Muutke küpsiste eelistusi

E-raamat: Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems

3.72/5 (72 hinnangut Goodreads-ist)
(Director
Strategic Alliances for Wurldtech Security Technologies), (Director of Critical Infrastructure and SCADA Representative
Cyber Security Forum Initiative, USA)
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 28-Sep-2011
  • Kirjastus: Syngress Media,U.S.
  • Keel: eng
  • ISBN-13: 9781597496469
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 32,23 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control SystemsSuurem pilt
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 28-Sep-2011
  • Kirjastus: Syngress Media,U.S.
  • Keel: eng
  • ISBN-13: 9781597496469
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems covers implementation guidelines for security measures of critical infrastructure. The book describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented. It also discusses common pitfalls and mistakes and how to avoid them. After reading this book, students will understand and address the unique security concerns that face the world's most important networks.

This book examines the unique protocols and applications that are the foundation of industrial control systems and provides comprehensive guidelines for their protection. Divided into 11 chapters, it explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also explores industrial networks as they relate to "critical infrastructure" and cyber security; potential risks and consequences of a cyber attack against an industrial control system; compliance controls in relation to network security practices; industrial network protocols such as Modbus and DNP3; assessment of vulnerabilities and risk; how to secure enclaves; regulatory compliance standards applicable to industrial network security; and common pitfalls and mistakes, like complacency and deployment errors.

This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines. It will also appeal to IT and security professionals working on networks and control systems operations.

Arvustused

"One of the most mysterious areas of information security is industrial system security...What raises the mystery even higher is that the stakes in the area of industrial security are extremely high. While the loss of trade secret information may kill a business, the loss of electricity generating capability may kill not just one person, but potentially thousands. And finally the mystery is solvedwith this well-researched book on industrial system network security." --Dr. Anton A. Chuvakin, Security Warrior Consulting

"For those looking to get a handle on how to effectively secure critical infrastructure networks, Industrial Network Security is an excellent reference The reality is that industrial system security can be effectively secured, and the book shows the reader exactly how to do that. In 11 densely written chapters, the book covers all of the necessary areas in which to secure critical infrastructure systems For those looking for a solid overview of the topic, Industrial Network Security is an excellent reference." --Security Management

About the Author xiii
About the Technical Editor xv
Foreword xvii
Chapter 1 Introduction
1(6)
Book Overview and Key Learning Points
1(1)
Book Audience
1(1)
Diagrams and Figures
2(1)
The Smart Grid
2(1)
How This Book Is Organized
3(2)
Chapter 2 About Industrial Networks
3(1)
Chapter 3 Introduction to Industrial Network Security
4(1)
Chapter 4 Industrial Network Protocols
4(1)
Chapter 5 How Industrial Networks Operate
4(1)
Chapter 6 Vulnerability and Risk Assessment
4(1)
Chapter 7 Establishing Secure Enclaves
4(1)
Chapter 8 Exception, Anomaly, and Threat Detection
4(1)
Chapter 9 Monitoring Enclaves
5(1)
Chapter 10 Standards and Regulations
5(1)
Chapter 11 Common Pitfalls and Mistakes
5(1)
Conclusion
5(2)
Chapter 2 About Industrial Networks
7(24)
Industrial Networks and Critical Infrastructure
7(5)
Critical Infrastructure
8(3)
Critical versus Noncritical Industrial Networks
11(1)
Relevant Standards and Organizations
12(6)
Homeland Security Presidential DirectiveSeven/HSPD-7
12(1)
NIST Special Publications (800 Series)
13(1)
NERC CIP
13(1)
Nuclear Regulatory Commission
13(2)
Federal Information Security Management Act
15(1)
Chemical Facility Anti-Terrorism Standards
16(1)
ISA-99
17(1)
ISO 27002
18(1)
Common Industrial Security Recommendations
18(7)
Identification of Critical Systems
18(2)
Network Segmentation/Isolation of Systems
20(3)
Defense in Depth
23(1)
Access Control
24(1)
The Use of Terminology Within This Book
25(3)
Networks, Routable and Non-routable
25(1)
Assets, Critical Assets, Cyber Assets, and Critical Cyber Assets
25(1)
Enclaves
26(1)
Electronic Security Perimeters
27(1)
Summary
28(1)
Endnotes
28(3)
Chapter 3 Introduction to Industrial Network Security
31(24)
The Importance of Securing Industrial Networks
31(3)
The Impact of Industrial Network Incidents
34(2)
Safety Controls
34(1)
Consequences of a Successful Cyber Incident
35(1)
Examples of Industrial Network Incidents
36(5)
Dissecting Stuxnet
38(3)
Night Dragon
41(1)
APT and Cyber War
41(11)
The Advanced Persistent Threat
43(1)
Cyber War
44(1)
Emerging Trends in APT and Cyber War
45(4)
Still to Come
49(1)
Defending Against APT
50(1)
Responding to APT
50(2)
Summary
52(1)
Endnotes
53(2)
Chapter 4 Industrial Network Protocols
55(34)
Overview of Industrial Network Protocols
55(1)
Modbus
56(5)
What It Does
56(1)
How It Works
57(1)
Variants
58(1)
Where It Is Used
59(1)
Security Concerns
59(1)
Security Recommendations
60(1)
ICCP/TASE.2
61(5)
What It Does
62(1)
How It Works
62(1)
Where It Is Used
63(1)
Security Concerns
63(1)
Security Improvements over Modbus
64(1)
Security Recommendations
65(1)
DNP3
66(7)
What It Does
66(1)
How It Works
67(2)
Secure DNP3
69(1)
Where It Is Used
70(1)
Security Concerns
71(1)
Security Recommendations
72(1)
OLE for Process Control
73(5)
What It Does
73(1)
How It Works
74(1)
OPC-UA and OPC-XI
75(1)
Where It Is Used
75(1)
Security Concerns
75(2)
Security Recommendations
77(1)
Other Industrial Network Protocols
78(5)
Ethernet/IP
78(1)
Profibus
79(1)
EtherCAT
80(1)
Ethernet Powerlink
81(1)
SERCOS III
82(1)
AMI and the Smart Grid
83(2)
Security Concerns
84(1)
Security Recommendations
85(1)
Summary
85(1)
Endnotes
86(3)
Chapter 5 How Industrial Networks Operate
89(22)
Control System Assets
89(8)
IEDs
89(1)
RTUs
90(1)
PLCs
90(3)
HMIs
93(1)
Supervisory Workstations
94(1)
Data Historians
94(2)
Business Information Consoles and Dashboards
96(1)
Other Assets
96(1)
Network Architectures
97(1)
Topologies Used
98(2)
Control System Operations
100(6)
Control Loops
101(1)
Control Processes
102(1)
Feedback Loops
103(1)
Business Information Management
104(2)
Control Process Management
106(1)
Smart Grid Operations
107(2)
Summary
109(1)
Endnotes
109(2)
Chapter 6 Vulnerability and Risk Assessment
111(36)
Basic Hacking Techniques
111(12)
The Attack Process
112(4)
Targeting an Industrial Network
116(6)
Threat Agents
122(1)
Accessing Industrial Networks
123(9)
The Business Network
124(2)
The SCADA DMZ
126(1)
The Control System
127(1)
Common Vulnerabilities
127(5)
The Smart Grid
132(1)
Determining Vulnerabilities
132(8)
Why Vulnerability Assessment Is Important
133(4)
Vulnerability Assessment in Industrial Networks
137(1)
Vulnerability Scanning for Configuration Assurance
138(1)
Where to Perform VA Scans
139(1)
Cyber Security Evaluation Tool
140(1)
Vulnerability Management
140(4)
Patch Management
141(2)
Configuration Management
143(1)
Device Removal and Quarantine
144(1)
Summary
144(1)
Endnotes
145(2)
Chapter 7 Establishing Secure Enclaves
147(42)
Identifying Functional Groups
148(13)
Network Connectivity
149(1)
Control Loops
149(1)
Supervisory Controls
150(1)
Control Processes
151(1)
Control Data Storage
152(1)
Trading Communications
153(1)
Remote Access
154(1)
Users and Roles
155(1)
Protocols
156(1)
Criticality
156(3)
Using Functional Groups to Identify Enclaves
159(2)
Establishing Enclaves
161(5)
Identifying Enclave Perimeters
161(3)
Network Alterations
164(1)
Enclaves and Security Policy Development
164(1)
Enclaves and Security Device Configurations
164(2)
Securing Enclave Perimeters
166(15)
Selecting Perimeter Security Devices
166(3)
Implementing Perimeter Security Devices
169(3)
Intrusion Detection and Prevention (IDS/IPS) Configuration Guidelines
172(9)
Securing Enclave Interiors
181(4)
Selecting Interior Security Systems
183(2)
Summary
185(1)
Endnotes
186(3)
Chapter 8 Exception, Anomaly, and Threat Detection
189(26)
Exception Reporting
190(2)
Behavioral Anomaly Detection
192(7)
Measuring Baselines
192(2)
Anomaly Detection
194(5)
Behavioral Whitelisting
199(6)
User Whitelists
199(1)
Asset Whitelists
200(2)
Application Behavior Whitelists
202(3)
Threat Detection
205(8)
Event Correlation
206(5)
Correlating between IT and OT Systems
211(2)
Summary
213(1)
Endnotes
213(2)
Chapter 9 Monitoring Enclaves
215(34)
Determining What to Monitor
216(13)
Security Events
217(1)
Assets
218(2)
Configurations
220(1)
Applications
221(1)
Networks
222(1)
User Identities and Authentication
223(2)
Additional Context
225(3)
Behavior
228(1)
Successfully Monitoring Enclaves
229(7)
Log Collection
229(1)
Direct Monitoring
230(1)
Inferred Monitoring
230(3)
Information Collection and Management Tools (Log Management Systems, SIEMs)
233(3)
Monitoring Across Secure Boundaries
236(1)
Information Management
236(6)
Queries
237(3)
Reports
240(1)
Alerts
241(1)
Incident Investigation and Response
241(1)
Log Storage and Retention
242(3)
Nonrepudiation
242(1)
Data Retention/Storage
242(1)
Data Availability
243(2)
Summary
245(1)
Endnotes
246(3)
Chapter 10 Standards and Regulations
249(54)
Common Standards and Regulations
250(4)
NERC CIP
250(1)
CFATS
251(1)
ISO/IEC 27002:2005
252(1)
NRC Regulation 5.71
253(1)
NIST SP 800-82
253(1)
Mapping Industrial Network Security to Compliance
254(39)
Perimeter Security Controls
255(1)
Host Security Controls
255(24)
Security Monitoring Controls
279(14)
Mapping Compliance Controls to Network Security Functions
293(1)
Common Criteria and FIPS Standards
293(7)
Common Criteria
293(7)
FIPS 140-2
300(1)
Summary
300(1)
Endnotes
300(3)
Chapter 11 Common Pitfalls and Mistakes
303(10)
Complacency
303(2)
Vulnerability Assessments vs. Zero-Days
303(1)
Real Security vs. Policy and Awareness
304(1)
The Air Gap Myth
304(1)
Misconfigurations
305(3)
Default Accounts and Passwords
306(1)
Lack of Outbound Security and Monitoring
306(1)
The Executive Override
307(1)
The Ronco Perimeter
307(1)
Compliance vs. Security
308(2)
Audit Fodder
308(1)
The "One Week Compliance Window"
309(1)
Scope and Scale
310(2)
Project-Limited Thinking
310(1)
Insufficiently Sized Security Controls
311(1)
Summary
312(1)
Endnotes
312(1)
Glossary 313(10)
Appendix A 323(2)
Appendix B 325(4)
Appendix C 329(2)
Index 331
Eric Knapp is a globally recognized expert in industrial control systems cyber security and continues to drive the adoption of new security technology to promote safer and more reliable automation infrastructures. He first specialized in ICS cyber security while at Nitrosecurity, where he focused on threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee in his role as Global Director for Critical Infrastructure Markets. He is currently Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology to better protect SCADA, ICS and other connected, real-time devices. In addition to his work in information security, he is an award-winning author of fiction. He studied at the University of New Hampshire and the University of London. Joel Langill is the SCADAhacker.His expertise was developed over nearly 30 years through in-depth, comprehensiveindustrial control systems architecture, product development, implementation, upgrade, andremediation in a variety ofroles covering manufacturing of consumer products, oil, and gas, including petroleum refining, automation solution sales and development, and system engineering. His employers include major companies such as General Electric, Shell Oil Company, Honeywell Process Solutions, and ENGlobal Automation, offering him rare and insightful expertise in the risks and mitigation of cyber vulnerabilities in industrial control systems. He is a Certified Ethical Hacker, Certified Penetration Test, Cisco Certified Network Associate, and TÜV Functional Safety Engineer. Joel is also a proud member of the Milwaukee Chapter of InfraGard.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97815974964696e.html
Märksõnad: