You are previewing Protecting Industrial Control Systems from Electronic Threats.
O'Reilly logo
Protecting Industrial Control Systems from Electronic Threats

Book Description

This book is meant to help both the novice and expert in Information Technology (IT) security and industrial control systems (ICS) gain a better understanding of protecting ICSs from electronic threats. The term "ICS" was chosen as ICSs include Supervisory Control and Data Acquisition (SCADA), Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Intelligent Electronic Devices (IEDs), field controllers, sensors, and drives, emission controls, building controls including fire suppression, thermostats, and elevator controls, and meters including business and residential automated metering. For the purpose of this book, ICSs also include safety systems. The term "electronic threats" was chosen rather than cyber security because there are electronic threats to ICSs beyond traditional cyber threats. Additionally, the book is about protecting the mission of the ICS - a compromise of a computer that isn't critical to the mission of the control system may be a cyber security event, but it is not of importance. The term "protecting" was chosen as this not a book on how to attack control systems. From a cyber perspective, they are very brittle and attacking them is not rocket science. On the other hand, protecting them while at the same time maintaining their mission can be rocket science. The term "it takes a village" can be applied to securing ICSs as Operations alone cannot do this. It takes a team of ICS expertise, IT security expertise, telecom knowledge, networking, ICS and IT vendor support, and most of all senior management support to make this work. I hope you find the book of interest. Respectfully, Joe

Table of Contents

  1. Copyright
  2. Acknowledgments
  3. Preface
  4. Background
  5. Definitions
  6. Industrial Control System Descriptions
    1. SCADA Systems
    2. Energy Management Systems
    3. DCSs
    4. The Future for ICSs
    5. Summary
  7. Convergence of Industrial Control Systems and Information Technology
  8. Differences between Industrial Control Systems and Information Technology
  9. Electronic Threats to Industrial Control Systems
  10. Myths
    1. The Internet and Microsoft Windows Are the Biggest Cyber Threats
    2. Using Windows and TCP/IP “Makes It IT”
    3. External Malicious Threats Are Always the Biggest Concerns
    4. Firewalls Make You Secure
    5. VPN and Encryption Use Makes You Secure
    6. IDS Will Identify Control System Attacks
    7. Field Devices Cannot Be Hacked
    8. You Are Secure If Hackers Cannot Get In
    9. More and Better “Widgets” Can Solve All Our Security Problems
    10. You Can “Air Gap” Control Systems
    11. IT Cyber Security Policies Apply to ICS
    12. Each Industry Requires a Different Approach
    13. “If We Keep Our Heads Down, They Won’t Find Us”
    14. ICS Cyber Security Is a North American Electric Issue
    15. NERC CIPS Reduce Cyber Exposure
    16. NERC CIPS Are Being Employed Uniformly
    17. Control System Cyber Forensics Exist
    18. Control Systems Audit Metrics Exist
  11. Current Personnel Status and Needs
  12. Information Sharing and Disclosure
    1. The Need for ICS-CERT
    2. Conclusion
  13. Industrial Control System Cyber Risk Assessments
    1. Combustion Turbines
  14. Selected Industry Activities
    1. Electric Power Plants
    2. Nuclear Power Plants
    3. Chemical Plants
    4. Combustion Turbines
  15. Industrial Control System Security Trends and Observations
    1. Conclusion
  16. Industrial Control System Cyber Security Demonstrations
    1. Remote Supervisory Control and Data Acquisition Hack
    2. Man-in-the-Middle Attack
    3. Remote SCADA Communication Hack
    4. Spread-Spectrum Radio Hack
    5. Aurora
    6. Conclusion
  17. Selected Case Histories
    1. Maroochy Wastewater Wireless Supervisory Control and Data Acquisition Attack
    2. Targeted SCADA Attack
    3. Pacific Energy Resources Leak Detection Attack
    4. Tehama Colusa Canal Authority SCADA Attack
    5. San Francisco IT System Hack
    6. Worm Affecting NRG Texas Generation Plant
    7. Conclusion
  18. Selected Case Histories
    1. Olympic Pipeline Company Gasoline Pipeline Rupture
    2. Florida Outage
    3. Fossil Plant Cycling Event
    4. Browns Ferry Nuclear Plant Broadcast Storm
    5. Hatch Nuclear Plant Software Glitch
    6. Hard Equipment Failures
    7. Inadequate ICS Communication
    8. Inadequate Configuration Management and Testing
    9. Unintended Consequence of Patching
    10. Software Design Flaw and a Lack of ICS Forensics
    11. Unintended Consequence of Installing Security Hardware
    12. Electronic Interference with ICSs
    13. Other Cases
  19. Industrial Control System Incident Categorization
    1. Major
    2. Moderate
    3. Minor
    4. Major Cyber Organizations’ Awareness of ICS
  20. Recommendations
    1. General
    2. Administrative and Procedural
    3. Technical
    4. Governmental
    5. Disclosure
    6. Certification and Educational
    7. Vendor
    8. ICS Cyber Incident Response
  21. Acronyms
  22. Glossary
  23. Comparison of Key Definitions
    1. Security
    2. SCADA
    3. Control Systems
  24. CSIS White Paper on Industrial Control Systems*
    1. Assuring Industrial Control System (ICS) Cyber Security
  25. Typical Distributed Control System Procurement Specification
    1. Background
    2. Organization
    3. Archetype Distributed Control System (DCS) Procurement Specification for a Coal-Fired Power Plant
  26. Further Reading
  27. Index