Muutke küpsiste eelistusi

E-raamat: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

3.93/5 (30 hinnangut Goodreads-ist)
(Principal Consultant, Kenexis Consulting Corporation, Madison, Alabama, USA),
  • Formaat: 203 pages
  • Ilmumisaeg: 19-Apr-2016
  • Kirjastus: Taylor & Francis Inc
  • Keel: eng
  • ISBN-13: 9781466516113
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 93,59 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
  • Raamatukogudele
Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SISSuurem pilt
  • Formaat: 203 pages
  • Ilmumisaeg: 19-Apr-2016
  • Kirjastus: Taylor & Francis Inc
  • Keel: eng
  • ISBN-13: 9781466516113
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

The formation of systematic protocols for managing the security of industrial control systems (ICS) has somewhat lagged behind those for IT in general, note Macaulay (security liaison officer, Bell Canada) and Singer (Kenexis Consulting Corporation) in the introduction to this clearly written, detailed guide. Addressed to both IT professionals and non-IT specialists, particularly managers, the volume offers an overview of the methods and tools used for ICS security, including process control system (PCS), distributed control system (DCS), supervisory control and data acquisition (SCADA), programmable logic controllers (PLCs), and human-machine interface (HMI). The threats and vulnerabilities of ICS are described in separate chapters, followed by a thorough discussion of risk assessment and future trends in ICS security. Annotation ©2012 Book News, Inc., Portland, OR (booknews.com)

As industrial control systems (ICS), including SCADA, DCS, and other process control networks, become Internet-facing, they expose crucial services to attack. Threats like Duqu, a sophisticated worm found in the wild that appeared to share portions of its code with the Stuxnet worm, emerge with increasing frequency.

Explaining how to develop and implement an effective cybersecurity program for ICS, Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS provides you with the tools to ensure network security without sacrificing the efficiency and functionality of ICS.

Highlighting the key issues that need to be addressed, the book begins with a thorough introduction to ICS. It discusses business, cost, competitive, and regulatory drivers and the conflicting priorities of convergence. Next, it explains why security requirements differ from IT to ICS. It differentiates when standard IT security solutions can be used and where SCADA-specific practices are required.

The book examines the plethora of potential threats to ICS, including hi-jacking malware, botnets, spam engines, and porn dialers. It outlines the range of vulnerabilities inherent in the ICS quest for efficiency and functionality that necessitates risk behavior such as remote access and control of critical equipment. Reviewing risk assessment techniques and the evolving risk assessment process, the text concludes by examining what is on the horizon for ICS security, including IPv6, ICSv6 test lab designs, and IPv6 and ICS sensors.

Arvustused

I had high hopes for this book since Bryan Singer is very experienced in ICS, ICS security, and IT security and Bryan and co-author Tyson McCauley did not disappoint. To date this is clearly the best book on ICS Security by far. The two best things about this book are: 1) They got the facts right about both ICS and IT security. This is not as easy as it sounds as most books have failed or been simplistic in one area or another. 2) They provided the background information for a beginner to understand, but followed that up with significant technical detail and examples. Its a good book for a beginner or intermediate in either area, and even those with years of experience in both areas will learn something. For me the best new info was the Overall Equipment Effectiveness (OEE) and Security OEE as a future risk assessment technique in Chapter 4. I could go on and on as I highlighted sentences throughout the chapter and was muttering yes as I read. This is clearly the book to get or give if you want to read about ICS security today.Dale G Peterson, writing on www.digitalbond.com

(For the full review, visit: http://www.digitalbond.com/2012/03/27/4-star-review-for-mccauleysinger-book-cybersecurity-for-ics/#more-11213)

Authors ix
Chapter 1 Introduction
1(44)
Where This Book Starts and Stops
2(1)
Our Audience
3(3)
What Is an Industrial Control System?
6(2)
Is Industrial Control System Security Different Than Regular IT Security?
8(1)
Where Are ICS Used?
9(5)
ICS Compared to Safety Instrumented Systems
14(1)
What Has Changed in ICS That Raises New Concerns?
15(3)
Naming, Functionality, and Components of Typical ICS/SCADA Systems
18(4)
Supervisory Control and Data Acquisition (SCADA)
19(1)
Remote Terminal Unit (RTU)
20(1)
Distributed Control System (DCS)
20(1)
Programmable Logic Controllers (PLCs)
20(1)
Human-Machine Interface (HMI)
21(1)
Analogue versus IP Industrial Automation
22(3)
Convergence 101: It Is Not Just Process Data Crowding onto IP
25(2)
Convergence by Another Name
27(1)
Taxonomy of Convergence
28(5)
Triple-Play Convergence
29(1)
Transparent Convergence
30(1)
Blue-Sky Convergence
31(2)
The Business Drivers of IP Convergence
33(1)
Cost Drivers
33(3)
Competitive Drivers
36(1)
Regulatory Drivers
37(1)
The Conflicting Priorities of Convergence
38(2)
ICS Security Architecture and Convergence
40(3)
The Discussions to Follow in This Book
43(1)
Endnotes
44(1)
Chapter 2 Threats to ICS
45(36)
Threats to ICS: How Security Requirements Are Different from ICS to IT
46(8)
Threat Treatment in ICS and IT
53(1)
Threats to ICS
54(3)
Threat-To and Threat-From
57(2)
The Most Serious Threat to ICS
59(5)
Collateral Damage
60(1)
Whatever Happened to the Old-Fashioned E-Mail Virus?
60(2)
Money, Money, Money
62(1)
The Fatally Curious, Naive, and Gullible
62(2)
Hi-Jacking Malware
64(4)
No Room for Amateurs
68(1)
Taxonomy of Hi-Jacking Malware and Botnets
68(4)
Hi-Jacking Malware 101
69(1)
Characteristics of a Bot (Zombie/Drone)
69(3)
The Reproductive Cycle of Modern Malware
72(4)
A Socks 4/Sock 5/HTTP Connect Proxy
76(2)
SMTP Spam Engines
78(1)
Porn Dialers
78(1)
Conclusions on ICS Threats
79(1)
Endnotes
80(1)
Chapter 3 ICS Vulnerabilities
81(44)
ICS Vulnerability versus IT Vulnerabilities
82(1)
Availability, Integrity, and Confidentiality
83(6)
Purdue Enterprise Reference Architecture
89(4)
PERA Levels
89(1)
Levels 5 and 4 Enterprise Systems
89(1)
Level 3 Operations Management
90(1)
Level 2 Supervisory Control
90(1)
Level 1 Local or Basic Control
91(1)
Level 0 Process
91(1)
An Ironic Comment on PERA
92(1)
Data at Rest, Data in Use, Data in Motion
93(2)
Distinguishing Business, Operational, and Technical Features of ICS
95(3)
ICS Vulnerabilities
98(8)
Management Vulnerabilities
99(1)
Operational Vulnerabilities
100(5)
Technical Vulnerabilities
105(1)
Functional Vulnerabilities
106(5)
ICS Technical Vulnerability Class Breakdown
111(3)
Technical Vectors of Attack
113(1)
IT Devices on the ICS Network
114(1)
Interdependency with IT
115(1)
Green Network Stacks
116(1)
Protocol Inertia
116(2)
Limited Processing Power and Memory Size
118(1)
Storms/DOS of Various Forms
119(1)
Fuzzing
120(1)
MITM and Packet Injection
121(2)
Summary
123(1)
Endnotes
123(2)
Chapter 4 Risk Assessment Techniques
125(38)
Introduction
125(1)
Contemporary ICS Security Analysis Techniques
126(4)
North American Electricity Reliability Council (NERC)
126(2)
National Institute of Standards and Technology (NIST)
128(1)
Department of Homeland Security (DHS) ICS Risk Assessment Processes
129(1)
INL National SCADA Test Bed Program (NSTB): Control System Security Assessment
130(1)
INL Vulnerability Assessment Methodology
131(2)
INL Metrics-Based Reporting for Risk Assessment
133(1)
Ideal-Based Risk Assessment and Metrics
134(1)
CCSP Cyber Security Evaluation Tool (CSET)
135(2)
U.S. Department of Energy: Electricity Sector Cyber Security Risk Management Process Guideline
136(1)
Evolving Risk Assessment Processes
137(4)
Consequence Matrices
138(2)
Safety Integrity Levels and Security Assurance Levels
140(1)
Security Assurance Level
141(3)
SAL-Based Assessments
144(1)
SAL Workflow
145(2)
Future of SAL
147(2)
Overall Equipment Effectiveness (Assessment)
148(1)
Security OEE
149(3)
Putting OEE Metrics Together
152(3)
Network-Centric Assessment
153(2)
Network-Centric Compromise Indicators
155(2)
Assessing Threat Agents, Force, and Velocity
155(2)
Other Network Infrastructure That Can Be Used for Network-Centric Analysis and ICS Security
157(2)
Network-Centric Assessment Caveats
159(1)
Conclusion
160(1)
Endnotes
161(2)
Chapter 5 What Is Next in ICS Security?
163(24)
The Internet of Things
163(1)
IPv6
164(4)
There Is a New Internet Protocol in Town
164(1)
In Brief: What Is IPv6?
164(1)
What Does IPv6 Mean for My Business in General?
165(1)
What Does the Switch to IPv6 Mean for the Security of My ICS Network?
166(1)
What Will the Move to IPv6 Require, for IT and ICS?
167(1)
ICS v6 Test Lab Designs
168(14)
Stage 1 Test Environment: Introduce IPv6
169(1)
Stage 2 Test Environment: Sense IPv6
170(1)
Stage 3 Test Environment: Dual-Stack Testing
170(1)
Stage 4 Test Environment
171(1)
Stage 5 Test Environment
172(2)
Dual Stacking
174(2)
ICS and Cellular Wireless
176(1)
Private Architecture and Cellular Wireless
176(4)
v6 Security Testing Methodology for ICS Devices
180(2)
IPv6 and ICS Sensors
182(3)
Pros and Cons of IPv6 and Low-Power (Wireless) Devices
183(2)
A Few Years Yet...
185(1)
Endnotes
185(2)
Index 187
Tyson Macaulay is the security liaison officer (SLO) for Bell Canada. In this role, he is responsible for technical and operational risk management solutions for Bells largest enterprise clients. Macaulay leads security initiatives addressing large, complex, technology solutions including physical and logical (IT) assets, and regulatory/legal compliance requirements. He supports engagements involving multinational companies and international governments.

Macaulay also supports the development of engineering and security standards through the Professional Engineers of Ontario and the International Standards Organization (ISO) SC 27 Committee. Macaulay leadership encompasses a broad range of industry sectors from the defense industry to high-tech start-ups. His expertise includes operational risk management programs, technical services, and incident management processes. He has successfully served as prime architect for large-scale security implementations in both public and private sector institutions, working on projects from conception through development to implementation. Macaulay is a respected thought leader with publications dating from 1993. His work has covered authorship of peer-reviewed white papers, IT security governance programs, technical and integration services, and incident management processes. Further information on Macaulay publications and practice areas can be found online at: www.tysonmacaulay.com.

Previously, Macaulay served as director of risk management for a U.S. defense contractor in Ottawa, Electronic Warfare Associates (EWA; 20012005), and founded General Network Services (GNS; 19962001). Macaulay career began as a research consultant for the Federal Department of Communications (DoC) on information networks, where he helped develop the first generation of Internet services for the DoC in the 1990s.

Bryan L. Singer, CISM, CISSP, CAP, is principal consultant for Kenexis Consulting Corporation. Singer has more than 15 years experience in information technology security, including 7 years specializing in industrial automation and control systems security, critical infrastructure protection, and counterterrorism. His background focuses on software development, network design, information security, and industrial security. Industry experience includes health care, telecommunications, water/wastewater, automotive, food and beverage, pharmaceuticals, fossil and hydropower generation, oil and gas, and several others. He has specialized in process intelligence and manufacturing disciplines such as historians, industrial networking, power and energy management (PEMS), manufacturing enterprise systems (MES), laboratory information management systems (LIMS), enterprise resource planning (ERP), condition-based monitoring (CBM), and others.

Singer began his professional career with the U.S. Army as an intelligence analyst. After the military, he worked in various critical infrastructure fields in software development and systems design, including security. Singer has worked for great companies such as EnteGreat, Rockwell Automation, FluidIQs, and Wurldtech before joining Kenexis Consulting and cofounding Kenexis Security in 2008. At Kenexis, he is responsible for development, deployment, and management of industrial network design and security services from both a safety and a system architecture perspective.

Singer is also the cochairman of ISA-99 Security Standard, a former board member of the Department of Homeland Securitys Process Control Systems Forum, member of Idaho National Labs recommended practices commission, U.S. technical expert to IEC, North American Electronics Reliability Corporation (NERC) drafting team member for NERC CIP, and other industry roles.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97814665161136e.html
Märksõnad: