Industrial Network Security

Industrial Network Security

Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems

2nd Edition - December 9, 2014

Write a review

  • Authors: Eric Knapp, Joel Langill
  • Paperback ISBN: 9780124201149
  • eBook ISBN: 9780124201842

Purchase options

Purchase options
Available
DRM-free (Mobi, EPub, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more important, and heavily mandated. Industrial Network Security, Second Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems. The book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. This how-to guide gives you thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation.

Key Features

  • All-new real-world examples of attacks against control systems, and more diagrams of systems
  • Expanded coverage of protocols such as 61850, Ethernet/IP, CIP, ISA-99, and the evolution to IEC62443
  • Expanded coverage of Smart Grid security
  • New coverage of signature-based detection, exploit-based vs. vulnerability-based detection, and signature reverse engineering

Readership

Information Technology and security professionals working on networks and control systems operations

Table of Contents

    • About the Authors
    • Preface
    • Acknowledgments
    • Chapter 1: Introduction
      • Book overview and key learning points
      • Book audience
      • Diagrams and figures
      • The smart grid
      • How this book is organized
      • Conclusion
    • Chapter 2: About Industrial Networks
      • Abstract
      • The use of terminology within this book
      • Common industrial security recommendations
      • Advanced industrial security recommendations
      • Common misperceptions about industrial network security
      • Summary
    • Chapter 3: Industrial Cyber Security History and Trends
      • Abstract
      • Importance of securing industrial networks
      • The evolution of the cyber threat
      • Insider threats
      • Hacktivism, cyber crime, cyber terrorism, and cyber war
      • Summary
    • Chapter 4: Introduction to Industrial Control Systems and Operations
      • Abstract
      • System assets
      • System operations
      • Process management
      • Safety instrumented systems
      • The smart grid
      • Network architectures
      • Summary
    • Chapter 5: Industrial Network Design and Architecture
      • Abstract
      • Introduction to industrial networking
      • Common topologies
      • Network segmentation
      • Network services
      • Wireless networks
      • Remote access
      • Performance considerations
      • Safety instrumented systems
      • Special considerations
      • Summary
    • Chapter 6: Industrial Network Protocols
      • Abstract
      • Overview of industrial network protocols
      • Fieldbus protocols
      • Backend protocols
      • Advanced metering infrastructure and the smart grid
      • Industrial protocol simulators
      • Summary
    • Chapter 7: Hacking Industrial Control Systems
      • Abstract
      • Motives and consequences
      • Common industrial targets
      • Common attack methods
      • Examples of weaponized industrial cyber threats
      • Attack trends
      • Dealing with an infection
      • Summary
    • Chapter 8: Risk and Vulnerability Assessments
      • Abstract
      • Cyber security and risk management
      • Methodologies for assessing risk within industrial control systems
      • System characterization
      • Threat identification
      • Vulnerability identification
      • Risk Classification and Ranking
      • Risk reduction and mitigation
      • Summary
    • Chapter 9: Establishing Zones and Conduits
      • Abstract
      • Security zones and conduits explained
      • Identifying and classifying security zones and conduits
      • Recommended security zone separation
      • Establishing security zones and conduits
      • Summary
    • Chapter 10: Implementing Security and Access Controls
      • Abstract
      • Network segmentation
      • Implementing network security controls
      • Implementing host security and access controls
      • How much security is enough?
      • Summary
    • Chapter 11: Exception, Anomaly, and Threat Detection
      • Abstract
      • Exception Reporting
      • Behavioral anomaly detection
      • Behavioral Whitelisting
      • Threat Detection
      • Summary
    • Chapter 12: Security Monitoring of Industrial Control Systems
      • Abstract
      • Determining what to monitor
      • Successfully monitoring security zones
      • Information management
      • Log storage and retention
      • Summary
    • Chapter 13: Standards and Regulations
      • Abstract
      • Common standards and regulations
      • ISA/IEC-62443
      • Mapping industrial network security to compliance
      • Industry best practices for conducting ICS assessments
      • Common Criteria and FIPS Standards
      • Summary
    • Appendix A: Protocol Resources
    • Appendix B: Standards Organizations
    • Appendix C: NIST Security Guidelines
    • Glossary
    • Index

Product details

  • No. of pages: 460
  • Language: English
  • Copyright: © Syngress 2014
  • Published: December 9, 2014
  • Imprint: Syngress
  • Paperback ISBN: 9780124201149
  • eBook ISBN: 9780124201842

About the Authors

Eric Knapp

Eric Knapp is a globally recognized expert in industrial control systems cyber security and continues to drive the adoption of new security technology to promote safer and more reliable automation infrastructures. He first specialized in ICS cyber security while at Nitrosecurity, where he focused on threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee in his role as Global Director for Critical Infrastructure Markets. He is currently Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology to better protect SCADA, ICS and other connected, real-time devices. In addition to his work in information security, he is an award-winning author of fiction. He studied at the University of New Hampshire and the University of London.

Affiliations and Expertise

Director Strategic Alliances for Wurldtech Security Technologies

Joel Langill

Joel Langill is the SCADAhacker. His expertise was developed over nearly 30 years through in-depth, comprehensive industrial control systems architecture, product development, implementation, upgrade, and remediation in a variety of roles covering manufacturing of consumer products, oil, and gas, including petroleum refining, automation solution sales and development, and system engineering. His employers include major companies such as General Electric, Shell Oil Company, Honeywell Process Solutions, and ENGlobal Automation, offering him rare and insightful expertise in the risks and mitigation of cyber vulnerabilities in industrial control systems. He is a Certified Ethical Hacker, Certified Penetration Test, Cisco Certified Network Associate, and TÜV Functional Safety Engineer. Joel is also a proud member of the Milwaukee Chapter of InfraGard.

Affiliations and Expertise

Director of Critical Infrastructure and SCADA Representative Cyber Security Forum Initiative, USA

Ratings and Reviews

Write a review

Latest reviews

(Total rating for all reviews)

  • Uri G. Sat Dec 22 2018

    Uri G.

    A very good book ! It gives a wide view on industrial network cyber security challenges which the industry is facing. The book is very easy to understand for those who are not familiar with the OT world. The chapters are in a sensible order which helps on the one hand to get the general ideas and on the other hand to get the relevant tools in order to transform the ideas into a practical approach.