards and common interfaces, support mixed controllers and data sources, and adapt as requirements change. The practical test is simple. Can you add new assets, new sites, users, or new analytics needs without rewriting everything or creating brittle integrations? 

One illustrative example is Rockwell Automation’s FactoryTalk Optix, which provides built in connectivity options from controller to cloud, including OPC UA, MQTT client connectivity with an embedded MQTT broker, database connectivity options, web client connectivity with secure web server capabilities, and connectivity to both Logix-based and third-party controllers.

  1. Lifecycle planning and longterm partner support. SCADA is a long-lived investment, so upgradeability, supportability, and modernization pathways matter as much as day-one features. You want a vendor that can clearly support expansion, version progression, and operational continuity over time, and you want local support channels that can help you keep the system running, train teams, and respond quickly when issues occur.
  2. Premier integration from control to information. The difference between loosely connected layers and a unified platform can make or break SCADA scalability, because architecture matters. A unified control + SCADA + information approach reduces integration friction, improves maintainability, and strengthens resilience as systems expand from a station to a line, from a line to a plant, and from plant to multiple sites. Just as importantly, it creates clear end-to-end ownership: instead of troubleshooting across multiple vendors and interfaces, teams have simpler accountability with one primary support path when something needs to be fixed, upgraded, or scaled.
Rockwell Automation’s FactoryTalk Optix, which provides built in connectivity options from controller to cloud
Rockwell Automation’s FactoryTalk Optix, which provides built in connectivity options from controller to cloud.

Q: How do modern SCADA systems deal with legacy equipment, controls, and software?

A: Most SCADA upgrades happen in brownfield environments, so the best strategy is usually coexistence first, replacement later. Rather than ripping out proven control logic, modern SCADA projects typically wrap and normalize legacy assets through a connectivity layer, so the existing PLCs, RTUs, and older devices keep running while the SCADA layer gradually reduces brittle, custom point-to-point integrations over time.

In practice, this often means using open connectivity patterns to bridge mixed-vendor assets and protocols. OPC UA and MQTT commonly play complementary roles: OPC UA is useful when you need structured interoperability and richer context, while MQTT supports lightweight publish/subscribe distribution, so older equipment can participate as part of a phased modernization plan, rather than requiring replacement upfront. The goal is to make legacy data more usable by exposing tags, alarms, and device signals in a more consistent way so operators, maintenance, engineering, and analytics tools can consume it consistently (a role that modern platforms such as FactoryTalk Optix are built to support).

Legacy equipment also shapes cybersecurity design. Because older devices are often difficult to patch, modern SCADA architecture relies on segmentation and tightly controlled communications to limit the blast radius of any incident. The idea is to group assets by risk and function, tightly control what can communicate across boundaries, and avoid “flat networks” where a compromise can spread laterally across the plant. 

Q: What are the advantages/disadvantages of SCADA in the cloud?

A: Cloud can be a force multiplier for SCADA, but it changes the architecture and the risk model. It helps to think in two buckets.

Cloud-enabled SCADA, where cloud is optional. The system can run on premises or at the edge, with cloud features available for collaboration, remote access, analytics, or multi-site visibility.

Cloud-based SCADA, where cloud is required. Core supervisory services are hosted in the cloud, so connectivity and cloud operations are central to how the system works.

Disadvantages. Moving any part of SCADA into cloud-connected architecture can increase the attack surface and introduce new dependencies, particularly around identity, remote access, shared infrastructure, and network reliability. 

This does not mean the cloud is inherently less secure, but it does mean the security model changes and must be engineered deliberately. Security must be designed end to end using defense in depth principles such as segmentation, controlled remote access, strong identity and access management, monitoring, and disciplined change control. Cloud hosted models also require careful decisions about what belongs in the cloud versus what must remain local for safety, determinism, and continuity.

Advantages. Whether cloud is optional or required, cloud connectivity can expand what SCADA can do well. It can provide easier multi-site visibility, scalable storage and analytics, simpler standardization across sites, and lower friction for connecting operational data to broader decision workflows. The cloud can also support geographically distributed operations when teams need consistent dashboards, alarms, and context from anywhere.

Practical implications. Most manufacturers land on hybrid patterns. Time sensitive supervisory functions stay close to operations, while curated context, events, KPIs, and histories flow upstream for fleet level visibility and analytics. In that model, the best fit is often a platform that supports multiple deployment options. This includes on-premises or edge for local resilience, cloud enabled capabilities when useful, and cloud hosted options where centralized supervision makes sense. In the Rockwell Automation ecosystem, FactoryTalk Optix supports flexible deployment across closed devices and open platforms, including Windows and Linux environments, with container-based options available as well. This enables local, cloud-enabled, or hybrid architectures as operations scale.

The human-machine interface (HMI) connects SCADA to the operator.
The human-machine interface (HMI) connects SCADA to the operator.

Q: How do modern SCADA systems take advantage of 5G?

A: Modern SCADA takes advantage of 5G when it needs wireless connectivity that is dependable at scale and responsive enough for operational visibility in places where wiring is expensive, impractical, or limiting. 5G can enable broader wireless coverage, more connected endpoints, and more consistent performance for supervisory data such as alarms, status, and performance indicators. It is especially useful for mobile users and equipment, temporary installations, remote locations, and layouts that change over time. The key design principle stays the same. Keep time sensitive control and safe operation local, then use the wireless link for supervisory visibility, notifications, and remote access.

One clear example is remote operations in oil and gas and in water and wastewater. These environments often depend on wide area communications between primary and remote locations for monitoring and coordination across pipelines, well pads, lift stations, and remote pump stations. A 5G connection can provide the backhaul for SCADA data, so operators can see alarms and performance from a central location, while technicians can access the same operational context on site using mobile devices. Good architecture still plans for interruptions by ensuring remote sites can continue operating locally when wide area connectivity is unavailable, then synchronize events and performance data when the link is restored.

A second example is a plant that frequently reconfigures lines. A private 5G network can connect mobile HMIs and temporary assets, enabling SCADA visibility without repeatedly pulling new cables. Time critical control still stays local at the machine or cell, while 5G carries supervisory visibility and higher-level coordination data across the site. 

Q: What role does SCADA play in enterprise cybersecurity?

A: SCADA sits at the intersection of plant operations and enterprise systems, so it is both a high value target and a key control point for reducing cyber risk. Because SCADA supports visibility, alarms, remote access, and often supervisory control, its security posture directly affects safety, uptime, and business continuity.

NIST guidance on operational technology security emphasizes securing OT systems while addressing their unique performance, reliability, and safety requirements, and it explicitly includes SCADA systems within the OT scope. 

Architecturally, standards such as ISA / IEC 62443 define zoneandconduit models that enforce controlled communications and reduce lateral movement. In practice, this makes SCADA not just a target to protect, but a control point for enforcing enterprise cybersecurity policy, provided manufacturers choose OT partners that design security as a lifecycle responsibility, not a feature checkbox.

Q: How has AI changed SCADA?

A: AI is changing SCADA for every persona. It helps engineers build and change systems faster, helps maintenance diagnose issues sooner, and gives operators, managers, and executives clearer decision support across production, quality, and downtime. 

On detection, research on industrial control systems shows that measurement-based anomaly detection can identify abnormal activity even when network only monitoring can be deceived, reinforcing why high-quality operational measurements and context matter.

AI can also leverage pattern recognition to turn alarms into likely causes and recommended actions. AI-assisted operations reduce investigation time and support more consistent responses. Over time, the progression from observation to prediction and then to action supports a path toward more autonomous operations, where systems can recommend and, in tightly bounded cases, trigger the next best step within defined guardrails.

Q: Is the distinction blurring between SCADA and MES or ERP systems? How so, and why is this significant?

A: Yes, the distinction is blurring, but the systems are not becoming interchangeable. The line is blurring because manufacturers increasingly need continuous execution from the shop floor to the enterprise, which means operational events, context, and performance information must move reliably between supervisory operations (SCADA), execution (MES/MOM), and planning/business systems (ERP). ISA95 (IEC 62264) reflects this reality by defining layered responsibilities and the interface expectations between manufacturing operations and business planning, so companies can integrate faster with fewer errors and less custom work.

This matters because it raises expectations for SCADA beyond visualization. When integration is the goal, SCADA is expected to produce standardized operational information that upstream systems and analytics can consume consistently without brittle point integrations that break when you change a line, add a site, or modernize an application. At the same time, manufacturers are pushing MES to become more modular and scalable, so it can adapt as operations evolve rather than becoming another silo.

The significance is strategic: a modern, integrated SCADA + MES foundation enables faster decision loops and unlocks advanced analytics and AI on the journey toward more autonomous operations. When SCADA and MES are designed to work together, operational events, context, and performance data are made consistent and consumable across execution and enterprise workflows, giving operators, engineers, and leaders a coherent view of performance and execution while reducing reconciliation effort and accelerating action.

Q: Tell us about Rockwell Automation's FactoryTalk Optix for SCADA?

A: With these architectural and lifecycle principles in mind, manufacturers selecting a modern SCADA platform are also selecting a long-term partner. LifecycleIQ Services from Rockwell Automation are designed for long term outcomes, not just day one deployment. The services focus on connecting, securing, mobilizing, and scaling manufacturing operations. They are backed by global field services with factory trained engineers who can support customers on site or remotely as needs arise.

On innovation, FactoryTalk Optix expands visualization into IIoT, edge computing, and data management. It is supported by scalable deployment options and SaaS enabled workflows for collaboration. These capabilities matter as SCADA grows from a site project into multi-line or multi-facility deployments, where scaling and collaboration become as important as screens and alarms.

Local support is another differentiator. Rockwell Automation emphasizes an authorized distributor network that helps customers design, implement, and support automation investments. This network provides local inventory matched to customer needs, training, and commissioning support to help get applications or plants running quickly. The same authorized channel is also the path for purchasing genuine products.

Taken together, that combination of lifecycle services, innovation, and local support fits the practical requirement for modern SCADA. Keep it running, keep it secure, and keep improving. 

References

www.rockwellautomation.com