- Paperback: 460 pages
- Publisher: Syngress; 2 edition (December 29, 2014)
- Language: English
- ISBN-10: 0124201148
- ISBN-13: 978-0124201149
- Product Dimensions: 7.5 x 1 x 9.2 inches
- Shipping Weight: 2.1 pounds (View shipping rates and policies)
- Average Customer Review: 4.8 out of 5 stars See all reviews (8 customer reviews)
Amazon Best Sellers Rank:
#43,001 in Books (See Top 100 in Books)
- #1 in Books > Computers & Technology > Hardware & DIY > Microprocessors & System Design > Control Systems
- #9 in Books > Computers & Technology > Networking & Cloud Computing > Network Administration > Storage & Retrieval
- #42 in Books > Computers & Technology > Business Technology > Software > Enterprise Applications
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Industrial Network Security, Second Edition: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems 2nd Edition
Use the Amazon App to scan ISBNs and compare prices.
Frequently bought together
Customers who bought this item also bought
"...worth recommendation for people who are interested in modern industry control systems security. Additionally, it will be advantageous for university researchers and graduate students in the network security field, as well as to the industry specialists in the area of ICS." --IEEE Communications Magazine"The second edition of this work seems to be much-needed. Vulnerabilities in industrial control systems show no signs of abating…" --Network Security
About the Author
Eric D. Knapp is a globally recognized expert in industrial control systems cyber security, and continues to drive the adoption of new security technology in order to promote safer and more reliable automation infrastructures. He firsst specialized in industrial control cyber security while at Nitrosecurity, where he focused on the collection and correlation of SCADA and ICS data for the detection of advanced threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee, Inc. in his role as Global Director for Critical Infrastructure Markets. He is currently the Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology in order to better protect SCADA, ICS and other connected, real-time devices.
He is a long-time advocate of improved industrial control system cyber security and participates in many Critical Infrastructure industry groups, where he brings a wealth of technology expertise. He has over 20 years of experience in Infromation Technology, specializing in industrial automation technologies, infrastructure security, and applied Ethernet protocols as well as the design and implementation of Intrusion Prevention Systems and Security Information and Event Management systems in both enterprise and industrial networks. In addition to his work in information security, he is an award-winning author of cition. He studied at the University of New Hampshire and the University of London.
He can be found on Twitter @ericdknapp
Joel Langill brings a unique perspective to operational security with over three decades field experience exclusively in industrial automation and control. He has deployed ICS solutions covering most major industry sectors in more than 35 countries encompassing all generations of automated control from pneumatic to cloud-based services. He has been directly involved in automation solutions spanning feasibility, budgeting, front-end engineering design, detailed design, system integration, commissioning, support and legacy system migration.
Joel is currently an independent consultant providing a range of services to ICS end-users, system integrators, and governmental agencies worldwide. He works closely with suppliers in both consulting and R&D roles, and has developed a specialized training curriculum focused on applied operational security. Joel founded and maintains the popular ICS security website SCADAhacker.com which offers visitors extensive resources in understanding, evaluating, and securing control systems. He developed a specialized training curriculum that focuses on applied cyber security and defenses for industrial systems. His website and social networks extends to readers in more than 100 countries globally.
Joel devotes time to independent research relating to control system security, and regularly blogs on the evaluation and security of control systems. His unique experience and proven capabilities have fostered business relationships with several large industry firms. Joel serves on the Board of Advisors for Scada Fence Ltd., works with venture capital companies in evaluating industrial security start-up firms, and is an ICS research focal point to CERT organizations around the world. He has contributed to multiple books on security, and was the technical editor for “Applied Cyber Security and the Smart Grid.
Joel is a voting member of the ISA99 committee on industrial security for control systems, and was a lead contributor to the ISA99 technical report on the Stuxnet malware. He has published numerous reports on ICS-related campaigns including Heartbleed, Dragonfly, and Black Energy. His certifications include: Certified Ethical Hacker (CEH), Certified Penetration Tester (CPT), Certified SCADA Security Architect (CSSA), and TÜV Functional Safety Engineer (FSEng). Joel has obtained extensive training through the U.S. Dept. of Homeland Security FEMA Emergency Management Institute, having completed ICS-400 on incident command and crisis management. He is a graduate of the University of Illinois–Champaign with a BS (Bronze Tablet) in Electrical Engineering.
He can be found on Twitter @SCADAhacker
Browse award-winning titles. See more
If you are a seller for this product, would you like to suggest updates through seller support?
Top Customer Reviews
No review should be taken seriously if it doesn't include honest criticisms. Living outside of the US I was forced to download and read the book via Kindle. The text layout and formatting was acceptable but many of the tables were very poorly formatted and not very readable. It appeared that instead of taking the time to format these tables for optimum viewing on the Kindle they were just copied as black and white images and included in line. So now what you have is just pictures with poor resolution that made reading most of the information all but impossible. Some of the longer tables were presented as multiple images in series making it very difficult to follow. Another small point that I picked up on was a constant return to the data diode as a solution to many potential issues in the plant. Yes a data diode is an excellent solution for limited use cases when communicating to outside (outside the ICS) networks but it seemed like the authors revisited it as a solution at almost every turn. Maybe it's related to the author's own experiences and biases? Instead I would have preferred to keep the focus on securing the internal networks with flexible and relevant solutions like firewalls and IPS/IDS. A well crafted attack has the potential to do serious damage even if cut off from the C2 infrastructure. This is our unique risk in the ICS space, attackers can do serious harm without the need ot exfiltrate a single byte of data.
Finally a heads up for those who already work in the space. This book is not a deep dive on any particular topic related to ICS security. If you want a detailed discussion of the insecure protocols and the numerous ways they can be attacked and then by extension suggestions for altering the protocols for security, this is not your book. Also if you are an experienced ICS professional the first parts of the book aren't terribly useful as they are just introducing the readers to some of the basic concepts we live with day in and day out. Finally, if you fancy yourself a security expert and think that reading this book will give you all the tools you need to walk into a refinery and demonstrate your superior knowledge of their unique systems you are in for a serious wake up call. Honestly I think this book is aimed more at a few different groups. First, the ICS engineer who knows how to make the systems work, but doesn't really know how the systems work. Simple example. You can get a Modbus TCP connection up and running between your server and a client but you don't understand how a Modbus TCP packet actually works and by proxy don't understand how it can be attacked. Once you understand this issue better after reading the text then you are ready to start thinking about the most effective way to secure your installation. Second I think this book is excellent for the security professional who would like to begin to understand ICS networks and the unique challenges they pose. I felt like it does a good job describing the fundamental concepts associated with ICS networking and how they are so different from traditional IT systems. With a firm foundation and also requisite level of respect for what we do in ICS I think an IT security professional can start to work towards helping make our systems closer to on par with our IT brethren.
My overall impression is that this is a good book for a broad range of potential readers but you should also be prepared to continue your studies down whichever chosen rabbit-hole you wish to pursue.