Author: Andrew Ginter
Publisher: Abterra Technologies Inc.
ISBN: 0995298491
Category : Computers
Languages : en
Pages : 230
Book Description
Imagine you work in a power plant that uses a half dozen massive, 5-story-tall steam boilers. If a cyber attack makes a boiler over-pressurize and explode, the event will most likely kill you and everyone else nearby. Which mitigation for that risk would you prefer? A mechanical over-pressure valve on each boiler where, if the pressure in the boiler gets too high, then the steam forces the valve open, the steam escapes, and the pressure is released? Or a longer password on the computer controlling the boilers? Addressing cyber risks to physical operations takes more than cybersecurity. The engineering profession has managed physical risks and threats to safety and public safety for over a century. Process, automation and network engineering are powerful tools to address OT cyber risks - tools that simply do not exist in the IT domain. This text explores these tools, explores risk and looks at what "due care" means in today's changing cyber threat landscape. Note: Chapters 3-6 of the book Secure Operations Technology are reproduced in this text as Appendix B.
Engineering-Grade OT Security: A manager's guide
Author: Andrew Ginter
Publisher: Abterra Technologies Inc.
ISBN: 0995298491
Category : Computers
Languages : en
Pages : 230
Book Description
Imagine you work in a power plant that uses a half dozen massive, 5-story-tall steam boilers. If a cyber attack makes a boiler over-pressurize and explode, the event will most likely kill you and everyone else nearby. Which mitigation for that risk would you prefer? A mechanical over-pressure valve on each boiler where, if the pressure in the boiler gets too high, then the steam forces the valve open, the steam escapes, and the pressure is released? Or a longer password on the computer controlling the boilers? Addressing cyber risks to physical operations takes more than cybersecurity. The engineering profession has managed physical risks and threats to safety and public safety for over a century. Process, automation and network engineering are powerful tools to address OT cyber risks - tools that simply do not exist in the IT domain. This text explores these tools, explores risk and looks at what "due care" means in today's changing cyber threat landscape. Note: Chapters 3-6 of the book Secure Operations Technology are reproduced in this text as Appendix B.
Publisher: Abterra Technologies Inc.
ISBN: 0995298491
Category : Computers
Languages : en
Pages : 230
Book Description
Imagine you work in a power plant that uses a half dozen massive, 5-story-tall steam boilers. If a cyber attack makes a boiler over-pressurize and explode, the event will most likely kill you and everyone else nearby. Which mitigation for that risk would you prefer? A mechanical over-pressure valve on each boiler where, if the pressure in the boiler gets too high, then the steam forces the valve open, the steam escapes, and the pressure is released? Or a longer password on the computer controlling the boilers? Addressing cyber risks to physical operations takes more than cybersecurity. The engineering profession has managed physical risks and threats to safety and public safety for over a century. Process, automation and network engineering are powerful tools to address OT cyber risks - tools that simply do not exist in the IT domain. This text explores these tools, explores risk and looks at what "due care" means in today's changing cyber threat landscape. Note: Chapters 3-6 of the book Secure Operations Technology are reproduced in this text as Appendix B.
Secure Operations Technology
Author: Andrew Ginter
Publisher: Lulu.com
ISBN: 0995298432
Category : Computers
Languages : en
Pages : 162
Book Description
IT-SEC protects the information. SEC-OT protects physical, industrial operations from information, more specifically from attacks embedded in information. When the consequences of compromise are unacceptable - unscheduled downtime, impaired product quality and damaged equipment - software-based IT-SEC defences are not enough. Secure Operations Technology (SEC-OT) is a perspective, a methodology, and a set of best practices used at secure industrial sites. SEC-OT demands cyber-physical protections - because all software can be compromised. SEC-OT strictly controls the flow of information - because all information can encode attacks. SEC-OT uses a wide range of attack capabilities to determine the strength of security postures - because nothing is secure. This book documents the Secure Operations Technology approach, including physical offline and online protections against cyber attacks and a set of twenty standard cyber-attack patterns to use in risk assessments.
Publisher: Lulu.com
ISBN: 0995298432
Category : Computers
Languages : en
Pages : 162
Book Description
IT-SEC protects the information. SEC-OT protects physical, industrial operations from information, more specifically from attacks embedded in information. When the consequences of compromise are unacceptable - unscheduled downtime, impaired product quality and damaged equipment - software-based IT-SEC defences are not enough. Secure Operations Technology (SEC-OT) is a perspective, a methodology, and a set of best practices used at secure industrial sites. SEC-OT demands cyber-physical protections - because all software can be compromised. SEC-OT strictly controls the flow of information - because all information can encode attacks. SEC-OT uses a wide range of attack capabilities to determine the strength of security postures - because nothing is secure. This book documents the Secure Operations Technology approach, including physical offline and online protections against cyber attacks and a set of twenty standard cyber-attack patterns to use in risk assessments.
Robust Control System Networks
Author: Ralph Langner
Publisher: Momentum Press
ISBN: 1606503022
Category : Computers
Languages : en
Pages : 358
Book Description
From the researcher who was one of the first to identify and analyze the infamous industrial control system malware "Stuxnet," comes a book that takes a new, radical approach to making Industrial control systems safe from such cyber attacks: design the controls systems themselves to be "robust." Other security experts advocate risk management, implementing more firewalls and carefully managing passwords and access. Not so this book: those measures, while necessary, can still be circumvented. Instead, this book shows in clear, concise detail how a system that has been set up with an eye toward quality design in the first place is much more likely to remain secure and less vulnerable to hacking, sabotage or malicious control. It blends several well-established concepts and methods from control theory, systems theory, cybernetics and quality engineering to create the ideal protected system. The book's maxim is taken from the famous quality engineer William Edwards Deming, "If I had to reduce my message to management to just a few words, I'd say it all has to do with reducing variation." Highlights include: - An overview of the problem of "cyber fragility" in industrial control systems - How to make an industrial control system "robust," including principal design objectives and overall strategic planning - Why using the methods of quality engineering like the Taguchi method, SOP and UML will help to design more "armored" industrial control systems.
Publisher: Momentum Press
ISBN: 1606503022
Category : Computers
Languages : en
Pages : 358
Book Description
From the researcher who was one of the first to identify and analyze the infamous industrial control system malware "Stuxnet," comes a book that takes a new, radical approach to making Industrial control systems safe from such cyber attacks: design the controls systems themselves to be "robust." Other security experts advocate risk management, implementing more firewalls and carefully managing passwords and access. Not so this book: those measures, while necessary, can still be circumvented. Instead, this book shows in clear, concise detail how a system that has been set up with an eye toward quality design in the first place is much more likely to remain secure and less vulnerable to hacking, sabotage or malicious control. It blends several well-established concepts and methods from control theory, systems theory, cybernetics and quality engineering to create the ideal protected system. The book's maxim is taken from the famous quality engineer William Edwards Deming, "If I had to reduce my message to management to just a few words, I'd say it all has to do with reducing variation." Highlights include: - An overview of the problem of "cyber fragility" in industrial control systems - How to make an industrial control system "robust," including principal design objectives and overall strategic planning - Why using the methods of quality engineering like the Taguchi method, SOP and UML will help to design more "armored" industrial control systems.
SCADA Security - What's broken and how to fix it
Author: Andrew Ginter
Publisher: Lulu.com
ISBN: 0995298440
Category : Business & Economics
Languages : en
Pages : 182
Book Description
Modern attacks routinely breach SCADA networks that are defended to IT standards. This is unacceptable. Defense in depth has failed us. In ""SCADA Security"" Ginter describes this failure and describes an alternative. Strong SCADA security is possible, practical, and cheaper than failed, IT-centric, defense-in-depth. While nothing can be completely secure, we decide how high to set the bar for our attackers. For important SCADA systems, effective attacks should always be ruinously expensive and difficult. We can and should defend our SCADA systems so thoroughly that even our most resourceful enemies tear their hair out and curse the names of our SCADA systems' designers.
Publisher: Lulu.com
ISBN: 0995298440
Category : Business & Economics
Languages : en
Pages : 182
Book Description
Modern attacks routinely breach SCADA networks that are defended to IT standards. This is unacceptable. Defense in depth has failed us. In ""SCADA Security"" Ginter describes this failure and describes an alternative. Strong SCADA security is possible, practical, and cheaper than failed, IT-centric, defense-in-depth. While nothing can be completely secure, we decide how high to set the bar for our attackers. For important SCADA systems, effective attacks should always be ruinously expensive and difficult. We can and should defend our SCADA systems so thoroughly that even our most resourceful enemies tear their hair out and curse the names of our SCADA systems' designers.
Guide to Industrial Control Systems (ICS) Security
Author: Keith Stouffer
Publisher:
ISBN:
Category : Computer networks
Languages : en
Pages : 0
Book Description
Publisher:
ISBN:
Category : Computer networks
Languages : en
Pages : 0
Book Description
Domestic Engineering
Author:
Publisher:
ISBN:
Category : Domestic engineering
Languages : en
Pages : 2344
Book Description
Publisher:
ISBN:
Category : Domestic engineering
Languages : en
Pages : 2344
Book Description
Security PHA Review for Consequence-Based Cybersecurity
Author: Edward Marszal
Publisher:
ISBN: 9781643311173
Category :
Languages : en
Pages :
Book Description
Publisher:
ISBN: 9781643311173
Category :
Languages : en
Pages :
Book Description
Domestic Engineering and the Journal of Mechanical Contracting
Bulletin of the Atomic Scientists
Author:
Publisher:
ISBN:
Category :
Languages : en
Pages : 64
Book Description
The Bulletin of the Atomic Scientists is the premier public resource on scientific and technological developments that impact global security. Founded by Manhattan Project Scientists, the Bulletin's iconic "Doomsday Clock" stimulates solutions for a safer world.
Publisher:
ISBN:
Category :
Languages : en
Pages : 64
Book Description
The Bulletin of the Atomic Scientists is the premier public resource on scientific and technological developments that impact global security. Founded by Manhattan Project Scientists, the Bulletin's iconic "Doomsday Clock" stimulates solutions for a safer world.
Rapid Visual Screening of Buildings for Potential Seismic Hazards: Supporting Documentation
Author:
Publisher: Government Printing Office
ISBN: 9780160926754
Category : Business & Economics
Languages : en
Pages : 206
Book Description
The Rapid Visual Screening (RVS) handbook can be used by trained personnel to identify, inventory, and screen buildings that are potentially seismically vulnerable. The RVS procedure comprises a method and several forms that help users to quickly identify, inventory, and score buildings according to their risk of collapse if hit by major earthquakes. The RVS handbook describes how to identify the structural type and key weakness characteristics, how to complete the screening forms, and how to manage a successful RVS program.
Publisher: Government Printing Office
ISBN: 9780160926754
Category : Business & Economics
Languages : en
Pages : 206
Book Description
The Rapid Visual Screening (RVS) handbook can be used by trained personnel to identify, inventory, and screen buildings that are potentially seismically vulnerable. The RVS procedure comprises a method and several forms that help users to quickly identify, inventory, and score buildings according to their risk of collapse if hit by major earthquakes. The RVS handbook describes how to identify the structural type and key weakness characteristics, how to complete the screening forms, and how to manage a successful RVS program.