This comprehensive handbook covers fundamental security concepts, methodologies, and relevant information pertaining to supervisory control and data acquisition (SCADA) and other industrial control systems used in utility and industrial facilities worldwide. A community-based effort, it collects differing expert perspectives, ideas, and attitudes regarding securing SCADA and control systems environments toward establishing a strategy that can be established and utilized.
Including six new chapters, six revised chapters, and numerous additional figures, photos, and illustrations, the second edition serves as a primer or baseline guide for SCADA and industrial control systems security. The book is divided into five focused sections addressing topics in
Social implications and impacts Governance and management Architecture and modeling Commissioning and operations The future of SCADA and control systems security
The book also includes four case studies of well-known public cyber security-related incidents.
The Handbook of SCADA/Control Systems, Second Edition provides an updated and expanded source of essential concepts and information that are globally applicable to securing control systems within critical infrastructure protection programs. It presents best practices as well as methods for securing a business environment at the strategic, tactical, and operational levels.
| Foreword |
|
xv | |
| Synopses of chapters |
|
xix | |
| Acknowledgments |
|
xxv | |
| Editors |
|
xxvii | |
| Contributors |
|
xxix | |
| Editors' notes |
|
xxxv | |
|
Section I Social implications and impacts |
|
|
|
|
|
3 | (12) |
|
|
|
|
|
Chapter 2 Sociological and cultural aspects |
|
|
15 | (14) |
|
|
|
|
|
|
|
29 | (12) |
|
|
|
Chapter 4 Risk management |
|
|
41 | (40) |
|
|
|
|
|
Chapter 5 International implications of securing our SCADA/control system environments |
|
|
81 | (26) |
|
|
|
Chapter 6 Aurora generator test |
|
|
107 | (10) |
|
|
|
Section II Governance and management |
|
|
|
Chapter 7 Disaster recovery and business continuity of SCADA |
|
|
117 | (40) |
|
|
|
Chapter 8 Incident response and SCADA |
|
|
157 | (12) |
|
|
|
Chapter 9 Forensics management |
|
|
169 | (32) |
|
|
|
Chapter 10 Governance and compliance |
|
|
201 | (28) |
|
|
|
|
|
Chapter 11 Project management for SCADA systems |
|
|
229 | (10) |
|
|
|
Section III Architecture and modeling |
|
|
|
Chapter 12 Communications and engineering systems |
|
|
239 | (10) |
|
|
|
Chapter 13 Metrics framework for a SCADA system |
|
|
249 | (8) |
|
|
|
Chapter 14 Networking topology and implementation |
|
|
257 | (10) |
|
|
|
Chapter 15 Active defense in industrial control system networks |
|
|
267 | (22) |
|
|
|
Chapter 16 Open-source intelligence (OSINT) |
|
|
289 | (10) |
|
|
|
Section IV Commissioning and operations |
|
|
|
Chapter 17 Obsolescence and procurement of industrial control systems |
|
|
299 | (8) |
|
|
|
Chapter 18 Patching and change management |
|
|
307 | (6) |
|
|
|
Chapter 19 Physical security management |
|
|
313 | (18) |
|
|
|
|
|
Chapter 20 Tabletop/red-blue exercises |
|
|
331 | (10) |
|
|
|
Chapter 21 Integrity monitoring |
|
|
341 | (18) |
|
|
|
Chapter 22 Data management and records retention |
|
|
359 | (12) |
|
|
|
|
|
|
|
|
Chapter 23 The future of SCADA and control systems security |
|
|
371 | (4) |
|
|
|
|
| Appendix I Listing of online resources of SCADA/control systems |
|
375 | (14) |
| Appendix II Terms and definitions |
|
389 | (4) |
| Index |
|
393 | |
Robert Radvanovsky, CIPS, is an active security professional in the United States with knowledge in security, risk management, business continuity, disaster recovery planning, and remediation. He obtained his masters degree in computer science from DePaul University in Chicago, and he has significantly contributed toward establishing several certification programs, specifically on the topics of critical infrastructure protection and critical infrastructure assurance. He has special interest and knowledge in matters of critical infrastructure and has published a number of articles and white papers regarding this topic, and has authored or coauthored several books in the field. Though he has been significantly involved in establishing security training and awareness programs through his company, Infracritical, he also works with several professional accreditation and educational institutions on the topics of homeland security, critical infrastructure protection and assurance, and cybersecurity.
Jacob Brodsky began his career in computing and telecommunications at the Washington Suburban Sanitary Commission (WSSC) as an instrumentation and telecommunications technician while attending evening classes at the Johns Hopkins University Whiting School of Engineering, from which he received a bachelors degree in electrical engineering. He has worked on every aspect of SCADA and control systems for the WSSC, from the assembly language firmware of the remote terminal unit to the communications protocols and the telecommunications networks, including frequency-division multiplexing analog and digital microwave radios, the data networks, systems programming, protocol drivers, humanmachine interface design, and programmable logic controller programming. He is a registered professional engineer of control systems in the state of Maryland, and has coauthored chapters on control systems for several books.
Lisainfo e-raamatute kohta