Book Image

Industrial Cybersecurity

By : Pascal Ackerman
Book Image

Industrial Cybersecurity

By: Pascal Ackerman

Overview of this book

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.
Table of Contents (19 chapters)
Title Page
About the Author
About the Reviewers
Customer Feedback

ICS device patching

Device patching involves installing the latest firmware and software releases for your ICS devices on a consistent basis and within a reasonable time after such updates get released.


Always get your software, firmware, patches, and manuals from reputable sources, such as the ICS device manufacturer's website.

Check if your ICS vendor offers cryptographically signed firmware versions for their devices. As an example of this, Rockwell Automation decided to start signing all their modules' firmware images for their ControlLogix platform, starting with revision 20 of their ControlLogix product line. What this means is that the controller will refuse to accept flashing to a firmware image unless it has a valid digital signature. This feature prevents installing and running tampered-with firmware.

New firmware images, OSes, and patches to ICS devices should be tested in a testing or development environment. Making sure the new revisions work with your specific setup before...