Buy New
$73.58
Qty:1
  • List Price: $83.95
  • Save: $10.37 (12%)
Only 13 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Trade in your item
Get a $36.94
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS Hardcover – December 13, 2011

ISBN-13: 978-1439801963 ISBN-10: 1439801967 Edition: 1st

Buy New
Price: $73.58
25 New from $73.00 11 Used from $74.27
Rent from Amazon Price New from Used from
Kindle
"Please retry"
$18.86
Hardcover
"Please retry"
$73.58
$73.00 $74.27

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Special Offers and Product Promotions

  • Have the next big idea for a movie? Submit a 2-15 min. concept video to Amazon Studios for a chance to have your movie made. Learn more.


Frequently Bought Together

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS + Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems + Robust Control System Networks
Price for all three: $172.32

Buy the selected items together

NO_CONTENT_IN_FEATURE
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Product Details

  • Hardcover: 203 pages
  • Publisher: Auerbach Publications; 1 edition (December 13, 2011)
  • Language: English
  • ISBN-10: 1439801967
  • ISBN-13: 978-1439801963
  • Product Dimensions: 0.7 x 6.3 x 9.2 inches
  • Shipping Weight: 1.1 pounds (View shipping rates and policies)
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Best Sellers Rank: #280,574 in Books (See Top 100 in Books)

Editorial Reviews

Review

I had high hopes for this book since Bryan Singer is very experienced in ICS, ICS security, and IT security — and Bryan and co-author Tyson McCauley did not disappoint. To date this is clearly the best book on ICS Security by far. The two best things about this book are: 1) They got the facts right about both ICS and IT security. This is not as easy as it sounds as most books have failed or been simplistic in one area or another. 2) They provided the background information for a beginner to understand, but followed that up with significant technical detail and examples. It’s a good book for a beginner or intermediate in either area, and even those with years of experience in both areas will learn something. For me the best new info was the Overall Equipment Effectiveness (OEE) and Security OEE as a future risk assessment technique in Chapter 4. … I could go on and on as I highlighted sentences throughout the chapter and was muttering yes as I read. … This is clearly the book to get or give if you want to read about ICS security today.
—Dale G Peterson, writing on www.digitalbond.com

(For the full review, visit: http://www.digitalbond.com/2012/03/27/4-star-review-for-mccauleysinger-book-cybersecurity-for-ics/#more-11213)

About the Author

Tyson Macaulay is the security liaison officer (SLO) for Bell Canada. In this role, he is responsible for technical and operational risk management solutions for Bell’s largest enterprise clients. Macaulay leads security initiatives addressing large, complex, technology solutions including physical and logical (IT) assets, and regulatory/legal compliance requirements. He supports engagements involving multinational companies and international governments.

Macaulay also supports the development of engineering and security standards through the Professional Engineers of Ontario and the International Standards Organization (ISO) SC 27 Committee. Macaulay leadership encompasses a broad range of industry sectors from the defense industry to high-tech start-ups. His expertise includes operational risk management programs, technical services, and incident management processes. He has successfully served as prime architect for large-scale security implementations in both public and private sector institutions, working on projects from conception through development to implementation. Macaulay is a respected thought leader with publications dating from 1993. His work has covered authorship of peer-reviewed white papers, IT security governance programs, technical and integration services, and incident management processes. Further information on Macaulay publications and practice areas can be found online at: www.tysonmacaulay.com.

Previously, Macaulay served as director of risk management for a U.S. defense contractor in Ottawa, Electronic Warfare Associates (EWA; 2001–2005), and founded General Network Services (GNS; 1996–2001). Macaulay career began as a research consultant for the Federal Department of Communications (DoC) on information networks, where he helped develop the first generation of Internet services for the DoC in the 1990s.

Bryan L. Singer, CISM, CISSP, CAP, is principal consultant for Kenexis Consulting Corporation. Singer has more than 15 years experience in information technology security, including 7 years specializing in industrial automation and control systems security, critical infrastructure protection, and counterterrorism. His background focuses on software development, network design, information security, and industrial security. Industry experience includes health care, telecommunications, water/wastewater, automotive, food and beverage, pharmaceuticals, fossil and hydropower generation, oil and gas, and several others. He has specialized in process intelligence and manufacturing disciplines such as historians, industrial networking, power and energy management (PEMS), manufacturing enterprise systems (MES), laboratory information management systems (LIMS), enterprise resource planning (ERP), condition-based monitoring (CBM), and others.

Singer began his professional career with the U.S. Army as an intelligence analyst. After the military, he worked in various critical infrastructure fields in software development and systems design, including security. Singer has worked for great companies such as EnteGreat, Rockwell Automation, FluidIQs, and Wurldtech before joining Kenexis Consulting and cofounding Kenexis Security in 2008. At Kenexis, he is responsible for development, deployment, and management of industrial network design and security services from both a safety and a system architecture perspective.

Singer is also the cochairman of ISA-99 Security Standard, a former board member of the Department of Homeland Security’s Process Control Systems Forum, member of Idaho National Labs recommended practices commission, U.S. technical expert to IEC, North American Electronics Reliability Corporation (NERC) drafting team member for NERC CIP, and other industry roles.


More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.4 out of 5 stars
5 star
3
4 star
5
3 star
0
2 star
0
1 star
0
See all 8 customer reviews
Share your thoughts with other customers

Most Helpful Customer Reviews

5 of 5 people found the following review helpful By Dale Peterson on March 27, 2012
Format: Hardcover Verified Purchase
I had high hopes for this book since Bryan Singer is very experienced in ICS, ICS security and IT security --- and Bryan and co-author Tyson McCauley did not disappoint. To date this is clearly the best book on ICS Security by far. (Note - Langner's book Robust Control System Networks: How to Achieve Reliable Control After Stuxnet is a 5-star, must read, but it intentionally talks engineering not security)

The two best things about this book are:

1. They got the facts right about both ICS and IT security. This is not as easy as it sounds as most books have failed or been simplistic in one area or another.

2. They provided the background information for a beginner to understand, but followed that up with significant technical detail and examples. It's a good book for a beginner or intermediate in either area, and even those with years of experience in both areas will learn something. For me the best new info was the Overall Equipment Effectiveness (OEE) and Security OEE as a future risk assessment technique in Chapter 4.

Chapter 1 provides a good background on ICS for the IT security audience. Again, sounds straightforward, but a lot of the ICS security books today read like the authors have not spent much hands on time with a SCADA or DCS. Excellent material for the IT security professional or anyone else new to ICS. They started to lose me on the Taxonomy of Convergence in that chapter, but I'm interested to hear what others thought of that sub-section.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By MoonDoggy on January 29, 2012
Format: Hardcover Verified Purchase
This book has been an excellent read. It has an abundance of engineering detail and builds on the NIST 800-82 and NERC guidelines. I have recommended this book to my fellow security engineers and have shared it with folks at CSSP INL.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Jovita Nsoh on February 26, 2013
Format: Hardcover
I would say that Dale Peterson's reviews of this book in Digital Bond [...] and here on amazon are the most poignant and insightful reviews and do not require a repeat by me. However, I must add that Macaulay's recommendations in "Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS", while great were more reactive in nature and did not provide much futuristic approaches to designing secure ICS devices. Implementing firewalls and IDS/IPS's and updating AV and OS patches, while important starting points, are things of the past, that are easily evaded by savvy and determined attackers. I am hoping that research on the use of more robust techniques such as secure hardware modules like TPMs or similar will surface and that techniques to secure those devices at the hardware abstraction layer will also be considered by vendors. Convergence will continue to bring those devices to the Internet, shunning proprietary protocols such as Modbus RTU, RP-570, Profibus, Conitel and DNP3 is not the answer. The days of security through obscurity are long gone. I think that Digital Bond's "Firesheep" should keep up the pressure on vendors to prevent both a second lost decade and a "Cyber Pearl Harbor" from happening.

This book along with the following resources form a great toolset to dealing with this issue:
1) Robust Control System Networks - Ralph Langner; Hardcover
2) DRAFT SP-023: Industrial Control Systems: [...]
3) Digital Bond's BaseCamp: [...]
4) Digital Bond's SCADApedia: [...]

I gave it 4 stars because of it's groundbreaking insight into a neglected critical area of our lives and I hope that future editions will introduce more robust security controls and architectural insights.

Jovita Nsoh, CISSP, CITA-P, CISM
Senior Security Architect.
Microsoft
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By D. Adewodu on January 13, 2014
Format: Hardcover Verified Purchase
This provides good explanation about the differences between ICS and IT cyber security. Ideal reader is someone new to cyber security in the ICS world.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again