Aimed at both the novice and expert in IT security and industrial control systems (ICS), this book will help readers gain a better understanding of protecting ICSs from electronic threats. Cyber security is getting much more attention and ‘SCADA security’ (Supervisory Control and Data Acquisition) is a particularly important part of this field, as are Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Intelligent Electronic Devices (IEDs)-and all the other, field controllers, sensors, and drives, emission controls, and that make up the ‘intelligence’ of modern industrial buildings and facilities. This book will help the reader better understand what is industrial control system cyber security, why is it different than IT security, what has really happened to date, and what needs to be done. Loads of practical advice is offered on everything from clarity on current cyber-security systems and how they can be integrated into general IT systems, to how to conduct risk assessments and how to obtain certifications, to future trends in legislative and regulatory issues affecting industrial security.
Around the world, SCADA (supervisory control and data acquisition) systems and other real-time process control networks run mission-critical infrastructure–everything from the power grid to water treatment, chemical manufacturing to transportation. These networks are at increasing risk due to the move from proprietary systems to more standard platforms and protocols and the interconnection to other networks. Because there has been limited attention paid to security, these systems are seen as largely unsecured and very vulnerable to attack.
This book addresses currently undocumented security issues affecting SCADA systems and overall critical infrastructure protection. The respective co-authors are among the leading experts in the world capable of addressing these related-but-independent concerns of SCADA security. Headline-making threats and countermeasures like malware, sidejacking, biometric applications, emergency communications, security awareness llanning, personnel & workplace preparedness and bomb threat planning will be addressed in detail in this one of a kind book-of-books dealing with the threats to critical infrastructure protection. They collectivly have over a century of expertise in their respective fields of infrastructure protection. Included among the contributing authors are Paul Henry, VP of Technology Evangelism, Secure Computing, Chet Hosmer, CEO and Chief Scientist at Wetstone Technologies, Phil Drake, Telecommunications Director, The Charlotte Observer, Patrice Bourgeois, Tenable Network Security, Sean Lowther, President, Stealth Awareness and Jim Windle, Bomb Squad Commander, CMPD.
* Internationally known experts provide a detailed discussion of the complexities of SCADA security and its impact on critical infrastructure
* Highly technical chapters on the latest vulnerabilities to SCADA and critical infrastructure and countermeasures
* Bonus chapters on security awareness training, bomb threat planning, emergency communications, employee safety and much more
* Companion Website featuring video interviews with subject matter experts offer a “sit-down” with the leaders in the field
SCADA – Supervisory Control and Data Acquisition – Systems don’t necessarily mesh well with standard IT security, although combined the two can create deepened levels of protection. This book demonstrates how to develop a SCADA cyber security program and how to work with internal and external IT resources in order to implement it. The technical level of this text ensures that it does not provide a detailed ‘cookbook’ that can be used to attack SCADA systems, but the text still provides sufficient technical detail to address areas of concern.
The information infrastructure–comprising computers, embedded devices, networks and software systems–is vital to operations in every sector. Global business and industry, governments, and society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed.
This book contains a selection of 27 edited papers from the First Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection.
This book arises from the NATO-Russia Workshop, and focuses on the creation of a risk-informed analysis capability for modeling and predicting the behavior of complex infrastructure networks; applying emerging technology to the problems of designing, constructing, monitoring, and operating critical infrastructure systems; and building an understanding of the social, economic, and environmental factors that affect, and are affected by, critical infrastructure.