This book provides a comprehensive overview of the key concerns as well as research challenges in designing secure and resilient Industrial Control Systems (ICS). It will discuss today's state of the art security architectures and couple it with near and long term research needs that compare to the baseline. It will also establish all discussions to generic reference architecture for ICS that reflects and protects high consequence scenarios. Significant strides have been made in making industrial control systems secure. However, increasing connectivity of ICS systems with commodity IT devices and significant human interaction of ICS systems during its operation regularly introduces newer threats to these systems resulting in ICS security defenses always playing catch-up. There is an emerging consensus that it is very important for ICS missions to survive cyber-attacks as well as failures and continue to maintain a certain level and quality of service. Such resilient ICS design requires one to be proactive in understanding and reasoning about evolving threats to ICS components, their potential effects on the ICS mission’s survivability goals, and identify ways to design secure resilient ICS systems. This book targets primarily educators and researchers working in the area of ICS and Supervisory Control And Data Acquisition (SCADA) systems security and resiliency. Practitioners responsible for security deployment, management and governance in ICS and SCADA systems would also find this book useful. Graduate students will find this book to be a good starting point for research in this area and a reference source.
Cyber Security for Industrial Control Systems: From the Viewpoint of Close-Loop provides a comprehensive technical guide on up-to-date new secure defending theories and technologies, novel design, and systematic understanding of secure architecture with practical applications. The book consists of 10 chapters, which are divided into three parts. The first three chapters extensively introduce secure state estimation technologies, providing a systematic presentation on the latest progress in security issues regarding state estimation. The next five chapters focus on the design of secure feedback control technologies in industrial control systems, displaying an extraordinary difference from that of traditional secure defending approaches from the viewpoint of network and communication. The last two chapters elaborate on the systematic secure control architecture and algorithms for various concrete application scenarios. The authors provide detailed descriptions on attack model and strategy analysis, intrusion detection, secure state estimation and control, game theory in closed-loop systems, and various cyber security applications. The book is useful to anyone interested in secure theories and technologies for industrial control systems.
This book targets the key concern of protecting critical infrastructures such as smart grids. It explains various static and dynamic security analysis techniques that can automatically verify smart grid security and resiliency and identify potential attacks in a proactive manner. This book includes three main sections. The first presents the idea of formally verifying the compliance of smart grid configurations with the security and resiliency guidelines. It provides a formal framework that verifies the compliance of the advanced metering infrastructure (AMI) configurations with the security and resiliency requirements, and generates remediation plans for potential security violations. The second section covers the formal verification of the security and resiliency of smart grid control systems by using a formal model to analyze attack evasions on state estimation, a core control module of the supervisory control system in smart grids. The model identifies attack vectors that can compromise state estimation. This section also covers risk mitigation techniques that synthesize proactive security plans that make such attacks infeasible. The last part of the book discusses the dynamic security analysis for smart grids. It shows that AMI behavior can be modeled using event logs collected at smart collectors, which in turn can be verified using the specification invariants generated from the configurations of the AMI devices. Although the focus of this book is smart grid security and resiliency, the included formal analytics are generic enough to be extended to other cyber-physical systems, especially those related to industrial control systems (ICS). Therefore, industry professionals and academic researchers will find this book an exceptional resource to learn theoretical and practical aspects of applying formal methods for the protection of critical infrastructures.
Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems
Author: Eric D. Knapp
Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented. Divided into 11 chapters, the book explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also discusses industrial networks as they relate to “critical infrastructure and cyber security, potential risks and consequences of a cyber attack against an industrial control system, compliance controls in relation to network security practices, industrial network protocols, such as Modbus and DNP3, assessment of vulnerabilities and risk, how to secure enclaves, regulatory compliance standards applicable to industrial network security, and common pitfalls and mistakes, like complacency and deployment errors. This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines. Covers implementation guidelines for security measures of critical infrastructure Applies the security measures for system-specific compliance Discusses common pitfalls and mistakes and how to avoid them
The increased use of technology is necessary in order for industrial control systems to maintain and monitor industrial, infrastructural, or environmental processes. The need to secure and identify threats to the system is equally critical. Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection provides a full and detailed understanding of the vulnerabilities and security threats that exist within an industrial control system. This collection of research defines and analyzes the technical, procedural, and managerial responses to securing these systems.
9th International Workshop, SERENE 2017, Geneva, Switzerland, September 4–5, 2017, Proceedings
Author: Alexander Romanovsky
This book constitutes the refereed proceedings of the International Workshop on Software Engineering for Resilient Systems, SERENE 2017, held in Geneva; Switzerland, in September 2017. The 11 papers presented together with 2 invited talks were carefully reviewed and selected from 16 submissions. They cover the following areas: modeling and specification; safety and security; fault tolerance, resilience and robustness software.
Cyber Strategy: Risk-Driven Security and Resiliency provides a process and roadmap for any company to develop its unified Cybersecurity and Cyber Resiliency strategies. It demonstrates a methodology for companies to combine their disassociated efforts into one corporate plan with buy-in from senior management that will efficiently utilize resources, target high risk threats, and evaluate risk assessment methodologies and the efficacy of resultant risk mitigations. The book discusses all the steps required from conception of the plan from preplanning (mission/vision, principles, strategic objectives, new initiatives derivation), project management directives, cyber threat and vulnerability analysis, cyber risk and controls assessment to reporting and measurement techniques for plan success and overall strategic plan performance. In addition, a methodology is presented to aid in new initiative selection for the following year by identifying all relevant inputs. Tools utilized include: Key Risk Indicators (KRI) and Key Performance Indicators (KPI) National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) Target State Maturity interval mapping per initiative Comparisons of current and target state business goals and critical success factors A quantitative NIST-based risk assessment of initiative technology components Responsible, Accountable, Consulted, Informed (RACI) diagrams for Cyber Steering Committee tasks and Governance Boards’ approval processes Swimlanes, timelines, data flow diagrams (inputs, resources, outputs), progress report templates, and Gantt charts for project management The last chapter provides downloadable checklists, tables, data flow diagrams, figures, and assessment tools to help develop your company’s cybersecurity and cyber resiliency strategic plan.
As industrial control systems (ICS), including SCADA, DCS, and other process control networks, become Internet-facing, they expose crucial services to attack. Threats like Duqu, a sophisticated worm found in the wild that appeared to share portions of its code with the Stuxnet worm, emerge with increasing frequency. Explaining how to develop and im
Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events. Developed at Sandia National Labs, the authors’ analytical approach and methodology enables decision-makers and security experts to perform and utilize risk assessments in a manner that extends beyond the theoretical to practical application. These protocols leverage expertise in modeling dependencies—optimizing system resiliency for effective physical protection system design and consequence mitigation. The book begins by focusing on the design of protection strategies to enhance the robustness of the infrastructure components. The authors present risk assessment tools and necessary metrics to offer guidance to decision-makers in applying sometimes limited resources to reduce risk and ensure operational resiliency. Our critical infrastructure is vast and made up of many component parts. In many cases, it may not be practical or affordable to secure every infrastructure node. For years, experts—as a part of the risk assessment process—have tried to better identify and distinguish higher from lower risks through risk segmentation. In the second section of the book, the authors present examples to distinguish between high and low risks and corresponding protection measures. In some cases, protection measures do not prevent undesired events from occurring. In others, protection of all infrastructure components is not feasible. As such, this section describes how to evaluate and design resilience in these unique scenarios to manage costs while most effectively ensuring infrastructure system protection. With insight from the authors’ decades of experience, this book provides a high-level, practical analytical framework that public and private sector owners and operators of critical infrastructure can use to better understand and evaluate infrastructure security strategies and policies. Strengthening the entire homeland security enterprise, the book presents a significant contribution to the science of critical infrastructure protection and resilience.
Advanced Technologies and Solutions, Second Edition
Author: Stuart Borlase
Publisher: CRC Press
Category: Technology & Engineering
The latest edition features a new chapter on implementation and operation of an integrated smart grid with updates to multiple chapters throughout the text. New sections on Internet of things, and how they relate to smart grids and smart cities, have also been added to the book. It describes the impetus for change in the electric utility industry and discusses the business drivers, benefits, and market outlook of the smart grid initiative. The book identifies the technical framework of enabling technologies and smart solutions and describes the role of technology developments and coordinated standards in smart grid, including various initiatives and organizations helping to drive the smart grid effort. With chapters written by leading experts in the field, the text explains how to plan, integrate, implement, and operate a smart grid.
The 'Architect's Bible' since 1932, updated with the latest codes and standards Architectural Graphic Standards is the written authority for architects, designers, and building contractors. It provides comprehensive guidance on the visual representation of materials, products, systems, and assemblies. Updated to reflect the most current codes and standards, this new 12th edition features over 300 new drawings, tables, and designs and twenty-five percent new content. In response to architects' feedback and overwhelming demand for a more graphics-heavy format, this edition employs shorter, more accessible texts and more images of the standards and evolution of design and construction. New coverage includes building resiliency and the building envelope, expert discussion on the fundamentals of design and construction documentation, and new examination of environmental factors and material properties and performance. Sustainable Design is no longer separated, but incorporated throughout, and extensive appendices keep useful data right at your fingertips. Graphic standards are essential to building design. They cover everything from door frames and roof designs to air ducts and outdoor sports facilities. This meticulous resource provides a compendium of planning standards, optimum dimensions, and normative construction details. The book is organized into three core sections covering: design and documentation, materials, and building elements. Architectural Graphic Standards features: Key architectural design and production processes—functional planning, environmental assessment, building resiliency, and architectural construction documentation Thorough coverage of materials: concrete, masonry, metals, wood, plastics, composites, and glass An exhaustive survey of building elements—substructures, shells, services, equipment, furnishings, special structures, and siteworks Comprehensive appendixes filled with pertinent data such as: classic architectural elements, mathematical data, and structural calculations Endorsed by the American Institute of Architects, this book has an enduring and unsurpassed reputation for high-quality illustration, text, and graphic design. For crucial information in a user-friendly format, Architectural Graphic Standards is the go-to reference on building design and construction.
This book provides profound insights into industrial control system resilience, exploring fundamental and advanced topics and including practical examples and scenarios to support the theoretical approaches. It examines issues related to the safe operation of control systems, risk analysis and assessment, use of attack graphs to evaluate the resiliency of control systems, preventive maintenance, and malware detection and analysis. The book also discusses sensor networks and Internet of Things devices. Moreover, it covers timely responses to malicious attacks and hazardous situations, helping readers select the best approaches to handle such unwanted situations. The book is essential reading for engineers, researchers, and specialists addressing security and safety issues related to the implementation of modern industrial control systems. It is also a valuable resource for students interested in this area.
"...excellent for use as a text in information assurance orcyber-security courses...I strongly advocate thatprofessors...examine this book with the intention of using it intheir programs." (Computing Reviews.com, March 22, 2007) "The book is written as a student textbook, but it should beequally valuable for current practitioners...this book is a veryworthwhile investment." (Homeland Security Watch, August 17,2006) While the emphasis is on the development of policies that lead tosuccessful prevention of terrorist attacks on the nation’sinfrastructure, this book is the first scientific study of criticalinfrastructures and their protection. The book models thenation’s most valuable physical assets and infrastructuresectors as networks of nodes and links. It then analyzes thenetwork to identify vulnerabilities and risks in the sectorcombining network science, complexity theory, modeling andsimulation, and risk analysis. The most critical components become the focus of deeper analysisand protection. This approach reduces the complex problem ofprotecting water supplies, energy pipelines, telecommunicationstations, Internet and Web networks, and power grids to a muchsimpler problem of protecting a few critical nodes. The new editionincorporates a broader selection of ideas and sectors and moves themathematical topics into several appendices.
Safety in the process industries is critical for those who work with chemicals and hazardous substances or processes. The field of loss prevention is, and continues to be, of supreme importance to countless companies, municipalities and governments around the world, and Lees’ is a detailed reference to defending against hazards. Recognized as the standard work for chemical and process engineering safety professionals, it provides the most complete collection of information on the theory, practice, design elements, equipment, regulations and laws covering the field of process safety. An entire library of alternative books (and cross-referencing systems) would be needed to replace or improve upon it, but everything of importance to safety professionals, engineers and managers can be found in this all-encompassing three volume reference instead. The process safety encyclopedia, trusted worldwide for over 30 years Now available in print and online, to aid searchability and portability Over 3,600 print pages cover the full scope of process safety and loss prevention, compiling theory, practice, standards, legislation, case studies and lessons learned in one resource as opposed to multiple sources
Overview of security and privacy in cyber-physical systems -- Network security and privacy for cyber-physical systems -- Tutorial on information theoretic metrics quantifying privacy in cyber-physical systems -- Cyber-physical systems and national security concerns -- Legal considerations of cyber-physical systems and the Internet of Things -- Key management -- Secure registration and remote attestation of IoT devices joining the cloud : the Stack4Things case of study -- Context awareness for adaptive access control management in IoT environments -- Data privacy issues in distributed security monitoring system -- Privacy protection for cloud-based robotic networks -- Network coding technique : security challenges and applications -- Lightweight crypto and security -- Cyber-physical vulnerabilities of wireless sensor networks in smart cities -- Towards detecting data integrity attacks in smart grid -- Survey on data security and privacy in wireless sensor systems for health -- Security of smart buildings -- The internet of postal things : making the postal infrastructure smarter -- Security and privacy issues in the internet of cows -- Admission control based load protection in the smart grid
14th International Conference, CRITIS 2019, Linköping, Sweden, September 23–25, 2019, Revised Selected Papers
Author: Simin Nadjm-Tehrani
Publisher: Springer Nature
This book constitutes the revised selected papers of the 14th International Conference on Critical Information Infrastructures Security, CRITIS 2019, held in Linköping, Sweden, in September 2019. The 10 full papers and 5 short papers presented were carefully reviewed and selected from 30 submissions. They are grouped in the following topical sections: Invited Papers, Risk Management, Vulnerability Assessment, Resilience and Mitigation Short Papers, and Industry and Practical Experience Reports.
Today, the Internet has become a source of information that no country or company can forgo. It is not only used to communicate or entertain, but most importantly to operate utilities and public services such as banking or air traffic. As the reliance on computer networks across societies and economies keeps growing, so do security risks in cyberspace - referred to as "cybersecurity." Cybersecurity means protecting information and control systems from those who seek to compromise them. It also involves actors, both malicious or protective, policies and their societal consequences. This collection of essays provides a better understanding of the risks, perceptions, and myths that surround cybersecurity by looking at it from three different levels of analysis: the sovereign state, the infrastructure and stakeholders of the Internet, and the individual. The essays explore such issues as information ownership, censorship, cyberwars, cyberterrorism, privacy, and rebellion, bringing together expert knowledge from computer science and the social sciences with case studies. It reviews existing policies and practices and discusses the threats and benefits of living in an increasingly networked world. This authoritative analysis of one of the most controversial and compelling security debates of the twenty-first century will appeal to scholars and practitioners interested in security, international relations and policymaking.
This book presents a comprehensive overview of security issues in Cyber Physical Systems (CPSs), by analyzing the issues and vulnerabilities in CPSs and examining state of the art security measures. Furthermore, this book proposes various defense strategies including intelligent attack and anomaly detection algorithms. Today’s technology is continually evolving towards interconnectivity among devices. This interconnectivity phenomenon is often referred to as Internet of Things (IoT). IoT technology is used to enhance the performance of systems in many applications. This integration of physical and cyber components within a system is associated with many benefits; these systems are often referred to as Cyber Physical Systems (CPSs). The CPSs and IoT technologies are used in many industries critical to our daily lives. CPSs have the potential to reduce costs, enhance mobility and independence of patients, and reach the body using minimally invasive techniques. Although this interconnectivity of devices can pave the road for immense advancement in technology and automation, the integration of network components into any system increases its vulnerability to cyber threats. Using internet networks to connect devices together creates access points for adversaries. Considering the critical applications of some of these devices, adversaries have the potential of exploiting sensitive data and interrupting the functionality of critical infrastructure. Practitioners working in system security, cyber security & security and privacy will find this book valuable as a reference. Researchers and scientists concentrating on computer systems, large-scale complex systems, and artificial intelligence will also find this book useful as a reference.