Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems covers implementation guidelines for security measures of critical infrastructure. The book describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented. It also discusses common pitfalls and mistakes and how to avoid them. After reading this book, students will understand and address the unique security concerns that face the world's most important networks.
This book examines the unique protocols and applications that are the foundation of industrial control systems and provides comprehensive guidelines for their protection. Divided into 11 chapters, it explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also explores industrial networks as they relate to "critical infrastructure" and cyber security; potential risks and consequences of a cyber attack against an industrial control system; compliance controls in relation to network security practices; industrial network protocols such as Modbus and DNP3; assessment of vulnerabilities and risk; how to secure enclaves; regulatory compliance standards applicable to industrial network security; and common pitfalls and mistakes, like complacency and deployment errors.
This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines. It will also appeal to IT and security professionals working on networks and control systems operations.
Rezensionen / Stimmen
"One of the most mysterious areas of information security is industrial system security...What raises the mystery even higher is that the stakes in the area of industrial security are extremely high. While the loss of trade secret information may kill a business, the loss of electricity generating capability may kill not just one person, but potentially thousands. And finally the mystery is solved-with this well-researched book on industrial system network security." --Dr. Anton A. Chuvakin, Security Warrior Consulting
"For those looking to get a handle on how to effectively secure critical infrastructure networks, Industrial Network Security is an excellent reference... The reality is that industrial system security can be effectively secured, and the book shows the reader exactly how to do that. In 11 densely written chapters, the book covers all of the necessary areas in which to secure critical infrastructure systems... For those looking for a solid overview of the topic, Industrial Network Security is an excellent reference." --Security Management
Sprache
Verlagsort
Zielgruppe
Für höhere Schule und Studium
Information Technology and security professionals working on networks and control systems operations
Illustrationen
25 illustrations; Illustrations
Maße
Höhe: 235 mm
Breite: 191 mm
Gewicht
ISBN-13
978-1-59749-645-2 (9781597496452)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Klassifikation
Eric Knapp is a globally recognized expert in industrial control systems cyber security and continues to drive the adoption of new security technology to promote safer and more reliable automation infrastructures. He first specialized in ICS cyber security while at Nitrosecurity, where he focused on threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee in his role as Global Director for Critical Infrastructure Markets. He is currently Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology to better protect SCADA, ICS and other connected, real-time devices. In addition to his work in information security, he is an award-winning author of fiction. He studied at the University of New Hampshire and the University of London. Joel Langill is the SCADAhacker.?His expertise was developed over nearly 30 years through in-depth, comprehensive?industrial control systems architecture, product development, implementation, upgrade, and?remediation in a variety of?roles covering manufacturing of consumer products, oil, and gas, including petroleum refining, automation solution sales and development, and system engineering. His employers include major companies such as General Electric, Shell Oil Company, Honeywell Process Solutions, and ENGlobal Automation, offering him rare and insightful expertise in the risks and mitigation of cyber vulnerabilities in industrial control systems. He is a Certified Ethical Hacker, Certified Penetration Test, Cisco Certified Network Associate, and TUEV Functional Safety Engineer. Joel is also a proud member of the Milwaukee Chapter of InfraGard.
Autor*in
Director
Strategic Alliances for Wurldtech Security Technologies
Director of Critical Infrastructure and SCADA Representative
Cyber Security Forum Initiative, USA
Chapter 1: Introduction
Chapter 2: About Industrial Networks
Chapter 3: Introduction to Industrial Network Security
Chapter 4: Industrial Network Protocols
Chapter 5: How Industrial Networks Operate
Chapter 6: Vulnerability and Risk Assessment
Chapter 7: Establishing Secure Enclaves
Chapter 8: Exception, Anomaly and Threat Detection
Chapter 9: Monitoring Enclaves
Chapter 10: Standards and Regulations
Chapter 11: Common Pitfalls and Mistakes
Appendix A: Protocol Resources
Appendix B: Standards Organizations
Appendix C: NIST Security Guidelines
Glossary
