Handbook of SCADA/Control Systems Security
Language: English
Pages: 387
ISBN: B00UV905O6
Format: PDF / Kindle (mobi) / ePub
The availability and security of many services we rely upon—including water treatment, electricity, healthcare, transportation, and financial transactions—are routinely put at risk by cyber threats. The Handbook of SCADA/Control Systems Security is a fundamental outline of security concepts, methodologies, and relevant information pertaining to the supervisory control and data acquisition (SCADA) systems and technology that quietly operate in the background of critical utility and industrial facilities worldwide.
Divided into five sections, the book examines topics comprising functions within and throughout industrial control systems (ICS) environments. Topics include:
- Emerging trends and threat factors that plague the ICS security community
- Risk methodologies and principles that can be applied to safeguard and secure an automated operation
- Methods for determining events leading to a cyber incident, and methods for restoring and mitigating issues—including the importance of critical communications
- The necessity and reasoning behind implementing a governance or compliance program
- A strategic roadmap for the development of a secured SCADA/control systems environment, with examples
- Relevant issues concerning the maintenance, patching, and physical localities of ICS equipment
- How to conduct training exercises for SCADA/control systems
The final chapters outline the data relied upon for accurate processing, discusses emerging issues with data overload, and provides insight into the possible future direction of ISC security.
The book supplies crucial information for securing industrial automation/process control systems as part of a critical infrastructure protection program. The content has global applications for securing essential governmental and economic systems that have evolved into present-day security nightmares. The authors present a "best practices" approach to securing business management environments at the strategic, tactical, and operational levels.
Information Security Governance: A Practical Development and Implementation Approach
Computer Security Basics (2nd Edition)
Imaging for Forensics and Security: From Theory to Practice (Signals and Communication Technology)
Inside Cyber Warfare: Mapping the Cyber Underworld
Power-down. Additionally, static memory sources (such as flash memory) may be overwritten if an orderly shutdown is allowed to occur. Much of the information contained within a router that is related to a forensic investigation is volatile in nature. This can include dynamic route updates, ARP information, dynamic name caching, and even logs. Routers, switches, and transmission equipment form the backbone of the Internet and, in particular, SCADA systems. Yet most forensic investigators do not.
Appear to be repetitive in its content from those sources was taken to provide a more introspective perception of what defines “SCADA security.” The editors wish to thank the following organizations and individuals for their contributions: United States Department of Homeland Security’s National Cyber Security Division’s Control Systems Security Program United States Department of Homeland Security Industrial Control Systems Computer Emergency Response Team (ICS-CERT) United States Department of.
Processes a system supports, the MTD, and the impact loss of the system would have on the business to establish what type of recovery site is needed. An information system recovery strategy may incorporate one or more of these types of alternate processing facilities. For example, some functionality of a system may be highly critical and require a hot site to minimize the downtime and impact on mission/business processes. However, other functionality of the same system, such as a reporting or.
Handling incidents at designated intervals. Another important post-incident activity is creating a follow-up report for each incident, which can be quite valuable for future use. First, the report provides a reference that can be used to assist in handling similar incidents. Creating a formal chronology of events (including time stamped information such as log data from systems) is important for legal reasons, as is creating a monetary estimate of the amount of damage the incident caused in terms.
Evidence may need to be retained until all legal actions have been completed. In some cases, this may take several years. Furthermore, evidence that seems insignificant now may become more important in the future. For example, if an attacker is able to use knowledge gathered in one attack to perform a more severe attack later, evidence from the first attack may be key to explaining how the second attack was accomplished. • Data retention. Most organizations have data retention policies that.