Industrial Network Security
eBook - ePub

Industrial Network Security

Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems

  1. 460 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Industrial Network Security

Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems

About this book

As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systemsā€”energy production, water, gas, and other vital systemsā€”becomes more important, and heavily mandated. Industrial Network Security, Second Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems. The book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. This how-to guide gives you thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation. - All-new real-world examples of attacks against control systems, and more diagrams of systems - Expanded coverage of protocols such as 61850, Ethernet/IP, CIP, ISA-99, and the evolution to IEC62443 - Expanded coverage of Smart Grid security - New coverage of signature-based detection, exploit-based vs. vulnerability-based detection, and signature reverse engineering

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Industrial Network Security by Eric D. Knapp,Joel Thomas Langill in PDF and/or ePUB format, as well as other popular books in Business & Business Intelligence. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Syngress
Year
2014
Print ISBN
9780124201149
eBook ISBN
9780124201842
Edition
2
Topic
Business
Subtopic
Business Intelligence
Index
Business
Chapter 1

Introduction

Information in this chapter
ā€¢ Book Overview and Key Learning Points
ā€¢ Book Audience
ā€¢ Diagrams and Figures
ā€¢ The Smart Grid
ā€¢ How This Book Is Organized
ā€¢ Changes Made to the Second Addition

Book overview and key learning points

This book attempts to define an approach to industrial network security that considers the unique network, protocol, and application characteristics of an Industrial Control System (ICS), while also taking into consideration a variety of common compliance controls. For the purposes of this book, a common definition of ICS will be used in lieu of the more specific Supervisory Control and Data Acquisition (SCADA) or Distributed Control System (DCS) terms. Note that these and many other specialized terms are used extensively throughout the book. While we have made an effort to define them all, an extensive glossary has also been included to provide a quick reference if needed. If a term is included in the glossary, it will be printed in bold type the first time that it is used.
Although many of the techniques described hereinā€”and much of the general guidance provided by regulatory standards organizationsā€”are built upon common enterprise security methods, references and readily available information security tools, there is little information available about how these apply to an industrial network. This book attempts to rectify this by providing deployment and configuration guidance where possible, and by identifying why security controls should be implemented, where they should be implemented, how they should be implemented, and how they should be used.

Book audience

To adequately discuss industrial network security, the basics of two very different systems need to be understood: the Ethernet and Internet Protocol (IP) networking communications used ubiquitously in the enterprise, and the control and fieldbus protocols used to manage and/or operate automation systems.
As a result, this book possesses a bifurcated audience. For the plant operator with an advanced engineering degree and decades of programming experience for process controllers, the basics of industrial network protocols in Chapter 4 have been presented within the context of security in an attempt to not only provide value to such a reader, but also to get that reader thinking about the subtle implications of cyber security. For the information security analyst with a Certified Information Systems Security Professional (CISSP) certification, basic information security practices have been provided within the new context of an ICS.
There is an interesting dichotomy between the two that provides a further challenge. Enterprise security typically strives to protect digital information by securing the users and hosts on a network, while at the same time enabling the broad range of open communication services required within modern business. Industrial control systems, on the other hand, strive for the efficiency and reliability of a single, often fine-tuned system, while always addressing the safety of the personnel, plant, and environment in which they operate. Only by giving the necessary consideration to both sides can the true objective be achievedā€”a secure industrial network architecture that supports safe and reliable operation while also providing business value to the larger enterprise. This latter concept is referred to as ā€œoperational integrity.ā€
To further complicate matters, there is a third audienceā€”the compliance officer who is mandated with meeting either certain regulatory standards or internal policies and procedures in order to survive an audit with minimal penalties and/or fines. Compliance continues to drive information security budgets, and therefore the broader scope of industrial networks must also be narrowed on occasion to the energy industries, where (at least in the United States) electrical energy, nuclear energy, oil and gas, and chemical are tightly regulated. Compliance controls are discussed in this book solely within the context of implementing cyber security controls. The recommendations given are intended to improve security and should not be interpreted as advice concerning successful compliance management.

Diagrams and figures

The network diagrams used throughout this book have been intentionally simplified and have been designed to be as generic as possible while adequately representing ICS architectures and their industrial networks across a very wide range of systems and suppliers. As a result, the diagrams will undoubtedly differ from real ICS designs and may exclude details specific to one particular industry while including details that are specific to another. Their purpose is to provide a high-level understanding of the specific industrial network security controls being discussed.

The smart grid

Although the smart grid is of major concern and interest, for the most part it is treated as any other industrial network within this book, with specific considerations being made only when necessary (such as when considering available attack vectors). As a result, there are many security considerations specific to the smart grid that are unfortunately not included. This is partly to maintain focus on the more ubiquitous ICS security requirements; partly due to the relative immaturity of smart grid security and partly due to the specialized and complex nature of these systems. Although this means that specific measures for securing synchrophasers, meters, and so on, are not provided, the guidance and overall approach to security that is provided herein is certainly applicable to smart grid networks. For more in-depth reading on smart grid network security, consider Applied Cyber Security and the Smart Grid by Eric D. Knapp and Raj Samani (ISBN: 978-1-59749-998-9, Syngress).

How this book is organized

This book is divided into a total of 13 chapters, followed by three appendices guiding the reader where to find additional information and resources about industrial protocols, standards and regulations, and relevant security guidelines and best practices (such as NIST, ChemITC, and ISA).
The chapters begin with an introduction to industrial networking, and what a cyber-attack against an industrial control systems might represent in terms of potential risks and consequences, followed by details of how industrial networks can be assessed, secured, and monitored in order to obtain the strongest possible security, and conclude with a detailed discussion of various compliance controls and how those specific controls map back to network security practices.
It is not necessary to read this book cover to cover, in order. The book is intended to offer insight and recommendations that relate to both specific security goals as well as the cyclical nature of the security process. That is, if faced with performing a security assessment on an industrial network, begin with Chapter 8; every effort has been made to refer the reader to other relevant chapters where additional knowledge may be necessary.

Chapter 2: About industrial networks

In this chapter, there is a brief primer of industrial control systems, industrial networks, critical infrastructure, common cyber security guidelines, and other terminology specific to the lexicon of industrial cyber security. The goal of this chapter is to provide a baseline of information from which topics can be explored in more detail in the following chapters (there is also an extensive Glossary included to cover the abundance of new acronyms and terms used in industrial control networks). Chapter 2 also covers some of the basic misperceptions about industrial cyber security, in an attempt to rectify any misunderstandings prior to the more detailed discussions that will follow.

Chapter 3: Industrial cyber security, history, and trends

Chapter 3 is a primer for industrial cyber security. It introduces industrial network cyber security in terms of its history and evolution, by examining the interrelations between ā€œgeneralā€ networking, industrial networking, and potentially critical infrastructures. Chapter 3 covers the importance of securing industrial networks, discusses the impact of a successful industrial attack, and provides examples of real historical incidentsā€”including a discussion of the Advanced Persistent Threat and the implications of cyber war.

Chapter 4: Introduction to ICS and operations

It is impossible to understand how to adequately secure an industrial control environment without first understanding the fundamentals of ICSs and operations. These systems use specialized devices, applications, and protocols because they perform functions that are different than enterprise networks, with different requirements, operational priorities, and security considerations. Chapter 4 discusses control system assets, operations, protocol basics, how control processes are managed, and common systems and applications with special emphasis on smart grid operations.

Chapter 5: ICS network design and architecture

Industrial networks are built from a combination of Ethernet and IP networks (to interconnect general computing systems and servers) and at least one real-time network or fieldbus (to connect devices and process systems). These networks are typically nested deep within the enterprise architecture, offering some implied layers of protection against external threats. In recent years, the deployment of remote access and wireless networks within industrial systems have offered new entry points into these internal networks. Chapter 5 provides an overview of some of the more common industrial network designs and architectures, the potential risk they present, and some of the methods that can be used to select appropriate technologies and strengthen these critical industrial systems.

Chapter 6: Industrial network protocols

This chapter focuses on industrial network protocols, including Modbus, DNP3, OPC, ICCP, CIP, Foundation Fieldbus HSE, Wireless HART, Profinet and Profibus, and others. This chapter will also introduce vendor-proprietary industrial protocols, and the implications they have in securing industrial networks. The basics of protocol operation, frame format, and security considerations are provided for each, with security recommendations being made where applicable. Where properly disclosed vulnerabilities or exploits are available, examples are provided to illustrate the importance of securing industrial communications.

Chapter 7: Hacking industrial systems

Understanding effective cyber security requires a basic understanding of the threats that exist. Chapter 7 provides a high-level overview of common attack methodologies, and how industrial networks present a unique attack surface with common attack vectors to ma...

Table of contents

  1. Cover
  2. Title page
  3. Table of Contents
  4. Copyright
  5. About the Authors
  6. Preface
  7. Acknowledgments
  8. Chapter 1: Introduction
  9. Chapter 2: About Industrial Networks
  10. Chapter 3: Industrial Cyber Security History and Trends
  11. Chapter 4: Introduction to Industrial Control Systems and Operations
  12. Chapter 5: Industrial Network Design and Architecture
  13. Chapter 6: Industrial Network Protocols
  14. Chapter 7: Hacking Industrial Control Systems
  15. Chapter 8: Risk and Vulnerability Assessments
  16. Chapter 9: Establishing Zones and Conduits
  17. Chapter 10: Implementing Security and Access Controls
  18. Chapter 11: Exception, Anomaly, and Threat Detection
  19. Chapter 12: Security Monitoring of Industrial Control Systems
  20. Chapter 13: Standards and Regulations
  21. Appendix A: Protocol Resources
  22. Appendix B: Standards Organizations
  23. Appendix C: NIST Security Guidelines
  24. Glossary
  25. Index