Industrial Automation and Control System Security Principles
Intro -- Half Title -- Title Page -- Copyright Page -- Dedication -- Acknowledgment -- Contents -- About the Author -- Foreword -- Preface -- Chapter 1: Industrial Automation and Control System Fundamental Concepts -- Industrial Automation and Control Systems -- SCADA Systems -- Distributed Control Systems -- Safety Instrumented Systems -- Industrial Automation and Control System Protocol Summary -- The OSI Model -- The TCP/IP Model -- Object Linking and Embedding for Process Control -- OPC Unified Architecture -- Modbus/TCP Model -- The Distributed Network Protocol -- Utility Communications Architecture Version 2.0/IEC 61850 -- PROFIBUS -- Controller Area Network -- EtherNet/IP -- openSAFETY Protocol -- Issues in Industrial Automation and Control Systems Security -- Summary -- Review Questions for Chapter 1 -- References -- Chapter 2: Information System Security Technology -- Information System Security Fundamentals -- Confidentiality -- Integrity -- Availability -- Identification -- Authentication -- Authorization -- Accountability -- Auditing -- Nonrepudiation -- Related Terminology -- Types and Classes of Attack -- Additional System Security Concepts -- Complete Mediation -- Defense in Depth -- Economy of Mechanism -- Fail-Safe -- Least Common Mechanism -- Least Privilege -- Leveraging Existing Components -- Open Design -- Psychological Acceptability -- Separation of Duties -- Weakest Link -- Policies, Standards, Guidelines, and Procedures -- Policies -- Standards -- Guidelines -- Procedures -- Malicious Code and Attacks -- Viruses and Worms -- Trojan Horse -- Logic Bomb -- Mobile Code -- Back Door -- Scanning -- Man-in-the-Middle -- Social Engineering -- Guessing Passwords -- Denial of Service/Distributed Denial of Service -- Replay -- Dumpster Diving -- Firewalls -- Packet-Filtering Firewall -- Stateful Inspection -- Application Firewall.