This comprehensive handbook covers fundamental security concepts, methodologies, and relevant information pertaining to supervisory control and data acquisition (SCADA) and other industrial control systems used in utility and industrial facilities worldwide. A community-based effort, it collects differing expert perspectives, ideas, and attitudes regarding securing SCADA and control systems environments toward establishing a strategy that can be established and utilized.
Including six new chapters, six revised chapters, and numerous additional figures, photos, and illustrations, the second edition serves as a primer or baseline guide for SCADA and industrial control systems security. The book is divided into five focused sections addressing topics in
Social implications and impacts
Governance and management
Architecture and modeling
Commissioning and operations
The future of SCADA and control systems security
The book also includes four case studies of well-known public cyber security-related incidents.
The Handbook of SCADA/Control Systems, Second Edition provides an updated and expanded source of essential concepts and information that are globally applicable to securing control systems within critical infrastructure protection programs. It presents best practices as well as methods for securing a business environment at the strategic, tactical, and operational levels.
SOCIAL IMPLICATIONS AND IMPACTS. Introduction. Sociological and Cultural
Aspects. Threat Vectors. Risk Management. International Implications of
Securing Our SCADA/Control System Environments. Aurora Generator Test.
GOVERNANCE AND MANAGEMENT. Disaster Recovery and Business Continuity of
SCADA. Incident Response and SCADA. Forensics Management. Governance and
Compliance. Project Management for SCADA Systems. ARCHITECTURE AND MODELING.
Communications and Engineering Systems. Metrics Framework for a SCADA System.
Networking Topology and Implementation. Active Defense in Industrial
Control-System Networks. Open-Source Intelligence (OSINT). COMMISSIONING AND
OPERATIONS. Obsolescence and Procurement of Industrial Control Systems.
Patching and Change Management. Physical Security Management.
Tabletop/RedBlue Exercises. Integrity Monitoring. Data Management and
Records Retention. CONCLUSION. The Future of SCADA and Control Systems
Security. Appendices.
Robert Radvanovsky, CIPS, is an active security professional in the United States with knowledge in security, risk management, business continuity, disaster recovery planning, and remediation. He obtained his masters degree in computer science from DePaul University in Chicago, and he has significantly contributed toward establishing several certification programs, specifically on the topics of critical infrastructure protection and critical infrastructure assurance. He has special interest and knowledge in matters of critical infrastructure and has published a number of articles and white papers regarding this topic, and has authored or coauthored several books in the field. Though he has been significantly involved in establishing security training and awareness programs through his company, Infracritical, he also works with several professional accreditation and educational institutions on the topics of homeland security, critical infrastructure protection and assurance, and cybersecurity.
Jacob Brodsky began his career in computing and telecommunications at the Washington Suburban Sanitary Commission (WSSC) as an instrumentation and telecommunications technician while attending evening classes at the Johns Hopkins University Whiting School of Engineering, from which he received a bachelors degree in electrical engineering. He has worked on every aspect of SCADA and control systems for the WSSC, from the assembly language firmware of the remote terminal unit to the communications protocols and the telecommunications networks, including frequency-division multiplexing analog and digital microwave radios, the data networks, systems programming, protocol drivers, humanmachine interface design, and programmable logic controller programming. He is a registered professional engineer of control systems in the state of Maryland, and has coauthored chapters on control systems for several books.
