Vallecitos Water District (VWD) provides potable water distribution, wastewater treatment, and reclamation services to the greater San Marcos area in San Diego County. This community is comprised of over 108,000 people within its 45 square-mile boundary. VWD has been awarded for their transparency, community engagement, and forward-thinking sustainability projects.
In 2022, VWD partnered with Enterprise Automation (EA) to assess its SCADA (Supervisory Control and Data Acquisition) infrastructure. This audit revealed several opportunities to leverage EA’s expertise to enhance system performance, security, and scalability, prompting the development of a SCADA Master Plan to guide the district’s digital evolution. EA has been supporting VWD in their continuous improvement since with ongoing project implementation, maintenance, support, and training services.
The SCADA audit identified several paths to advance VWD’s operations. These included bolstering their disaster recovery protocols, administering reliable cyber and physical security solutions, and upgrading any hardware that compromised system performance. VWD’s SCADA environment was another focal point for strategic investment. The existence of separate SCADA systems for water distribution, collections, and treatment created inefficiencies that a centralized system would eliminate.
Enterprise Automation upgraded VWD’s SCADA system from standalone AVEVA InTouch to AVEVA System Platform OMI, which better suited the complexity and scale of VWD’s operations. This transition entailed a complete overhaul of VWD’s infrastructure, including server upgrades, virtualization, and a re-architected network design to meet modern security and automation standards. EA’s solution unified VWD’s isolated SCADA systems into a cohesive, scalable platform that will serve as the foundation for future upgrades.
The project was divided into two phases: the first focused on platform design while the second implemented new server hardware and software, virtualization technology, and network enhancements.
To set the foundation for the Vallecitos Water District’s new SCADA system, Enterprise Automation unified the district’s separate environments into a single platform using AVEVA System Platform OMI. This integration created a more scalable system and streamlined operations by improving visualization and providing an intuitive, user-friendly interface.
EA also introduced a dedicated test environment that would simulate the SCADA network, software, virtual machines, and PLCs. Test platforms reduce the risk of downtime during system expansions and upgrades. As organizations continuously expand and incorporate new elements, utilizing a test platform is essential to maintaining a high-quality production system. Any potential changes should be developed on a test platform, validated for safety and reliability, and deployed only when completed and tested.
EA implemented a segmented network design, including a DMZ (demilitarized zone) to enhance cybersecurity and safeguard the new SCADA platform. A segmented network guards against cybersecurity threats because it allows selective and controlled communication between devices on different network segments. Network segregation can optimize performance within OT systems so critical traffic such as PLC communications can be prioritized over less critical traffic such as access to historical data. This was done using VLANs, which virtually group devices into isolated functional areas within a single physical network. Additionally, Palo Alto firewalls were leveraged within the VWD network to create internal zones that separated and protected functional areas.
These solutions increased system stability, improved security, and prepared VWD for future expansion and upgrades. By addressing the immediate challenges and modernizing the SCADA infrastructure, Enterprise Automation positioned Vallecitos Water District to meet its long-term operational goals with greater security, efficiency, and scalability.
• Implemented segmented network design by leveraging VLANs across 23 networks encompassing 86 sites
• Consolidated 3 SCADA systems into a centralized system
• Deployed VMWare hyperconverged server cluster with 37 virtual machines
• AVEVA InTouch
• AVEVA System Platform OMI
• VEEAM for automated VM backups
• Dell servers
• Palo Alto firewalls
• Broadcom VMWare vSphere / ESXi hypervisor
Enterprise Automation
9050 Irvine Center Drive
Irvine, CA 92618
Phone 949.769.6000
Fax 949.769.6005
