MARC details
| 000 -LEADER |
|---|
| fixed length control field |
11952cam a2200517Ii 4500 |
| 003 - CONTROL NUMBER IDENTIFIER |
|---|
| control field |
OCoLC |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20240205103731.0 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9780124201842 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
0124201849 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
0124201148 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9780124201149 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| Canceled/invalid ISBN |
9780124201149 |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
UMI |
| Language of cataloging |
eng |
| Description conventions |
rda |
| -- |
pn |
| Transcribing agency |
UMI |
| Modifying agency |
COO |
| -- |
DEBBG |
| -- |
B24X7 |
| -- |
STF |
| -- |
OCLCA |
| -- |
OCLCF |
| -- |
CEF |
| -- |
OCLCQ |
| -- |
AU@ |
| 041 ## - LANGUAGE CODE |
|---|
| Language code of text/sound track or separate title |
Eng |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
TS156.8 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Knapp, Eric D., |
| Relator term |
author |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Industrial network security : |
| Remainder of title |
securing critical infrastructure networks for smart grid, SCADA, and other industrial control systems / |
| Statement of responsibility, etc. |
Eric D. Knapp, Joel Thomas Langill |
| 246 30 - VARYING FORM OF TITLE |
|---|
| Title proper/short title |
Securing critical infrastructure networks for smart grid, SCADA, and other industrial control systems |
| 250 ## - EDITION STATEMENT |
|---|
| Edition statement |
Second edition |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Place of production, publication, distribution, manufacture |
Waltham, MA : |
| Name of producer, publisher, distributor, manufacturer |
Syngress, |
| Date of production, publication, distribution, manufacture, or copyright notice |
[2015] |
| 264 #4 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE, AND COPYRIGHT NOTICE |
|---|
| Date of production, publication, distribution, manufacture, or copyright notice |
©2015 |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
1 online resource (1 volume) : |
| Other physical details |
illustrations |
| 336 ## - CONTENT TYPE |
|---|
| Content type term |
text |
| Content type code |
txt |
| Source |
rdacontent |
| 337 ## - MEDIA TYPE |
|---|
| Media type term |
computer |
| Media type code |
c |
| Source |
rdamedia |
| 338 ## - CARRIER TYPE |
|---|
| Carrier type term |
online resource |
| Carrier type code |
cr |
| Source |
rdacarrier |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE |
|---|
| Bibliography, etc. note |
Includes bibliographical references and index |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Machine generated contents note: ch. 1 Introduction -- Book Overview and Key Learning Points -- Book Audience -- Diagrams and Figures -- The Smart Grid -- How This Book is Organized -- ch. 2 About Industrial Networks -- ch. 3 Industrial Cyber Security, History, and Trends -- ch. 4 Introduction to ICS and Operations -- ch. 5 ICS Network Design and Architecture -- ch. 6 Industrial Network Protocols -- ch. 7 Hacking Industrial Systems -- ch. 8 Risk and Vulnerability Assessments -- ch. 9 Establishing Zones and Conduits -- ch. 10 Implementing Security and Access Controls -- ch. 11 Exception, Anomaly, and Threat Detection -- ch. 12 Security Monitoring of Industrial Control Systems -- ch. 13 Standards and Regulations -- Changes Made to the Second Edition -- Conclusion -- ch. 2 About Industrial Networks -- The Use of Terminology Within This Book -- Attacks, Breaches, and Incidents: Malware, Exploits, and APTs -- Assets, Critical Assets, Cyber Assets, and Critical Cyber Assets |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: Security Controls and Security Countermeasures -- Firewalls and Intrusion Prevention Systems -- Industrial Control System -- DCS or SCADA? -- Industrial Networks -- Industrial Protocols -- Networks, Routable Networks, and Nonroutable Networks -- Enterprise or Business Networks -- Zones and Enclaves -- Network Perimeters or "Electronic Security Perimeters" -- Critical Infrastructure -- Common Industrial Security Recommendations -- Identification of Critical Systems -- Network Segmentation/Isolation of Systems -- Defense in Depth -- Access Control -- Advanced Industrial Security Recommendations -- Security Monitoring -- Policy Whitelisting -- Application Whitelisting -- Common Misperceptions About Industrial Network Security -- Assumptions Made in This Book -- Summary -- Endnotes -- ch. 3 Industrial Cyber Security History and Trends -- Importance of Securing Industrial Networks -- The Evolution of the Cyber Threat -- APTs and Weaponized Malware |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: Still to Come -- Defending Against Modern Cyber Threats -- Insider Threats -- Hacktivism, Cyber Crime, Cyber Terrorism, and Cyber War -- Summary -- Endnotes -- ch. 4 Introduction to Industrial Control Systems and Operations -- System Assets -- Programmable Logic Controller -- Remote Terminal Unit -- Intelligent Electronic Device -- Human-Machine Interface -- Supervisory Workstations -- Data Historian -- Business Information Consoles and Dashboards -- Other Assets -- System Operations -- Control Loops -- Control Processes -- Feedback Loops -- Production Information Management -- Business Information Management -- Process Management -- Safety Instrumented Systems -- The Smart Grid -- Network Architectures -- Summary -- Endnotes -- ch. 5 Industrial Network Design and Architecture -- Introduction to Industrial Networking -- Common Topologies -- Network Segmentation -- Higher Layer Segmentation -- Physical vs. Logical Segmentation -- Network Services |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: Wireless Networks -- Remote Access -- Performance Considerations -- Latency and Jitter -- Bandwidth and Throughput -- Type of Service, Class of Service, and Quality of Service -- Network Hops -- Network Security Controls -- Safety Instrumented Systems -- Special Considerations -- Wide Area Connectivity -- Smart Grid Network Considerations -- Advanced Metering Infrastructure -- Summary -- Endnotes -- ch. 6 Industrial Network Protocols -- Overview of Industrial Network Protocols -- Fieldbus Protocols -- Modicon Communication Bus -- Distributed Network Protocol -- Process Fieldbus -- Industrial Ethernet Protocols -- Ethernet Industrial Protocol -- PROFLNET -- EtherCAT -- Ethernet POWERLINK -- SERCOS III -- Backend Protocols -- Open Process Communications -- Inter-Control Center Communications Protocol -- Advanced Metering Infrastructure and the Smart Grid -- Security Concerns -- Security Recommendations -- Industrial Protocol Simulators -- Modbus |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: DNP3/IEC 60870-5 -- OPC -- ICCP / IEC 60870-6 (TASE.2) -- Physical Hardware -- Summary -- Endnotes -- ch. 7 Hacking Industrial Control Systems -- Motives and Consequences -- Consequences of a Successful Cyber Incident -- Cyber Security and Safety -- Common Industrial Targets -- Common Attack Methods -- Man-in-the-Middle Attacks -- Denial-of-Service Attacks -- Replay Attacks -- Compromising the Human-Machine Interface -- Compromising the Engineering Workstation -- Blended Attacks -- Examples of Weaponized Industrial Cyber Threats -- Stuxnet -- Shamoon/DistTrack -- Flame/Flamer/Skywiper -- Attack Trends -- Evolving Vulnerabilities: The Adobe Exploits -- Industrial Application Layer Attacks -- Antisocial Networks: A New Playground for Malware -- Dealing with an Infection -- Summary -- Endnotes -- ch. 8 Risk and Vulnerability Assessments -- Cyber Security and Risk Management -- Why Risk Management is the Foundation of Cyber Security -- What is Risk? |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: Standards and Best Practices for Risk Management -- Methodologies for Assessing Risk Within Industrial Control Systems -- Security Tests -- Establishing a Testing and Assessment Methodology -- System Characterization -- Data Collection -- Scanning of Industrial Networks -- Threat Identification -- Threat Actors/Sources -- Threat Vectors -- Threat Events -- Identification of Threats During Security Assessments -- Vulnerability Identification -- Vulnerability Scanning -- Configuration Auditing -- Vulnerability Prioritization -- Risk Classification and Ranking -- Consequences and Impact -- How to Estimate Consequences and Likelihood -- Risk Ranking -- Risk Reduction and Mitigation -- Summary -- Endnotes -- ch. 9 Establishing Zones and Conduits -- Security Zones and Conduits Explained -- Identifying and Classifying Security Zones and Conduits -- Recommended Security Zone Separation -- Network Connectivity -- Control Loops -- Supervisory Controls |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: Plant Level Control Processes -- Control Data Storage -- Trading Communications -- Remote Access -- Users and Roles -- Protocols -- Criticality -- Establishing Security Zones and Conduits -- Summary -- Endnotes -- ch. 10 Implementing Security and Access Controls -- Network Segmentation -- Zones and Security Policy Development -- Using Zones within Security Device Configurations -- Implementing Network Security Controls -- Selecting Network Security Devices -- Implementing Network Security Devices -- Implementing Host Security and Access Controls -- Selecting Host Cyber Security Systems -- External Controls -- Patch Management -- How Much Security is Enough? -- Summary -- Endnotes -- ch. 11 Exception, Anomaly, and Threat Detection -- Exception Reporting -- Behavioral Anomaly Detection -- Measuring Baselines -- Anomaly Detection -- Behavioral Whitelisting -- User Whitelists -- Asset Whitelists -- Application Behavior Whitelists -- Threat Detection |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: Event Correlation -- Correlating Between IT and OT Systems -- Summary -- Endnotes -- ch. 12 Security Monitoring of Industrial Control Systems -- Determining what to Monitor -- Security Events -- Assets -- Configurations -- Applications -- Networks -- User Identities and Authentication -- Additional Context -- Behavior -- Successfully Monitoring Security Zones -- Log Collection -- Direct Monitoring -- Inferred Monitoring -- Information Collection and Management Tools -- Monitoring Across Secure Boundaries -- Information Management -- Queries -- Reports -- Alerts -- Incident Investigation and Response -- Log Storage and Retention -- Nonrepudiation -- Data Retention/Storage -- Data Availability -- Summary -- Endnotes -- ch. 13 Standards and Regulations -- Common Standards and Regulations -- NERC CIP -- CFATS -- ISO/TEC 27002 -- NRC Regulation 5.71 -- NIST SP 800-82 -- ISA/IEC-62443 -- ISA 62443 Group 1 "General" |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: ISA 62443 Group 2 "Policies and Procedures" -- ISA 62443 Group 3 "System" -- ISA 62443 Group 4 "Component" -- Mapping Industrial Network Security to Compliance -- Industry Best Practices for Conducting ICS Assessments -- Department of Homeland Security (USA) / Centre for Protection of National Infrastructure (UK) -- National Security Agency (USA) -- American Petroleum Institute (USA) / National Petrochemical and Refiners Association (USA) -- Institute for Security and Open Methodologies (Spain) -- Common Criteria and FTPS Standards -- Common Criteria -- FIPS 140-2 -- Summary -- Endnotes -- Appendix A Protocol Resources -- Modbus Organization -- DNP3 Users Group -- OPC Foundation -- Common Industrial Protocol (CIP) / Open Device Vendor Association (ODVA) -- PROFD3US & PROFINET International (PI) -- Appendix B Standards Organizations -- North American Reliability Corporation (NERC) -- The United States Nuclear Regulatory -- Commission (NRC) |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Note continued: NRC Title 10 CFR 73.54 -- NRC RG 5.71 -- United States Department of Homeland Security -- Chemical Facilities Anti-Terrorism Standard (CFATS) -- CFATS Risk-Based Performance Standards (RBPS) -- International Society of Automation (ISA) -- International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) -- Appendix C NIST Security Guidelines -- National Institute of Standards and Technology, Special Publications 800 Series -- Glossary -- Endnotes |
| 506 ## - RESTRICTIONS ON ACCESS NOTE |
|---|
| Terms governing access |
Available to OhioLINK libraries |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc. |
This book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. It provides a thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation. Topics Include: all-new real-world examples of attacks against control systems, and more diagrams of systems; expanded coverage of protocols such as 61850, Ethernet/IP, CIP, ISA-99, and the evolution to IEC62443, smart grid security; signature-based detection, exploit-based vs. vulnerability-based detection, and signature reverse engineering. -- |
| Assigning source |
Edited summary from book |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Process control |
| General subdivision |
Security measures |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name entry element |
Computer security |
| 700 1# - ADDED ENTRY--PERSONAL NAME |
|---|
| Personal name |
Langill, Joel Thomas, |
| Relator term |
author |
| 710 2# - ADDED ENTRY--CORPORATE NAME |
|---|
| Corporate name or jurisdiction name as entry element |
Ohio Library and Information Network |
| 776 08 - ADDITIONAL PHYSICAL FORM ENTRY |
|---|
| Relationship information |
Print version: |
| Main entry heading |
Knapp, Eric D. |
| Title |
Industrial network security : securing critical infrastructure networks for smart grid, SCADA, and other industrial control systems. |
| Edition |
Second edition. |
| Place, publisher, and date of publication |
Waltham, Massachusetts : Syngress, ©2015 |
| Physical description |
xix, 439 pages |
| International Standard Book Number |
9780124201149 |
| 856 40 - ELECTRONIC LOCATION AND ACCESS |
|---|
| Public note |
Connect to resource |
| Uniform Resource Identifier |
<a href="https://learning.oreilly.com/library/view/~/9780124201149/?ar">https://learning.oreilly.com/library/view/~/9780124201149/?ar</a> |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Library of Congress Classification |
| Koha item type |
Books |