Security Assessment of SCADA Protocols – A Taxonomy Based Methodology for the Identification of Security Vulnerabilities in SCADA Protocols

Security Assessment of SCADA Protocols - A Taxonomy Based Methodology for the Identification of Security Vulnerabilities in SCADA ProtocolsModern industrial facilities, such as oil refineries, chemical factories, electric power generation plants, etc. are large, complex, distributed systems. These systems are monitored and controlled by networks of special purpose embedded computing devices such as sensors, actuators, and PLCs. These industrial control networks are commonly called SCADA (Supervisory Control and Data Acquisition) networks. The increasing interconnectivity of SCADA networks has exposed them to a wide range of network security problems. One of the important issues in securing SCADA networks is to identify vulnerabilities in the communication protocols. This book analyses existing qualitative security assessment guidelines, specifically attack and vulnerability taxonomies, and proposes a new framework for organizing information about known attacks and vulnerabilities to find unknown or similar vulnerabilities in new systems. This framework is used to organize information related to known vulnerabilities in SCADA protocols into a taxonomy that provides a systematic methodology for the security assessment of other SCADA protocols.

Price: $64.00

Click here to buy from Amazon

Practical Modern SCADA Protocols: DNP3 and Related Systems (IDC Technology)

Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems (IDC Technology)SCADA (Supervisory Control and Data Acquisition) systems are at the heart of the modern industrial enterprise ranging from mining plants, water and electrical utility installations to oil and gas plants. In a market that is crowded with high-level monographs and reference guides, more practical information for professional engineers is required. This book covers the essentials of SCADA communication systems focussing on DNP3, the IEC 60870.5 standard and other new developments in this area. It commences with a brief review of the fundamentals of SCADA systems' hardware, software and the communications systems (such as RS-232, RS-485, Ethernet and TCP/IP) that connect the SCADA Modules together. A solid review is then done on the DNP3 and IEC 60870.5 protocols where its features, message structure, practical benefits and applications are discussed. This book provides you with the knowledge to design your next SCADA system more effectively with a focus on using the latest communications technologies available.

* Covers the essentials of SCADA communication systems and other new developments in this area
* Covers a wide range of specialist networking topics and other topics ideal for practicing engineers and technicians looking to further and develop their knowledge of the subject
* Extremely timely subject as the industry has made a strong movement towards standard protocols in modern SCADA communications systems

Price: $63.95

Click here to buy from Amazon

Wireshark & Ethereal Network Protocol Analyzer Toolkit Jay Beale Source Security

Wireshark & Ethereal Network Protocol Analyzer Toolkit (Jay Beale's Open Source Security)Ethereal is the #2 most popular open source security tool used by system administrators and security professionals. This all new book builds on the success of Syngress' best-selling book Ethereal Packet Sniffing.

This book provides complete information and step-by-step Instructions for analyzing protocols and network traffic on Windows, Unix or Mac OS X networks. First, readers will learn about the types of sniffers available today and see the benefits of using Ethereal. Readers will then learn to install Ethereal in multiple environments including Windows, Unix and Mac OS X as well as building Ethereal from source and will also be guided through Ethereal's graphical user interface. The following sections will teach readers to use command-line options of Ethereal as well as using Tethereal to capture live packets from the wire or to read saved capture files. This section also details how to import and export files between Ethereal and WinDump, Snort, Snoop, Microsoft Network Monitor, and EtherPeek. The book then teaches the reader to master advanced tasks such as creating sub-trees, displaying bitfields in a graphical view, tracking requests and reply packet pairs as well as exclusive coverage of MATE, Ethereal's brand new configurable upper level analysis engine. The final section to the book teaches readers to enable Ethereal to read new Data sources, program their own protocol dissectors, and to create and customize Ethereal reports.

Ethereal is the #2 most popular open source security tool, according to a recent study conducted by insecure.org

Syngress' first Ethereal book has consistently been one of the best selling security books for the past 2 years

The companion Web site for the book provides readers with dozens of open source security tools and working scripts

Price: $49.95

Click here to buy from Amazon

Tornado and VxWorks

Tornado and VxWorksOver the last decade, VxWorks and the IDE Tornado have become the dominating force in the embedded market place. This makes the operating system and its development environment a unique choice to start development for Embedded Applications. This book provides vital information gathered in years of experience working with VxWorks, offering support and fundamental insights into real time development using the platform. It covers Basics, Development and Deployment, giving hints and tips what should be done and what better be omitted. From the Author This book covers the experience I gained over years, supporting vxWorks from version 5.0.2 on.





Price: $30.00

Click here to buy from Amazon

The Hacker’s Handbook: The Strategy Behind Breaking into and Defending Networks

The Hacker's Handbook: The Strategy Behind Breaking Into and Defending Networks, moves ahead of the pack of books about digital security by revealing the technical aspects of hacking that are least understood by network administrators. This is accomplished by analyzing subjects through a hacking/security dichotomy that details hacking maneuvers and defenses in the same context. Chapters are organized around specific technical components and administrative tasks, providing theoretical background that prepares network defenders for the always-changing and creative tools and techniques of intruders.This book is divided into three parts. Part I introduces programming, protocol, and attack concepts. Part II addresses subject areas (protocols, services, technologies, etc.) that may be vulnerable. Part III details consolidation activities that hackers may use following penetration. Each section provides a “path” to hacking/security Web sites and other resources that augment existing content. Referencing these supplemental and constantly-updated resources ensures that this volume remains timely and enduring. By informing IT professionals how to think like hackers, this book serves as a valuable weapon in the fight to protect digital assets.

Price: $99.95

Click here to buy from Amazon