You are previewing Industrial Network Security, 2nd Edition.
O'Reilly logo
Industrial Network Security, 2nd Edition

Book Description

As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more important, and heavily mandated. Industrial Network Security, Second Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems.

The book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. This how-to guide gives you thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation.

  • All-new real-world examples of attacks against control systems, and more diagrams of systems
  • Expanded coverage of protocols such as 61850, Ethernet/IP, CIP, ISA-99, and the evolution to IEC62443
  • Expanded coverage of Smart Grid security
  • New coverage of signature-based detection, exploit-based vs. vulnerability-based detection, and signature reverse engineering

Table of Contents

  1. Cover
  2. Title page
  3. Table of Contents
  4. Copyright
  5. About the Authors
  6. Preface
  7. Acknowledgments
  8. Chapter 1: Introduction
    1. Book overview and key learning points
    2. Book audience
    3. Diagrams and figures
    4. The smart grid
    5. How this book is organized
    6. Conclusion
  9. Chapter 2: About Industrial Networks
    1. Abstract
    2. The use of terminology within this book
    3. Common industrial security recommendations
    4. Advanced industrial security recommendations
    5. Common misperceptions about industrial network security
    6. Summary
  10. Chapter 3: Industrial Cyber Security History and Trends
    1. Abstract
    2. Importance of securing industrial networks
    3. The evolution of the cyber threat
    4. Insider threats
    5. Hacktivism, cyber crime, cyber terrorism, and cyber war
    6. Summary
  11. Chapter 4: Introduction to Industrial Control Systems and Operations
    1. Abstract
    2. System assets
    3. System operations
    4. Process management
    5. Safety instrumented systems
    6. The smart grid
    7. Network architectures
    8. Summary
  12. Chapter 5: Industrial Network Design and Architecture
    1. Abstract
    2. Introduction to industrial networking
    3. Common topologies
    4. Network segmentation
    5. Network services
    6. Wireless networks
    7. Remote access
    8. Performance considerations
    9. Safety instrumented systems
    10. Special considerations
    11. Summary
  13. Chapter 6: Industrial Network Protocols
    1. Abstract
    2. Overview of industrial network protocols
    3. Fieldbus protocols
    4. Backend protocols
    5. Advanced metering infrastructure and the smart grid
    6. Industrial protocol simulators
    7. Summary
  14. Chapter 7: Hacking Industrial Control Systems
    1. Abstract
    2. Motives and consequences
    3. Common industrial targets
    4. Common attack methods
    5. Examples of weaponized industrial cyber threats
    6. Attack trends
    7. Dealing with an infection
    8. Summary
  15. Chapter 8: Risk and Vulnerability Assessments
    1. Abstract
    2. Cyber security and risk management
    3. Methodologies for assessing risk within industrial control systems
    4. System characterization
    5. Threat identification
    6. Vulnerability identification
    7. Risk Classification and Ranking
    8. Risk reduction and mitigation
    9. Summary
  16. Chapter 9: Establishing Zones and Conduits
    1. Abstract
    2. Security zones and conduits explained
    3. Identifying and classifying security zones and conduits
    4. Recommended security zone separation
    5. Establishing security zones and conduits
    6. Summary
  17. Chapter 10: Implementing Security and Access Controls
    1. Abstract
    2. Network segmentation
    3. Implementing network security controls
    4. Implementing host security and access controls
    5. How much security is enough?
    6. Summary
  18. Chapter 11: Exception, Anomaly, and Threat Detection
    1. Abstract
    2. Exception Reporting
    3. Behavioral anomaly detection
    4. Behavioral Whitelisting
    5. Threat Detection
    6. Summary
  19. Chapter 12: Security Monitoring of Industrial Control Systems
    1. Abstract
    2. Determining what to monitor
    3. Successfully monitoring security zones
    4. Information management
    5. Log storage and retention
    6. Summary
  20. Chapter 13: Standards and Regulations
    1. Abstract
    2. Common standards and regulations
    3. ISA/IEC-62443
    4. Mapping industrial network security to compliance
    5. Industry best practices for conducting ICS assessments
    6. Common Criteria and FIPS Standards
    7. Summary
  21. Appendix A: Protocol Resources
  22. Appendix B: Standards Organizations
  23. Appendix C: NIST Security Guidelines
  24. Glossary
  25. Index