SCADA emerged in the 1960s out of the need for centralised monitoring of electricity-distribution and water networks; today it is framed by ANSI/ISA-101 (HMI design) and ISA-95 (enterprise control integration). A typical SCADA deployment consists of field sensors, an RTU/PLC layer, communication links, a central server (historian + HMI) and an enterprise reporting layer.

The ISA-95 hierarchy and OT/IT convergence

The ISA-95 standard (IEC/ISO 62264, first edition 2003) divides industrial systems into five levels: Level 0 (physical process), Level 1 (sensing/actuation), Level 2 (supervision — SCADA/PLC), Level 3 (manufacturing operations — MES) and Level 4 (enterprise — ERP). In irrigation infrastructure the link between Levels 1 and 2 is usually built with field-bus protocols, and the link between Levels 2 and 3 with object-oriented industrial protocols (e.g. OPC UA) or business-oriented messaging (REST, MQTT). This combination is known as OT/IT convergence.

Common communication protocols

  • Modbus RTU/TCP (1979, Modicon): an open, broadly supported master/slave (client/server) protocol. Common function codes: 01 (read coils), 03 (read holding registers), 05 (write single coil), 16 (write multiple registers). The RTU variant runs over RS-485, the TCP variant on port 502.
  • OPC UA (IEC 62541, 2008): a platform-independent, service-oriented modern industrial protocol with certificate-based authentication. Supports both client/server and PubSub modes.
  • MQTT (ISO/IEC 20922, 2016): a lightweight publish/subscribe messaging protocol optimised for low-bandwidth environments. QoS levels 0/1/2 set the delivery guarantee.
  • BACnet (ASHRAE 135, ISO 16484-5): used in building automation; preferred when irrigation is monitored under the same management shell as HVAC.
  • REST/HTTP API: the most common approach for integration with cloud-native IT systems; provides stateless, JSON-based access to resources.
  • DNP3 (IEEE 1815): used in water and electricity utilities and wide-area SCADA, with support for time-stamped event reporting.

Communication models

In the master/slave (polling) model the centre queries the field at fixed intervals; data flow is predictable, but latency is bound to the polling cycle. In the publish/subscribe model field devices publish events as they occur and observer applications subscribe; latency is lower and unnecessary traffic is reduced. Modbus is the classic master/slave example; MQTT and OPC UA PubSub are publish/subscribe examples.

Data sovereignty: in public institutions and critical infrastructure, where control data is stored is regulated by legal frameworks (the EU NIS2 Directive, 2022; in Türkiye Law No. 6698 KVKK). On-premise deployment, hybrid deployment (field data local, reporting in the cloud) and full-cloud deployment are the three core architectural choices. Selection follows latency tolerance, redundancy requirements and regulatory classification.

Historian and retention

Time-series data continuously generated by SCADA systems is stored in the historian tier. Hot data (the last 30–90 days) lives in relational or time-series databases (PostgreSQL/TimescaleDB, InfluxDB, OSIsoft PI); cold data is downsampled and compressed for long-term archiving. ISO 27001 compliance defines retention periods, encryption methods and access logging at policy level.

Identity and access management

For enterprise integration, directory-service integration (Microsoft Active Directory, OpenLDAP) combined with federated authentication (SAML 2.0, OAuth 2.0, OpenID Connect) is standard practice. Role-based access control (RBAC, NIST RBAC model) separates roles such as operator, engineer and auditor. In critical infrastructure the IEC 62443 standard (industrial cybersecurity) provides an additional reference framework.