Arguing against using public IP space

It would be your target announcing the RFC1918 space, so the security
risk would be if his ISP, your ISP and all of the intermediate
peering/transit links were to honor those announcements and route the
traffic to the target. Possible, and it has probably happened at some
point, but not likely. The closer your logically to your target the
more likely such an attack would succeed.

I certainly don't recommend announcing RFC1918 space to the public
Internet. Doing so is a bad thing. If you do so there is indeed a
non-zero chance that someone close enough to you could connect to your
network and do damage.

Announcing RFC1918 space is less likely to route very far than
announcing public space that isn't allocated to you, however. That's
what the spammers all over the world are doing.

In terms of security, most every SCADA system, as others have pointed
out, should not be connected to the public Internet AT ALL. In this
case it really doesn't matter what addressing scheme is used. Use
Novell IPX or Appletalk if you want. Or MODBUS.

If, however, it is using IPv4, RFC1918 space in a different subnet than
anything used internally within the organization is a better choice than
any public space or subnets of RFC1918 space in use within the
organization. This offers a degree of protection against mis-cabling
and other accidental or malicious vectors that could allow other
networks to communicate with the SCADA network.

It would probably be best if the SCADA hardware vendors were to ship
their gear with no IP addresses pre-programmed at all, as well as
preventing them from being configured until any default passwords are
changed. Similarly, they should educate their installation contractors
about such things.