CHAPTER 53

MONITORING AND CONTROL SYSTEMS

Caleb S. Coggins and Diane E. Levine

53.1 INTRODUCTION

53.1.1 Prevention, Detection, and Response

53.1.2 Controlling versus Monitoring

53.1.3 Control Loop

53.1.4 Defining the Scope and System Requirements

53.2 CHANGE AND SECURITY IMPLICATIONS

53.2.1 Regulations, Policies, and Frameworks

53.2.2 Change Management

53.2.3 Configuration Protection

53.2.4 Performance Considerations

53.3 SYSTEM MODELS

53.3.1 Internal, One to One, One to Many, and Distributed

53.3.2 Automation and the Human–Machine Interface

53.3.3 Snapshots versus Real Time

53.3.4 Memory Dumps

53.4 TARGETS AND METHODS

53.4.1 Overview

53.4.2 Process Flow and Job Scheduling

53.4.3 Network Connectivity

53.4.4 Environmental Concerns

53.4.5 System State

53.4.6 System Components

53.4.7 Process Activities

53.4.8 File System

53.4.9 Access Controls

53.5 LOG MANAGEMENT

53.5.1 Log Generation

53.5.2 Types of Log File Records

53.5.3 Automation and Resource Allocation

53.5.4 Log Record Security

53.6 DATA AGGREGATION AND REDUCTION

53.6.1 Centralized Data Stores

53.6.2 Filtered Queries

53.6.3 Analyzing Log Records

53.6.4 Dashboards

53.7 NOTIFICATIONS AND REPORTING

53.7.1 Alerts

53.7.2 Trend Analysis and Reporting

53.8 MONITORING AND CONTROL CHALLENGES

53.8.1 Overview

53.8.2 Industrial Control Systems

53.8.3 Mobile Computing

53.8.4 Virtualization

53.9 SUMMARY

53.10 REFERENCES

53.11 NOTES

53.1 INTRODUCTION.

Monitoring and control (M&C) systems address security events through prevention, detection, ...

Get Computer Security Handbook, Fifth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial