Techno security's guide to securing SCADA
Around the world, SCADA (supervisory control and data acquisition) systems and other real-time process control networks run mission-critical infrastructure--everything from the power grid to water treatment, chemical manufacturing to transportation. These networks are at increasing risk due to the m...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Rockland, Mass. :
Syngress
c2007.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627476106719 |
Tabla de Contenidos:
- Front Cover; Techno Security's Guide to Securing SCADA; Copyright Page; Lead Author; Contributors; Foreword Contributor; Contents; Foreword; Chapter 1: Physical Security: SCADA and the Critical Infrastructure's Biggest Vulnerability; Introduction; Key Control; Check All Locks for Proper Operation; A Little More about Locks and Lock Picking; The Elephant Burial Ground; Dumpster Diving Still Works; Employee Badges; Shredder Technology Has Changed; Keep an Eye on Corporate or Agency Phonebooks; Tailgating; Building Operations-Cleaning Crew Awareness; Spot-Checking Those Drop Ceilings
- Checking for Key Stroke ReadersChecking Those Phone Closets; Removing a Few Door Signs; Review Video Security Logs; Motion-Sensing Lights; Let's Go to Lunch; Fun in Manholes; Internal Auditors Are Your Friends; Always Be Slightly Suspicious; Getting Every Employee Involved; Summary; Solutions Fast Track; Frequently Asked Questions (and Special Interviews); Chapter 2: Supervisory Control and Data Acquisition; Introduction; Just What Is SCADA?; SCADA Systems and Components; Remote Terminal Units (RTUs); Programmable Logic Controllers (PLC); Discrete Control; Continuous Control
- Human Machine Interface (HMI)Distributed Control Systems (DCS); Hybrid Controllers; Event Loggers; Common SCADA Architectures; SCADA Communications Protocols; How Serious Are the Security Issues of SCADA?; Determining the Risks in Your SCADA System; Risk Mitigation for SCADA; Firewall Considerations for SCADA; Negative and Positive Security Models in Firewalls; Multi-Network Connectivity; Reactive and Proactive Solutions; Firewall Inspection Methods; Static Packet Filter; The Stateful Packet Filter; The Circuit-Level Gateway; Application-Level Gateway (Proxy); Intrusion Prevention Gateway
- Deep Packet InspectionUnified Threat Management (UTM); Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 3: SCADA Security Assessment Methodology; Introduction; Why Do Assessments on SCADA Systems?; Assessments Are the Right Thing to Do; Assessments Are Required; Information Protection Requirements; National Institute of Standards and Technology (NIST) Guidance; North American Electric Reliability Council (NERC) Critical Infrastructure Protection (CIP) Standards; Water Infrastructure Security Enhancement (WISE); The Critical Infrastructure Information Act of 2002
- An Approach to SCADA Information Security AssessmentsPre-Project Activities; Vetting the Assessment Request; Gaining Buy-In from Management and Technical Personnel; Management Buy-In; Technical Staff Buy-In; Researching the Organization; Researching Regulatory and Policy Requirements; Determining if this Is a Baseline Assessment or a Repeat Assessment; Making a Go/No-Go Decision; Pre-Assessment Activities; Determining the Organizational Mission; Identifying Critical Information; Example: Information Criticality; Business Description; Mission Statement; Critical Information for OOPS
- Identifying Impacts
