Industrial Network Security Securing Critical Infrastructure Networks for Smart Grid SCADA and Other Industrial Control Systems 1st Edition by Eric Knapp, Joel Thomas Langill ISBN 9781597496469 1597496469

Industrial Network Security Securing Critical Infrastructure Networks for Smart Grid SCADA and Other Industrial Control Systems 1st Edition by  Eric D. Knapp, Joel Thomas Langill – Ebook PDF Instant Download/Delivery:  9781597496469, 1597496469
Full download Industrial Network Security Securing Critical Infrastructure Networks for Smart Grid SCADA and Other Industrial Control Systems 1st Edition after payment

Product details: 

ISBN 10:   1597496469

ISBN 13: 9781597496469

Author: Eric D. Knapp, Joel Thomas Langill

Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems covers implementation guidelines for security measures of critical infrastructure. The book describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented. It also discusses common pitfalls and mistakes and how to avoid them. After reading this book, students will understand and address the unique security concerns that face the world’s most important networks.

This book examines the unique protocols and applications that are the foundation of industrial control systems and provides comprehensive guidelines for their protection. Divided into 11 chapters, it explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also explores industrial networks as they relate to “critical infrastructure” and cyber security; potential risks and consequences of a cyber attack against an industrial control system; compliance controls in relation to network security practices; industrial network protocols such as Modbus and DNP3; assessment of vulnerabilities and risk; how to secure enclaves; regulatory compliance standards applicable to industrial network security; and common pitfalls and mistakes, like complacency and deployment errors.

This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines. It will also appeal to IT and security professionals working on networks and control systems operations.

Table of contents: 

Chapter 1: Introduction

• Book Overview and Key Learning Points

• Book Audience

• Diagrams and Figures

• The Smart Grid

• How This Book Is Organized

  • Chapter 2: About Industrial Networks

  • Chapter 3: Introduction to Industrial Network Security

  • Chapter 4: Industrial Network Protocols

  • Chapter 5: How Industrial Networks Operate

  • Chapter 6: Vulnerability and Risk Assessment

  • Chapter 7: Establishing Secure Enclaves

  • Chapter 8: Exception, Anomaly, and Threat Detection

  • Chapter 9: Monitoring Enclaves

  • Chapter 10: Standards and Regulations

  • Chapter 11: Common Pitfalls and Mistakes

• Conclusion

Chapter 2: About Industrial Networks

• Industrial Networks and Critical Infrastructure

  • Critical Infrastructure

  • Critical versus Noncritical Industrial Networks

• Relevant Standards and Organizations

  • Homeland Security Presidential Directive Seven / HSPD-7

  • NIST Special Publications (800 Series)

  • NERC CIP

  • Nuclear Regulatory Commission

  • Federal Information Security Management Act

  • Chemical Facility Anti-Terrorism Standards

  • ISA-99

  • ISO 27002

• Common Industrial Security Recommendations

  • Identification of Critical Systems

  • Network Segmentation/Isolation of Systems

  • Defense in Depth

  • Access Control

• The Use of Terminology Within This Book

  • Networks, Routable and Non-routable

  • Assets, Critical Assets, Cyber Assets, and Critical Cyber Assets

  • Enclaves

  • Electronic Security Perimeters

• Summary

• Endnotes

Chapter 3: Introduction to Industrial Network Security

• The Importance of Securing Industrial Networks

• The Impact of Industrial Network Incidents

  • Safety Controls

  • Consequences of a Successful Cyber Incident

• Examples of Industrial Network Incidents

  • Dissecting Stuxnet

  • Night Dragon

• APT and Cyber War

  • The Advanced Persistent Threat

  • Cyber War

  • Emerging Trends in APT and Cyber War

  • Still to Come

  • Defending Against APT

  • Responding to APT

• Summary

• Endnotes

Chapter 4: Industrial Network Protocols

• Overview of Industrial Network Protocols

• Modbus

  • What It Does

  • How It Works

  • Variants

  • Where It Is Used

  • Security Concerns

  • Security Recommendations

• ICCP/TASE.2

  • What It Does

  • How It Works

  • Where It Is Used

  • Security Concerns

  • Security Improvements over Modbus

  • Security Recommendations

• DNP3

  • What It Does

  • How It Works

  • Secure DNP3

  • Where It Is Used

  • Security Concerns

  • Security Recommendations

• OLE for Process Control

  • What It Does

  • How It Works

  • OPC-UA and OPC-XI

  • Where It Is Used

  • Security Concerns

  • Security Recommendations

• Other Industrial Network Protocols

  • Ethernet/IP

  • Profibus

  • EtherCAT

  • Ethernet Powerlink

  • SERCOS III

• AMI and the Smart Grid

  • Security Concerns

  • Security Recommendations

• Summary

• Endnotes

Chapter 5: How Industrial Networks Operate

• Control System Assets

  • IEDs

  • RTUs

  • PLCs

  • HMIs

  • Supervisory Workstations

  • Data Historians

  • Business Information Consoles and Dashboards

  • Other Assets

• Network Architectures

  • Topologies Used

• Control System Operations

  • Control Loops

  • Control Processes

  • Feedback Loops

  • Business Information Management

• Control Process Management

• Smart Grid Operations

• Summary

• Endnotes

Chapter 6: Vulnerability and Risk Assessment

• Basic Hacking Techniques

  • The Attack Process

  • Targeting an Industrial Network

  • Threat Agents

• Accessing Industrial Networks

  • The Business Network

  • The SCADA DMZ

  • The Control System

  • Common Vulnerabilities

  • The Smart Grid

• Determining Vulnerabilities

  • Why Vulnerability Assessment Is Important

  • Vulnerability Assessment in Industrial Networks

  • Vulnerability Scanning for Configuration Assurance

  • Where to Perform VA Scans

  • Cyber Security Evaluation Tool

• Vulnerability Management

  • Patch Management

  • Configuration Management

  • Device Removal and Quarantine

• Summary

• Endnotes

Chapter 7: Establishing Secure Enclaves

• Identifying Functional Groups

  • Network Connectivity

  • Control Loops

  • Supervisory Controls

  • Control Processes

  • Control Data Storage

  • Trading Communications

  • Remote Access

  • Users and Roles

  • Protocols

  • Criticality

  • Using Functional Groups to Identify Enclaves

• Establishing Enclaves

  • Identifying Enclave Perimeters

  • Network Alterations

  • Enclaves and Security Policy Development

  • Enclaves and Security Device Configurations

• Securing Enclave Perimeters

  • Selecting Perimeter Security Devices

  • Implementing Perimeter Security Devices

  • Intrusion Detection and Prevention (IDS/IPS) Configuration Guidelines

• Securing Enclave Interiors

  • Selecting Interior Security Systems

• Summary

• Endnotes

Chapter 8: Exception, Anomaly, and Threat Detection

• Exception Reporting

• Behavioral Anomaly Detection

  • Measuring Baselines

  • Anomaly Detection

• Behavioral Whitelisting

  • User Whitelists

  • Asset Whitelists

  • Application Behavior Whitelists

• Threat Detection

  • Event Correlation

  • Correlating between IT and OT Systems

• Summary

• Endnotes

Chapter 9: Monitoring Enclaves

• Determining What to Monitor

  • Security Events

  • Assets

  • Configurations

  • Applications

  • Networks

  • User Identities and Authentication

  • Additional Context

  • Behavior

• Successfully Monitoring Enclaves

  • Log Collection

  • Direct Monitoring

  • Inferred Monitoring

  • Information Collection and Management Tools (Log Management Systems, SIEMs)

  • Monitoring Across Secure Boundaries

• Information Management

  • Queries

  • Reports

  • Alerts

  • Incident Investigation and Response

• Log Storage and Retention

  • Nonrepudiation

  • Data Retention/Storage

  • Data Availability

• Summary

• Endnotes

Chapter 10: Standards and Regulations

• Common Standards and Regulations

  • NERC CIP

  • CFATS

  • ISO/IEC 27002:2005

  • NRC Regulation 5.71

  • NIST SP 800-82

• Mapping Industrial Network Security to Compliance

  • Perimeter Security Controls

  • Host Security Controls

  • Security Monitoring Controls

• Mapping Compliance Controls to Network Security Functions

• Common Criteria and FIPS Standards

  • Common Criteria

  • FIPS 140-2

• Summary

• Endnotes

Chapter 11: Common Pitfalls and Mistakes

• Complacency

  • Vulnerability Assessments vs. Zero-Days

  • Real Security vs. Policy and Awareness

  • The Air Gap Myth

• Misconfigurations

  • Default Accounts and Passwords

  • Lack of Outbound Security and Monitoring

  • The Executive Override

  • The Ronco Perimeter

• Compliance vs. Security

  • Audit Fodder

  • The “One Week Compliance Window”

• Scope and Scale

  • Project-Limited Thinking

  • Insufficiently Sized Security Controls

People also search for:

what is critical infrastructure in cyber security
    
industrial network security
    
industrial network security pdf
    
securing critical infrastructure
    
critical infrastructure security example

Tags: Eric Knapp, Joel Thomas Langill, Industrial Network, Security Securing, Infrastructure Networks