Opis: Cybersecurity for Industrial Control Systems - Bryan Singer, Tyson Macaulay

As industrial control systems (ICS), including SCADA, DCS, and other process control networks, become Internet-facing, they expose crucial services to attack. Threats like Duqu, a sophisticated worm found in the wild that appeared to share portions of its code with the Stuxnet worm, emerge with increasing frequency. Explaining how to develop and implement an effective cybersecurity program for ICS, Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS provides you with the tools to ensure network security without sacrificing the efficiency and functionality of ICS. Highlighting the key issues that need to be addressed, the book begins with a thorough introduction to ICS. It discusses business, cost, competitive, and regulatory drivers and the conflicting priorities of convergence. Next, it explains why security requirements differ from IT to ICS. It differentiates when standard IT security solutions can be used and where SCADA-specific practices are required. The book examines the plethora of potential threats to ICS, including hi-jacking malware, botnets, spam engines, and porn dialers. It outlines the range of vulnerabilities inherent in the ICS quest for efficiency and functionality that necessitates risk behavior such as remote access and control of critical equipment. Reviewing risk assessment techniques and the evolving risk assessment process, the text concludes by examining what is on the horizon for ICS security, including IPv6, ICSv6 test lab designs, and IPv6 and ICS sensors. I had high hopes for this book since Bryan Singer is very experienced in ICS, ICS security, and IT security - and Bryan and co-author Tyson McCauley did not disappoint. To date this is clearly the best book on ICS Security by far. The two best things about this book are: 1) They got the facts right about both ICS and IT security. This is not as easy as it sounds as most books have failed or been simplistic in one area or another. 2) They provided the background information for a beginner to understand, but followed that up with significant technical detail and examples. It's a good book for a beginner or intermediate in either area, and even those with years of experience in both areas will learn something. For me the best new info was the Overall Equipment Effectiveness (OEE) and Security OEE as a future risk assessment technique in Chapter 4. ... I could go on and on as I highlighted sentences throughout the chapter and was muttering yes as I read. ... This is clearly the book to get or give if you want to read about ICS security today. -Dale G Peterson, writing on www.digitalbond.com (For the full review, visit: http://www.digitalbond.com/2012/03/27/4-star-review-for-mccauleysinger-book-cybersecurity-for-ics/#more-11213)Introduction Where This Book Starts and Stops Our Audience What Is an Industrial Control System? Is Industrial Control System Security Different Than Regular IT Security? Where Are ICS Used? ICS Compared to Safety Instrumented Systems What Has Changed in ICS That Raises New Concerns? Naming, Functionality, and Components of Typical ICS / SCADA Systems Analogue versus IP Industrial Automation Convergence 101: It's Not Just Process Data Crowding onto IP Convergence by Another Name Taxonomy of Convergence The Business Drivers of IP Convergence Cost Drivers Competitive Drivers Regulatory Drivers The Conflicting Priorities of Convergence ICS Security Architecture and Convergence The Discussions to Follow in This Book Endnotes Threats to ICS Threats to ICS: How Security Requirements Are Different from ICS to IT Threats to ICS Threat-To and Threat-From The Most Serious Threat to ICS Hi-Jacking Malware No Room for Amateurs Taxonomy of Hi-Jacking Malware and Botnets The Reproductive Cycle of Modern Malware A Socks 4/Sock 5/HTTP Connect Proxy SMTP Spam Engines Porn Dialers Conclusions on ICS Threats Endnotes ICS Vulnerabilities ICS Vulnerability versus IT Vulnerabilities Availability, Integrity, and Confidentiality Purdue Enterprise Reference Architecture (PERA)1 Data at Rest, Data in Use, Data in Motion Distinguishing Business, Operational, and Technical Features of ICS ICS Vulnerabilities Taxonomy of Vulnerabilities ICS Technical Vulnerability Class Breakdown IT Devices on the ICS Network Interdependency with IT Green Network Stacks Protocol Inertia Limited Processing Power and Memory Size Storms/DOS of Various Forms Fuzzing MITM and Packet Injection Summary Endnotes Risk Assessment Techniques Introduction Contemporary ICS Security Analysis Techniques INL National SCADA Test Bed Program: Control System Security Assessment INL Vulnerability Assessment Methodology INL Metrics-Based Reporting for Risk Ass CCSP Cyber Security Evaluation Tool (CSET)8 Evolving Risk Assessment Processes Security Assurance Level SAL-Based Assessments SAL Workflow Future of SAL Security OEE Putting OEE Metrics Together Network-Centric Compromise Indicators Other Network Infrastructure That Can Be Used for Network-Centric Analysis and ICS Security Network-Centric Assessment Caveats Conclusion Endnotes What Is Next in ICS Security? The Internet of Things (IOT) IPv6 ICS v6 Test Lab Designs IPv6 and ICS Sensors A Few Years Yet... Endnotes

Szczegóły: Cybersecurity for Industrial Control Systems - Bryan Singer, Tyson Macaulay

Tytuł: Cybersecurity for Industrial Control Systems
Autor: Bryan Singer, Tyson Macaulay
Wydawnictwo: Auerbach Publishers Inc.
ISBN: 9781439801963
Rok wydania: 2010
Ilość stron: 203
Oprawa: Twarda
Waga: 0.48 kg

Recenzje: Cybersecurity for Industrial Control Systems - Bryan Singer, Tyson Macaulay