Industrial Cybersecurity 9781788395151, 1788395158, 9781788395984, 1788395980
Key Features Learn about endpoint protection such as anti-malware implementation, updating, monitoring, and sanitizing u
1,288 150 61MB
English Pages 456 Year 2017
Table of contents :
Cover
Copyright
Credits
About the Author
About the Reviewers
www.PacktPub.com
Customer Feedback
Table of Contents
Preface
Chapter 1: Industrial Control Systems
An overview of an Industrial control system
The view function
The monitor function
The control function
The Industrial control system architecture
Programmable logic controllers
Human Machine Interface
Supervisory Control and Data Acquisition
Distributed control system
Safety instrumented system
The Purdue model for Industrial control systems
The enterprise zone
Level 5 --
Enterprise network. Level 4 --
Site business planning and logisticsIndustrial Demilitarized Zone
The manufacturing zone
Level 3 --
Site operations
Level 2 --
Area supervisory control
Level 1 --
Basic control
Level 0 --
Process
Industrial control system communication media and protocols
Regular information technology network protocols
Process automation protocols
Industrial control system protocols
Building automation protocols
Automatic meter reading protocols
Communication protocols in the enterprise zone
Communication protocols in the Industrial zone
Summary
Chapter 2: Insecure by Inheritance. Industrial control system historyModbus and Modbus TCP/IP
Breaking Modbus
Using Python and Scapy to communicate over Modbus
Replaying captured Modbus packets
PROFINET
PROFINET packet replay attacks
S7 communication and the stop CPU vulnerability
EtherNet/IP and the Common Industrial Protocol
Shodan: The scariest search engine on the internet
Common IT protocols found in the ICS
HTTP
File Transfer Protocol
Telnet
Address Resolution Protocol
ICMP echo request
Summary
Chapter 3: Anatomy of an ICS Attack Scenario
Setting the stage
The Slumbertown paper mill
Trouble in paradise. Building a virtual test networkClicking our heels
What can the attacker do with their access?
The cyber kill chain
Phase two of the Slumbertown Mill ICS attack
Other attack scenarios
Summary
Chapter 4: Industrial Control System Risk Assessment
Attacks, objectives, and consequences
Risk assessments
A risk assessment example
Step 1 --
Asset identification and system characterization
Step 2 --
Vulnerability identification and threat modeling
Discovering vulnerabilities
Threat modeling
Step 3 --
Risk calculation and mitigation
Summary. Chapter 5: The Purdue Model and a Converged Plantwide EthernetThe Purdue Enterprise Reference Architecture
The Converged Plantwide Enterprise
The safety zone
Cell/area zones
Level 0 --
The process
Level 1 --
Basic control
Level 2 --
Area supervisory control
The manufacturing zone
Level 3 --
Site manufacturing operations and control
The enterprise zone
Level 4 --
Site business planning and logistics
Level 5 --
Enterprise
Level 3.5 --
The Industrial Demilitarized Zone
The CPwE industrial network security framework
Summary
Chapter 6: The Defense-in-depth Model
ICS security restrictions.
