Cyber security of SCADA and Other Industrial Control Systems 1st Edition by Edward Colbert, Alexander Kott ISBN 9783319321257 3319321250
Original price was: $50.00.$35.00Current price is: $35.00.
Authors:Edward J. M. Colbert, Alexander Kott , Series:Computer Science [34] , Tags:Computers / Information Technology Computers / Networking / General Computers / Networking / Hardware Computers / Online Services Computers / Security / General Language Arts & Disciplines / Library & Information Science / General , Author sort:Edward J. M. Colbert, Alexander Kott , Languages:Languages:eng , Published:Published:Aug 2016 , Publisher:Springer , Comments:Comments:This book provides a comprehensive overview of the fundamental security of Industrial Control Systems (ICSs), including Supervisory Control and Data Acquisition (SCADA) systems and touching on cyber-physical systems in general. Careful attention is given to providing the reader with clear and comprehensive background and reference material for each topic pertinent to ICS security. This book offers answers to such questions as: Which specific operating and security issues may lead to a loss of efficiency and operation? What methods can be used to monitor and protect my system? How can I design my system to reduce threats?This book offers chapters on ICS cyber threats, attacks, metrics, risk, situational awareness, intrusion detection, and security testing, providing an advantageous reference set for current system owners who wish to securely configure and operate their ICSs. This book is appropriate for non-specialists as well. Tutorial information is provided in two initial chapters and in the beginnings of other chapters as needed. The book concludes with advanced topics on ICS governance, responses to attacks on ICS, and future security of the Internet of Things.
Cyber security of SCADA and Other Industrial Control Systems 1st Edition by Edward Colbert, Alexander Kott – Ebook PDF Instant Download/Delivery. 9783319321257 ,3319321250
Full download Cyber security of SCADA and Other Industrial Control Systems 1st Edition after payment
Product details:
ISBN 10: 3319321250
ISBN 13: 9783319321257
Author: Edward Colbert, Alexander Kott
Cyber security of SCADA and Other Industrial Control Systems 1st Edition Table of contents:
Chapter 1: Introduction and Preview
1.1 The Structure and Functions of an ICS
1.1.1 Key Segments of an ICS
1.1.2 Safety and Reliability in ICS
1.1.3 Security of ICS Field Network Components
1.2 Preview of this Book
References
Chapter 2: Components of Industrial Control Systems
2.1 Introduction
2.2 Industrial Control System Functional Components
2.2.1 Programmable Logic Controller
2.2.2 Remote Terminal Unit
2.2.3 Intelligent Electronic Device
2.2.4 Engineering Workstation
2.2.5 Human Machine Interface
2.2.6 Data Historian
2.2.7 Communications Gateways
2.2.8 Front End Processor
2.2.9 ICS Field Devices
2.3 Types of ICS
2.3.1 Process Control System
2.3.2 Safety Instrumented System
2.3.3 Distributed Control System
2.3.4 Building Automation System
2.3.5 Supervisory Control and Data Acquisition
2.3.6 Energy Management System
2.3.7 Other Type of ICSs
References
Chapter 3: Wireless Infrastructure in Industrial Control Systems
3.1 Introduction
3.2 Wireless Technologies for ICSs
3.2.1 WirelessHART
3.2.2 ISA 100.11a Standard
3.2.3 Z-Wave
3.2.4 Zigbee
3.2.5 Bluetooth
3.2.6 Microwave
3.2.7 Satellite
3.3 Cyber and Physical Threats to Wireless ICSs
3.3.1 Generic Threat Model
3.3.2 Specific Threats for Wireless ICS Technologies
3.3.3 Desired Security Mechanisms
3.3.4 Additional Security Mechanisms
3.4 Integration of Wireless Technologies to an Existing ICS Infrastructure: Smart Grid and Micro
3.4.1 FIU Smart Grid Testbed
3.4.2 Test Case: Handling Islanding Situation via Wireless Communication
3.5 Summary and Conclusions
References
Chapter 4: Operational Technology and Information Technology in Industrial Control Systems
4.1 Introduction
4.2 Difference Between IT and OT
4.2.1 Operational
4.2.1.1 Operational Objectives
Safety
Environmental
Societal Dependencies
Physical Infrastructure
4.2.1.2 High Availability Requirements
4.2.1.3 Geographic Location
4.2.2 Technological
4.2.2.1 Limited Support for Security Mechanisms
4.2.2.2 Embedded Systems
4.2.2.3 Network Protocols
4.2.2.4 Real-Time Performance
4.2.2.5 Legacy and Esoteric Technologies
4.2.2.6 Cyber-Physical Risk Analysis
4.2.3 Managerial
4.2.3.1 Long Lifecycle
4.2.3.2 Financial Investments
4.2.3.3 Vendors & Procurement
4.2.3.4 Managerial Domains
4.3 Convergence of IT Technologies into ICSs
4.3.1 Mobile Computing
4.3.2 Cloud Computing
4.3.3 Internet of Things and Smart Cities
4.4 Summary and Conclusions
References
Chapter 5: Threats in Industrial Control Systems
5.1 Introduction
5.2 The ICS Threat Landscape: A Paradigm Shifted
5.3 Organizational Threats
5.3.1 The Executive Level
5.3.2 The Chief Information Security Officer
5.3.3 Cultural Differences
5.3.4 Education and Training
5.3.5 Depreciation Cycle
5.3.6 ICT Security Standards
5.3.7 Procurement
5.4 Architecture and Technology Threats
5.4.1 Old Technology
5.4.2 Insecurity by Design
5.4.3 New functionality for Old Packaging
5.4.4 Protocols
5.5 Networking and Telecommunications
5.5.1 Operational Environment
5.5.2 Remote Network Access
5.5.3 Dependencies of ICT Systems
5.5.4 Direct Connection to the Internet
5.6 Human Factors
5.6.1 User Awareness
5.6.2 Policies and Procedures
5.6.3 Disgruntled Employees
5.7 Operations and maintenance of ICS
5.7.1 Passwords
5.7.2 Who Is “Empowered”?
5.7.3 Change Management
5.7.4 Patching
5.7.5 Malware Protection
5.7.6 Hardware Access and Networking
5.8 The ICS Environment
5.8.1 Physical Security
5.8.2 Dependencies
5.8.3 Third Parties on Site
5.8.4 Remote Access
5.9 Summary and Conclusions
References
Chapter 6: Attacks on Industrial Control Systems
6.1 Introduction
6.2 Overview
6.2.1 Known Attacks
6.2.2 General Attack Methods
6.2.3 Rootkits
6.2.4 Example Notional System
6.2.5 Capture the Flag and ICS-CERT
6.3 Stuxnet Attack
6.3.1 Background
6.3.2 Deployment and Propagation
6.3.3 Effects
6.4 Summary and Conclusions
References
Chapter 7: Security Taxonomies of Industrial Control Systems
7.1 Introduction
7.2 Overview
7.2.1 Taxonomy Examples
7.2.2 Vulnerability Taxonomies
7.2.3 Attack Taxonomies
7.2.3.1 Attack-Vulnerability-Damage Model (Fleury et al. 2008)
7.2.3.2 A Taxonomy of Targeted Attack (Line et al. 2014)
7.2.3.3 Taxonomy of Cyber Attacks on SCADA Systems (Zhu et al 2011)
7.2.4 Comparison of Taxonomy Area of Interest
7.3 Emerging Developments and Research
7.3.1 A Proposed Taxonomy for Vulnerabilities
7.3.2 Ontological Approaches to SCADA Vulnerabilities or Attacks
7.3.3 Cyber Attacker Taxonomy
7.3.3.1 Incident-Based Matrix
7.4 Future Developments and Directions
7.5 Summary and Conclusions
References
Chapter 8: Cyber Risk in Industrial Control Systems
8.1 Introduction
8.2 Approaches to Risk Modeling and Analysis
8.2.1 Expert Elicited Models
8.2.2 Attack Graphs
8.2.3 Games
8.2.4 Petri Nets
8.2.5 Stochastic Cyber Attack Models with Petri Nets
8.3 Petri Nets for Control Systems
8.3.1 Attack Model
8.3.2 Computing State Reachability
8.3.3 Reachability under Monotonicity
8.3.4 Measuring Risk
8.3.5 Backtracking for Risk Management Planning
8.4 An Example Petri Net Analysis of a Control System
8.5 Summary and Conclusions
References
Chapter 9: Security Metrics in Industrial Control Systems
9.1 Introduction
9.2 Motivation
9.3 Background on Resilience Metrics
9.3.1 What Makes a Good Metric?
9.3.2 Metrics for IT Systems
9.3.3 Metrics for ICS Networks
9.4 Approaches for ICS Metrics
9.4.1 Cyber Resilience Matrix Example
9.4.2 Network Simulation Example
9.5 Tips for Generating Metrics
9.5.1 Generalized Metric Development Process
9.5.2 Best Practices in Metric Development and Validation
9.6 Summary and Conclusions
References
Chapter 10: Situational Awareness in Industrial Control Systems
10.1 Introduction
10.2 Cyber-Physical Systems are Complex
10.3 SA as a Human-driven Process
10.4 Cyber Kill Chain: Adversarial Reasoning
10.5 Stuxnet Through the Cyber Kill Chain: An ICS Example
10.5.1 Phase 1: Recon and Probing—Stuxnet Development
10.5.2 Phase 2: Stuxnet Delivery
10.5.3 Phase 3: Exploiting SCADA Systems
10.5.4 Phases 4 and 5: Stuxnet’s Foothold and Control
10.5.5 Phase 6: Stuxnet in Action
10.6 Guidelines
10.6.1 Expertise of the Operator(s) Responsible for Developing SA
10.6.2 Sensors and Data
10.6.3 System Documentation, Assessment, and “Blue Teaming”
10.6.4 Automation
10.6.5 Limiting Human Actions and Physical Parameter Controls
10.7 Summary and Conclusions
References
Chapter 11: Intrusion Detection in Industrial Control Systems
11.1 Introduction
11.2 Background
11.2.1 Motivation for Intrusion Detection Systems (IDSs) in Industrial Control Systems (ICSs)
11.2.2 Early Intrusion Detection Systems
11.2.3 Evolution from Early to Modern IDSs
11.3 Modern Intrusion Detection Techniques
11.3.1 Host-Based Intrusion Detection Systems (HIDS)
11.3.2 Network-Based Intrusion Detection Systems (NIDS)
11.3.2.1 Signature-Based Intrusion Detection Methods
11.3.2.2 Non-signature-Based Intrusion Detection Methods
11.3.2.3 Methods Used in Practice
11.4 Intrusion Detection in ICSs
11.4.1 Anatomy of An Industrial Control System
11.4.2 Host-Based Intrusion Detection Systems (HIDS) in ICSs
11.4.3 Network-Based Intrusion Detection Systems (NIDS) in ICSs
11.4.3.1 Signature-Based Intrusion Detection Methods in ICSs
11.4.3.2 Non-Signature-Based Intrusion Detection Methods in ICSs
Early Examples (Before 2010)
Recent Examples (2010 or After)
11.5 Process-Oriented Intrusion Detection
11.5.1 Overview
11.5.1.1 Semantic Security Modeling from Network Traffic Data
11.5.1.2 ARL Collaborative Modeling using SME Input, Network Traffic Data, and Process Monitoring D
11.5.2 ARL Collaborative Intrusion Detection: A Case Study of a Sample Plant
11.5.2.1 Background: Description of a Plant
Physical Plant Model
Implementation: Electronic Plant Model
Plant Control Network
Human Machine Interface (HMI)
PLC/Regulator (PID Controller)
Network Traffic Monitor
Independent High-Speed Sensor
11.5.2.2 Configuration of Plan Security Monitoring Model
Inference of Critical Values from Network Traffic Data
Determination of Critical Values from SME Input and Network Traffic Data
Model Refinement and Verification using Network Traffic Data
Model Refinement and Verification using Out-of-Band Data (High speed sensor)
11.5.2.3 Intrusion Detection Alerting
11.6 Summary and Conclusions
References
Chapter 12: Cyber Physical Intrusion Detection
12.1 Introduction
12.2 Leveraging Physical Monitoring in ICS Cybersecurity
12.3 Example—SCADA Cybersecurity Monitoring Using Power Fingerprinting
12.3.1 Monitoring Physical Side-Channels to Detect Malicious Intrusions and Unauthorized Execution
12.3.2 Integrity Assessment and Intrusion Detection
12.3.3 Characterization
12.3.4 PFP Advantages and Limitations
12.4 Case Study: Siemens S7-1200 Monitoring
12.4.1 The System
12.4.2 Baseline Reference Extraction
12.4.3 Detection Performance
12.5 Future Developments
12.6 Summary and Conclusions
References
Chapter 13: Experimental Methods for Control System Security Research
13.1 Introduction
13.2 Overview of the Approaches
13.2.1 Live, Virtual, Constructive
13.2.1.1 Real Time Digital Simulator (RTDS)
13.2.1.2 Critical Infrastructure Protection and Resiliency Simulator (CIPR/sim)
13.2.2 The Need for Cyber Analysis
13.2.2.1 Threat Analysis
13.2.2.2 LVC Supports Cyber Fidelity Requirements
13.2.2.3 Advanced Modeling Support for SCADA and ICS Applications
13.2.3 Modeling Methodology Applied to Industrial Control and SCADA Systems
13.2.3.1 Obtaining Modeled System Specification
13.3 Modeling Industrial Control and SCADA Systems Using Hybrid Testbed
13.3.1 Simulated and Emulated Devices Used in the Hybrid Testbed Experiment
13.3.1.1 Device Model: Simulated
13.3.1.2 Device Model: Emulated
13.3.1.3 Device Model: Physical
13.3.2 Industrial Control and SCADA Systems Security Assessment Demonstration Experiment and Setup
13.3.2.1 Global Internet-like System
13.3.2.2 Enterprise Networked Information Systems
13.3.2.3 Supervisory Control and Data Acquisition (SCADA) System
13.3.2.4 Models, Simulations, and Emulations Used in Demonstration Experiment
Device Representations
Application and Traffic Representations
13.3.3 Industrial Control and SCADA Systems Security Assessment Demonstration Experiment—Security
13.3.3.1 Analysis of Cyber-Attacks Targeting the Business Network
13.3.3.2 Analysis of Cyber-Attacks Against the Control System Network
13.3.4 Data Collection and Analytics in Hybrid Testbed Experiments
13.4 Summary and Conclusions
References
Chapter 14: Governance and Assessment Strategies for Industrial Control Systems
14.1 Introduction
14.2 Overview
14.2.1 A Motivating Story
14.2.2 Some Definitions
14.2.3 Purpose of Governance
14.2.4 Groups Issuing ICS Governance
14.2.5 ICS Assessments
14.3 Examples of ICS Assessment Processes
14.3.1 NIST Cybersecurity Framework
14.3.2 Department of Energy (DoE) and DHS Cyber Capability Maturity Model (C2M2)
14.3.3 Robust ICS Planning & Evaluation (RIPE) Framework
14.3.4 DHS ICS Cyber Emergency Response Team (CERT) Cyber Security Evaluation Tool (CSET)
14.3.5 Overview of Assessment Methodologies
14.4 Summary and Conclusions
References
Chapter 15: Responding to Attacks on Industrial Control Systems and SCADA Systems
15.1 Introduction
15.2 Cyber Warfare
15.2.1 Jus ad bellum (“Right to War”)
15.2.2 Use of Force
15.2.3 Schmitt Analytical Framework
15.2.4 Mitigation and Response
15.3 Case Study Analyses for Use of Force
15.3.1 China Case Study
15.3.2 Iran Case Study
15.3.3 Havex Case Study
15.4 Summary and Conclusions
References
Chapter 16: In Conclusion: The Future Internet of Things and Security of Its Control Systems
16.1 Introduction
16.2 Overview of Change in Control Systems
16.2.1 Industrial Revolution: Earliest Times to the Present
16.2.2 Sustainability of an Industrial Enterprise
16.2.2.1 Economic Factors
16.2.2.2 Environmental Factors
16.2.2.3 Social Factors
16.2.2.4 The Future
16.2.3 The Internet of Things (IoT)
16.2.3.1 Global Development of the IIoT
16.2.3.2 Expected Impact
16.3 Game Changers in the Future ICS and IoT Security
16.3.1 Construction of the Future IoT
16.3.1.1 Devices
Miniaturization of End Devices and Sensors
Mobility and Wearable Devices
16.3.1.2 Materials and Material Processes
Advances in Materials
3D Manufacturing
16.3.1.3 Automation and Robotics
Automation and Artificial Intelligence
Robotics
Nanobots
16.3.1.4 Software
Software and Applications
16.3.2 Users of the Future IoT
16.3.2.1 Industrial Plant Users
Plant Control Methods
Data Transfer Media in Plants
Smart Sensors
The Network Layer
16.3.2.2 Consumers
16.3.3 Support for the Future IoT
16.3.3.1 Computing and Infrastructure
Industrial Control Efficiency
Networks and Infrastructure
New Territories for Network Complexity
Computing and Cloud Services
New Computing Paradigms
16.3.3.2 Government and Industry Guidance and Collaboration
16.4 Predictions and Potential Solutions
16.4.1 Resilient Self-Adaption
16.4.2 Mixed-Trust Systems
16.4.3 Big Data Analytics
16.4.4 Proactive Threat Responsiveness
16.5 Summary and Conclusions
References
People also search for Cyber security of SCADA and Other Industrial Control Systems 1st Edition:
cyber security of scada and other industrial control systems pdf
what is industrial cyber security
industrial control systems cyber security jobs
industrial cyber security companies
You may also like…
