Latency vs security in LEO-powered SCADA

Low-Earth orbit satellite connectivity is changing how operators monitor and manage remote infrastructure. But in SCADA environments, faster links do not automatically mean safer systems. Learn why balancing low latency with strong cybersecurity controls is crucial.

Key takeaways

• LEO-powered SCADA can reduce latency for remote monitoring, giving operators of utilities, industrial sites and critical infrastructure faster access to telemetry, alerts and diagnostics.
• Low latency should not come at the cost of cybersecurity, especially when SCADA systems control sensitive physical processes such as water, energy, transport or industrial equipment.
• Encryption, VPNs, segmentation, authentication and monitoring may add overhead, but they are essential for protecting LEO-connected SCADA networks from unauthorized access and remote attacks.
• The same principle applies to consumer IoT and smart homes: fast satellite-backed connectivity is useful, but connected devices still need strong passwords, updates, network separation and router-level protection.

What LEO-powered SCADA actually means

SCADA systems help operators monitor and control equipment such as pumps, substations, pipelines, water systems, remote sensors and industrial machinery. Traditionally, many remote sites relied on fiber, cellular, microwave links or older satellite connections. Low-Earth orbit, or LEO, satellite networks now offer another option: broadband-style connectivity from satellites much closer to Earth than traditional geostationary satellites.

That lower orbit is crucial in maintaining a fast connection with minimum degradation. Starlink, for example, lists typical land latency between 25 and 60 milliseconds, while its engineering goal is stable median latency around 20 ms with minimal packet loss. Eutelsat’s OneWeb similarly markets LEO connectivity as high-speed and low-latency, designed for areas where terrestrial connectivity is limited or unavailable.

For SCADA operators, that can be a major improvement, as users in remote areas may suddenly have better visibility, faster alarms and more responsive remote diagnostics.

Why latency matters in SCADA

Latency refers to the delay between sending a command and receiving a response. For everyday users, latency affects video calls, online gaming and smart home responsiveness. In SCADA, it can affect how quickly operators see telemetry, acknowledge alarms or issue remote commands.

Not every SCADA function needs millisecond-level speed. Many systems collect sensor readings at intervals, send alerts when thresholds are crossed or support remote maintenance sessions. But some operational workflows are more sensitive to delay, jitter and packet loss. A link that feels “fast enough” for browsing may still be unreliable for industrial monitoring if performance fluctuates at the wrong time.

This is where LEO shines the brightest. It can reduce the huge delays associated with older satellite connectivity and make remote infrastructure feel more reachable. But that same reachability also creates a bigger cybersecurity question: who else can reach it?

When added security invites friction

Security controls are not optional in operational technology. NIST’s OT security guidance stresses that these systems have unique safety, reliability and performance requirements, not just standard IT confidentiality concerns. That means security must protect availability and integrity without disrupting operations.

The problem is that some security measures can add overhead. Encryption, VPN tunnels, deep packet inspection, remote access brokers, identity checks and logging can all introduce small delays or complexity. In a normal office network, that may be acceptable. In SCADA, badly designed security can slow troubleshooting, break legacy protocols or encourage staff to create unsafe workarounds.

Common trade-offs include:

• VPN encryption vs. latency: Strong encryption protects traffic, but poorly sized hardware can create bottlenecks.
• Remote access vs. exposure: Remote maintenance is useful, but unmanaged access tools are a known risk for IT and OT environments. CISA notes that remote access software is used to oversee IT, OT and ICS services, but it can also be abused if not secured properly.
• Inspection vs. availability: Security monitoring helps detect attacks, but aggressive filtering can disrupt fragile industrial protocols.
• Cloud convenience vs. control: Cloud dashboards simplify monitoring, but they expand the trust boundary beyond the local site.

The goal is not to weaken security to make SCADA faster, but to design security with predictability and reliability in mind.

The danger of “fast but exposed”

A low-latency SCADA link can be a gift to defenders because alerts move faster and operators can respond sooner. It can also be useful to attackers if remote access is exposed and credentials are weak, as they can then use the LEO-connected gateway as a bridge into the control network.

This is especially risky when organizations treat satellite connectivity as a simple internet pipe. SCADA environments need segmentation and strict identity controls between their assets. The IEC 62443 model is often discussed around “zones and conduits,” meaning assets with similar security needs are grouped together and communication between them is controlled.

For consumers, think of it like separating smart bulbs, laptops and guest devices at home. Everything may use the same internet connection, but not everything should be able to talk to everything else.

How to balance latency and security

A good LEO-backed SCADA design starts by deciding which traffic is genuinely time-sensitive. Alarm telemetry, engineering access, patch downloads, logs and video feeds should not all receive the same treatment.

Practical safeguards:

• Use encrypted tunnels, but test latency under real operating conditions
• Require multi-factor authentication for remote access
• Avoid direct internet exposure of SCADA interfaces
• Segment OT assets from corporate IT and guest networks
• Monitor for unusual logins, commands and traffic patterns
• Keep a backup path in case the LEO link fails or degrades

What home IoT users can learn from this

Most readers aren’t running a power substation from home. But the principle applies directly to smart homes, especially those using satellite internet or rural broadband. A fast connection can make IoT devices easier to manage, but it can also make exposed devices easier targets.

For home users, the SCADA lesson is simple: don’t trade security for convenience without understanding the cost. Use strong router passwords, update firmware, separate guest and IoT devices where possible, and avoid exposing smart devices directly to the internet.

This is where NETGEAR Armor can be relevant for consumers. While it’s not an industrial SCADA security platform, it can help smart home owners add network-level protection, device visibility and threat blocking across connected devices, which is useful when more household technology depends on always-on connectivity.

Conclusion

LEO satellite connectivity can make remote SCADA systems faster and more practical to manage. But low latency is only valuable when it supports safe and secure operations. The best approach is not “maximum speed” or “maximum security” in isolation.

In this situation balance is key: a mixture of encryption, segmentation, careful monitoring and resilience can protect critical systems without significantly slowing them down.

Frequently asked questions (FAQ)

What is LEO?

LEO stands for low-Earth orbit. In connectivity, it usually refers to satellite networks that operate much closer to Earth than traditional geostationary satellites, helping provide lower-latency internet and communications for remote areas, vehicles, ships, aircraft and connected infrastructure.

What does SCADA mean?

SCADA stands for Supervisory Control and Data Acquisition. It refers to systems used to monitor and control industrial equipment, such as water pumps, substations, pipelines, manufacturing systems and energy assets.

What services does LEO provide?

LEO satellite networks can provide broadband internet, remote connectivity, backhaul, IoT connectivity, emergency communications, maritime and aviation communications, and support for remote industrial monitoring. In SCADA environments, LEO can help connect hard-to-reach assets where fiber, cellular and microwave links are unavailable or unreliable.

What is replacing SCADA?

SCADA is not being replaced outright. Instead, traditional SCADA is evolving into more connected systems that may include Industrial IoT, edge computing, digital twins, AI-assisted monitoring and modern OT security platforms.