You are previewing Robust Control System Networks.
O'Reilly logo
Robust Control System Networks

Book Description

From the researcher who was one of the first to identify and analyze the infamous industrial control system malware "Stuxnet," comes a book that takes a new, radical approach to making Industrial control systems safe from such cyber attacks: design the controls systems themselves to be "robust." Other security experts advocate risk management, implementing more firewalls and carefully managing passwords and access. Not so this book: those measures, while necessary, can still be circumvented. Instead, this book shows in clear, concise detail how a system that has been set up with an eye toward quality design in the first place is much more likely to remain secure and less vulnerable to hacking, sabotage or malicious control. It blends several well-established concepts and methods from control theory, systems theory, cybernetics and quality engineering to create the ideal protected system. The book's maxim is taken from the famous quality engineer William Edwards Deming, "If I had to reduce my message to management to just a few words, I'd say it all has to do with reducing variation." Highlights include: - An overview of the problem of "cyber fragility" in industrial control systems - How to make an industrial control system "robust," including principal design objectives and overall strategic planning - Why using the methods of quality engineering like the Taguchi method, SOP and UML will help to design more "armored" industrial control systems.

Table of Contents

  1. Cover Page
  2. Title Page
  3. Copyright
  4. Contents
  5. Preface
  6. About the Author
  7. Chapter 1 Introduction: The Three Faces of Risk
    1. 1.1 The Insurance Model of Risk: Risk as Statistical Probability and Projected Amount of Loss
    2. 1.2 The Logical Model of Risk: Risk as Cause and Consequence
    3. 1.3 The Financial Model of Risk: Risk as Volatility
    4. 1.4 From Risk to Fragility and from Security to Robustness
  8. Chapter 2 The Problem of Cyber Fragility in Industrial Automation and Control
    1. 2.1 Cyber Fragility Defined
    2. 2.2 The Evolution of Complexity in Industrial Automation and Control
    3. 2.3 Entropy and IACS Networks
    4. 2.4 Cyber Contingency
    5. 2.5 Fragile Control
    6. 2.6 Control Clouds
  9. Chapter 3 Cyber Robustness
    1. 3.1 Cyber Robustness Defined
    2. 3.2 Robustification Theory: Principles
    3. 3.3 Robustification Practice: Strategies
    4. 3.4 How to Approach Robustification Projects
    5. 3.5 Recommended Robustification Procedure
  10. Chapter 4 Building a System Model
    1. 4.1 System Model Aspects and Criteria
    2. 4.2 Building a Structural System Model
    3. 4.3 Hardware Inventory
    4. 4.4 Software Inventory
    5. 4.5 Network Configuration
    6. 4.6 People, Policy, Procedures
    7. 4.7 Monitoring and Auditing
  11. Chapter 5 Requirements and System Specification
    1. 5.1 The Role of Requirements for Robustification
    2. 5.2 Specification Items
    3. 5.3 The Specification Tree
    4. 5.4 Specifying Cyber Operating Conditions
  12. Chapter 6 Imposing Structure
    1. 6.1 Removing Unnecessary Applications, Services, and Functions (System Hardening)
    2. 6.2 Reducing or Removing General-Purpose Software Services and Interfaces
    3. 6.3 Using Application-Specific Least-Functionality Interfaces
    4. 6.4 Reducing Static Open File Exchanges (Shared Folders)
    5. 6.5 Eliminating Hidden Hubs
    6. 6.6 Restricting User Access and User Interaction
    7. 6.7 Reducing Variation in Procedure (Standard Operating Procedures)
    8. 6.8 Reducing Network Exposure
    9. 6.9 Reducing Variation in Equipment Type, Product Version, and Configuration Options
  13. Chapter 7 Enforcing and Reinforcing Structure
    1. 7.1 Resilient Code and Architecture
    2. 7.2 Code Execution and Configuration Tamper Control/Monitoring
    3. 7.3 Encoding and Verifying Meta Information for End-to-End Validity Checking
    4. 7.4 Context-Based Restrictions on Control Authority (Inherent Safety)
    5. 7.5 Safeguards and Process Monitoring
    6. 7.6 Redundancy
    7. 7.7 Derating (Performance Reserves)
  14. Chapter 8 Modifying Structure
    1. 8.1 The Need for Adaptability in IACS Environments
    2. 8.2 Change Factors
    3. 8.3 Change Management Quality Levels
  15. Epilogue
  16. Appendix
    1. A Surprise! Nonobvious, Nonanticipated Cyber Fragility Effects
    2. B Conservative Engineering Habits Resulting in Cyber Fragility
    3. C Cyber Robustness Versus IT Security
  17. References
  18. List of Acronyms
  19. Index
  20. Back Cover