Book Image

Industrial Cybersecurity

By : Pascal Ackerman
Book Image

Industrial Cybersecurity

By: Pascal Ackerman

Overview of this book

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.
Table of Contents (19 chapters)
Title Page
About the Author
About the Reviewers
Customer Feedback

Application security

Application security encompasses controls and activities targeted at finding, fixing, and preventing vulnerabilities in applications and their run environment.

Vulnerabilities that are typically found in applications can be divided into categories. The following section is a summary of some of the most common categories and their associated threats and attacks.

Input validation vulnerabilities

The most common application security weakness is the failure to properly validate input coming from a user or the environment the application runs in before using it. By not scrutinizing the input in your application, unexpected behavior of the application can be triggered by forcing the application to run snippets of a scripting language or forward sensitive system commands.

ICS applications can suffers from these kinds of vulnerabilities as much as any other software. Custom HMI programs, controller logic, and home grown utilities often neglect input validation and are prime candidates...