Most ebook files are in PDF format, so you can easily read them using various software such as Foxit Reader or directly on the Google Chrome browser.
Some ebook files are released by publishers in other formats such as .awz, .mobi, .epub, .fb2, etc. You may need to install specific software to read these formats on mobile/PC, such as Calibre.
Please read the tutorial at this link. https://ebooknice.com/page/post?id=faq
We offer FREE conversion to the popular formats you request; however, this may take some time. Therefore, right after payment, please email us, and we will try to provide the service as quickly as possible.
For some exceptional file formats or broken links (if any), please refrain from opening any disputes. Instead, email us first, and we will try to assist within a maximum of 6 hours.
EbookNice Team
Status:
Available4.5
35 reviews
ISBN 10: 194154682X
ISBN 13: 9781941546826
Author: Ronald L Krutz, PhD, PE
The use of cyber warfare as a prelude or substitute for conventional attacks has gone from conjecture to reality. The obvious targets of such assaults are a nation’s defense establishment, critical infrastructure, corporate intellectual property, government databases, and production capabilities. This text develops a novel approach to securing industrial automation and control systems by generating protection principles through merging and adapting the best industrial and governmental standards and practices. It: • Merges the fundamentals of information system security and the unique requirements of industrial automation and control systems • Outlines highly effective, structured defenses against real threats of cyberattack on critical infrastructure and essential manufacturing assets • Presents a clear and implementable formula to defend crucial elements such as refineries, chemical plants, manufacturing operations, power plants, transportation systems, and pipelines • Examines the extant and emerging standards and guidelines, including ANSI, ISA, IEC, NIST, and IEEE • Addresses the unique requirements of industrial automation and control systems
Chapter 1: Industrial Automation and Control System Fundamental Concepts
Industrial Automation and Control Systems
SCADA Systems
Distributed Control Systems
Safety Instrumented Systems
Industrial Automation and Control System Protocol Summary
The OSI Model
The TCP/IP Model
Object Linking and Embedding for Process Control
OPC Unified Architecture
Modbus/TCP Model
The Distributed Network Protocol
Utility Communications Architecture Version 2.0/IEC 61850
PROFIBUS
Controller Area Network
EtherNet/IP
openSAFETY Protocol
Issues in Industrial Automation and Control Systems Security
Summary
Review Questions for Chapter 1
References
Chapter 2: Information System Security Technology
Information System Security Fundamentals
Confidentiality
Integrity
Availability
Identification
Authentication
Authorization
Accountability
Auditing
Nonrepudiation
Related Terminology
Types and Classes of Attack
Additional System Security Concepts
Complete Mediation
Defense in Depth
Economy of Mechanism
Fail-Safe
Least Common Mechanism
Least Privilege
Leveraging Existing Components
Open Design
Psychological Acceptability
Separation of Duties
Weakest Link
Policies, Standards, Guidelines, and Procedures
Policies
Standards
Guidelines
Procedures
Malicious Code and Attacks
Viruses and Worms
Trojan Horse
Logic Bomb
Mobile Code
Back Door
Scanning
Man-in-the-Middle
Social Engineering
Guessing Passwords
Denial of Service/Distributed Denial of Service
Replay
Dumpster Diving
Firewalls
Packet-Filtering Firewall
Stateful Inspection
Application Firewall
Application-Proxy Gateway
Screened-Host Firewall
Dual-Homed Host Firewall
Screened-Subnet Firewalls
Cryptography
Symmetric Key Cryptography
Asymmetric Key Cryptography
Digital Signatures
Attacks Against Cryptosystems
Virtual Private Network
IPsec
Secure Sockets Layer
Summary
Review Questions for Chapter 2
References
Chapter 3: Industrial Automation and Control System Culture versus IT Paradigms
Differences in Culture, Philosophy, and Requirements
Considerations in Adapting IT Security Methods to Industrial Automation and Control Systems
Threats
Sensitivity of Industrial Automation and Control Systems to Upgrades and Modifications
IT and Industrial Automation and Control Systems Comparisons from a Standards Perspective
Summary
Review Questions for Chapter 3
References
Chapter 4: The Continuing Technological Evolution Affecting IAC Systems
Important Technological Trends
Home Area Networks
Energy Storage
Analytics
Cloud Computing
Privacy
Social Networks
Mobile Technology
Interoperability
The Smart Grid and Technological Trends
The Bulk Generation Domain
The Transmission Domain
The Distribution Domain
The Operations Domain
The Service Provider Domain
The Markets Domain
The Customer Domain
Advanced Metering Infrastructure
Energy Storage and Management of Stored Energy
Smart Grid Protocols
Mapping of Emerging Technology Issues onto an Example Automation System – The Smart Grid
Summary
Review Questions for Chapter 4
References
Chapter 5: Risk Management for Industrial Automation and Control Systems
Risk Management
ANSI/ISA-62443-2-1 (99.02.01)-2009 Cyber Security Management System
Risk Analysis
Addressing Risk
Monitoring and Improving the CSMS
NIST SP 800-39 Integrated Enterprise Risk Management
NIST SP 800-37 Risk Management Framework
Threats
The Insider Threat
Relevant IACS External Threats
Summary
Review Questions
References
Chapter 6: IAC Systems Security Methodologies and Approaches
Automation and Control System Security Standards and Guidelines
NIST Special Publication 800-53, Revision 4, Recommended Security Controls for Federal Information Systems
Minimum Assurance Requirements – Low-Impact Systems
Minimum Assurance Requirements – Moderate-Impact Systems
Minimum Assurance Requirements – High-Impact Systems
NIST Special Publication 800-82, Guide to Industrial Control Systems Security
Network Segmentation and Segregation
ICS Security Controls
NIST 800-53 Control Families
Appendix G – ICS Overlay
ANSI/ISA-62443-1-1 (99.01.01)-2007, Security Technologies for Industrial Automation and Control Systems
Authentication and Authorization
Filtering/Blocking/Access Control
Encryption Technologies Data Validation
Management, Audit, Measurement, Monitoring, and Detection
Industrial Automation and Control Systems Computer Software
Physical Security Controls
Personnel Security Controls
North American Electric Reliability Corporation, Critical Infrastructure Protection Cyber Security Standards
Department of Homeland Security, Catalog of Control Systems Security: Recommendations for Standards Developers
AMI System Security Requirements
Identification (FID)
Consolidation of Best Practices Controls for Industrial Automation and Control Systems
Summary
Review Questions for Chapter 6
References
Chapter 7: Industrial Automation and Control System Security Training
Background
Training Sources and Approaches
Idaho National Laboratory
Sandia National Laboratories
International Society of Automation
U.S. Computer Emergency Readiness Team
SANS
National Initiative for Cybersecurity Education
National Security Agency and the Department of Homeland Security National Centers of Academic Excellence
Training Support Guidelines
NIST Special Publication 800-50
NIST Special Publication 800-16
Common Training Subjects
Summary
Review Questions for Chapter 7
References
Chapter 8: Industrial Automation and Control System Trends, Approaches, and Issues
Automation and Control System Trends
Penetration Testing of Industrial Automation and Control Systems
Formal Methods Used to Quantify and Standardize Important Concepts and Applications
ISCM Strategy
The Smart Grid Maturity Model (SGMM)
Automation Maturity Model
Future Smart Grid Issues and Automation Security Issues
Smart Grid Electromagnetic Radiation Issues
NIST 7628
Summary
Review Questions for Chapter 8
References
Chapter 9: Emerging Approaches to Industrial Automation and Control System Security
Internet of Things
Open Platform Communications Unified Architecture
Industry 4.0
Security and Privacy
OWASP IoT Security Categories
Big Data Analytics and the Industrial Internet of Things
Industrial Internet of Things
The NIST Cyber-Physical Systems (CPS) Framework
CPS and Cybersecurity
Critical Infrastructure Security
Framework Fundamentals
Framework Feedback
Software-Defined Elements
Summary
Review Questions for Chapter 9
References
Appendix A: Review Questions and Answers
Appendix B: ICS Supplemental Guidance for NIST SP 800-53 Security Controls
Glossary and Acronyms
Bibliography
Index
Tags: Ronald L Krutz, PhD, PE, Industrial, Automation
5.0
32 reviews
4.6
12 reviews
4.7
9 reviews
4.6
27 reviews
5.0
5 reviews