ebook img

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS PDF

330 Pages·2011·4.98 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

Cybersecurity for Industrial Control Systems SCADA, DCS, PLC, HMI, and SIS Tyson Macaulay and Bryan Singer 2 CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2011 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S. Government works Version Date: 20120113 International Standard Book Number-13: 978-1-4665-1611-3 (eBook - ePub) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or 3 retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copyright.com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com and the CRC Press Web site at http://www.crcpress.com 4 Contents AUTHORS CHAPTER 1 INTRODUCTION Where This Book Starts and Stops Our Audience What Is an Industrial Control System? Is Industrial Control System Security Different Than Regular IT Security? Where Are ICS Used? ICS Compared to Safety Instrumented Systems What Has Changed in ICS That Raises New Concerns? Naming, Functionality, and Components of Typical ICS/ SCADA Systems Supervisory Control and Data Acquisition (SCADA) Remote Terminal Unit (RTU) Distributed Control System (DCS) Programmable Logic Controllers (PLCs) 5 Human–Machine Interface (HMI) Analogue versus IP Industrial Automation Convergence 101: It Is Not Just Process Data Crowding onto IP Convergence by Another Name Taxonomy of Convergence Triple-Play Convergence Transparent Convergence Blue-Sky Convergence The Business Drivers of IP Convergence Cost Drivers Competitive Drivers Regulatory Drivers The Conflicting Priorities of Convergence ICS Security Architecture and Convergence The Discussions to Follow in This Book Endnotes CHAPTER 2 THREATS TO ICS 6 Threats to ICS: How Security Requirements Are Different from ICS to IT Threat Treatment in ICS and IT Threats to ICS Threat-To and Threat-From The Most Serious Threat to ICS Collateral Damage Whatever Happened to the Old-Fashioned E-Mail Virus? Money, Money, Money The Fatally Curious, Naïve, and Gullible Hi-Jacking Malware No Room for Amateurs Taxonomy of Hi-Jacking Malware and Botnets Hi-Jacking Malware 101 Characteristics of a Bot (Zombie/Drone) The Reproductive Cycle of Modern Malware A Socks 4/Sock 5/HTTP Connect Proxy SMTP Spam Engines 7 Porn Dialers Conclusions on ICS Threats Endnotes CHAPTER 3 ICS VULNERABILITIES ICS Vulnerability versus IT Vulnerabilities Availability, Integrity, and Confidentiality Purdue Enterprise Reference Architecture PERA Levels Levels 5 and 4: Enterprise Systems Level 3: Operations Management Level 2: Supervisory Control Level 1: Local or Basic Control Level 0: Process An Ironic Comment on PERA Data at Rest, Data in Use, Data in Motion Distinguishing Business, Operational, and Technical Features of ICS ICS Vulnerabilities 8 Management Vulnerabilities Operational Vulnerabilities Technical Vulnerabilities Functional Vulnerabilities ICS Technical Vulnerability Class Breakdown Technical Vectors of Attack IT Devices on the ICS Network Interdependency with IT Green Network Stacks Protocol Inertia Limited Processing Power and Memory Size Storms/DOS of Various Forms Fuzzing MITM and Packet Injection Summary Endnotes CHAPTER 4 RISK ASSESSMENT TECHNIQUES 9 Introduction Contemporary ICS Security Analysis Techniques North American Electricity Reliability Council (NERC) National Institute of Standards and Technology (NIST) Department of Homeland Security (DHS) ICS Risk Assessment Processes INL National SCADA Test Bed Program (NSTB): Control System Security Assessment INL Vulnerability Assessment Methodology INL Metrics-Based Reporting for Risk Assessment Ideal-Based Risk Assessment and Metrics CCSP Cyber Security Evaluation Tool (CSET) U.S. Department of Energy: Electricity Sector Cyber Security Risk Management Process Guideline Evolving Risk Assessment Processes Consequence Matrices Safety Integrity Levels and Security Assurance Levels Security Assurance Level SAL-Based Assessments 10

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.