Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Industrial Cybersecurity
  • Toc
  • feedback
Industrial Cybersecurity

Industrial Cybersecurity

By : Pascal Ackerman
4.8 (12)
close
Industrial Cybersecurity

Industrial Cybersecurity

4.8 (12)
By: Pascal Ackerman

Overview of this book

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.
Table of Contents (13 chapters)
close
close
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Industrial Control Systems
Industrial Control Systems
An overview of an Industrial control system
The Industrial control system architecture
The Purdue model for Industrial control systems
Industrial control system communication media and protocols
Summary
2
Insecure by Inheritance
Insecure by Inheritance
Industrial control system history
Modbus and Modbus TCP/IP
PROFINET
Common IT protocols found in the ICS
Summary
3
Anatomy of an ICS Attack Scenario
Anatomy of an ICS Attack Scenario
Setting the stage
The Slumbertown paper mill
Trouble in paradise
What can the attacker do with their access?
The cyber kill chain
Phase two of the Slumbertown Mill ICS attack
Other attack scenarios
Summary
4
Industrial Control System Risk Assessment
Industrial Control System Risk Assessment
Attacks, objectives, and consequences
Risk assessments
A risk assessment example
Summary
5
The Purdue Model and a Converged Plantwide Ethernet
The Purdue Model and a Converged Plantwide Ethernet
The Purdue Enterprise Reference Architecture
Summary
6
The Defense-in-depth Model
The Defense-in-depth Model
ICS security restrictions
How to go about defending an ICS?
The ICS is extremely defendable
The defense-in-depth model
Summary
7
Physical ICS Security
Physical ICS Security
The ICS security bubble analogy
Segregation exercise
Down to it – Physical security
Summary
8
ICS Network Security
ICS Network Security
Designing network architectures for security
Summary
9
ICS Computer Security
ICS Computer Security
Endpoint hardening
Configuration and change management
Patch management
Endpoint protection software
Summary
10
ICS Application Security
chevron up
ICS Application Security
Application security
Application security testing
ICS application patching
ICS secure SDLC
Summary
11
ICS Device Security
ICS Device Security
ICS device hardening
ICS device patching
The ICS device life cycle
Summary
12
The ICS Cybersecurity Program Development Process
The ICS Cybersecurity Program Development Process
The NIST Guide to Industrial control systems  security
The ICS security program development process
Summary

ICS application patching

After discovering vulnerabilities, the most effective mitigation process is to patch or update the vulnerable applications. If the application was developed in-house, a change request should be send to the development team. If neither a patch nor a fix is applicable, a compensating control should be applied. Compensating controls can consist of adding a firewall rule to block access to the vulnerable service of the application or the decision to shop around for a better product. Sometimes the compensating control can be the decision to do nothing at all. The decision of what to do depends on the criticality of the application and the specifics of the vulnerability.

ICS patch management is a complex process, largely because of the uptime requirements and the sensitive nature of the ICS equipment. Not including those found in level 3 - site operations, applications...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 4
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete