Cargando…
Practical Industrial Internet of Things security : a practitioner's guide to securing connected industries /
This book provides you with a comprehensive understanding of Industrial IoT security; and practical methodologies to implement safe, resilient cyber-physical systems. It will help you develop a strong foundation and deeper insights on the entire gamut of securing connected industries, from the edge...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt Publishing,
2018.
|
| Temas: | |
| Acceso en línea: | Texto completo Texto completo |
Tabla de Contenidos:
- Cover; Title Page; Copyright and Credits; Dedication; Packt Upsell; Foreword; Contributors; Disclaimer; Table of Contents; Preface; Chapter 1: An Unprecedented Opportunity at Stake; Defining the Industrial IoT; Industrial IoT, Industrial Internet, and Industrie 4.0; Consumer versus Industrial IoT; Industrial IoT security-a business imperative; Cybersecurity versus cyber-physical IoT security; What is a cyber-physical system?; Industrial ""things, "" connectivity, and operational technologies; Operational technology; Machine-to-Machine; An overview of SCADA, DCS, and PLC
- Industrial control system architectureICS components and data networks; ICS network components; Fieldbus protocols; IT and OT convergence -what it really means; Industrial IoT deployment architecture; Divergence in IT and OT security fundamentals; Operational priorities; Attack surface and threat actors; Interdependence of critical infrastructures; Industrial threats, vulnerabilities, and risk factors; Threats and threat actors; Vulnerabilities; Policy and procedure vulnerabilities; Platform vulnerabilities; Software platform vulnerabilities; Network vulnerability; Risks
- Evolution of cyber-physical attacksIndustrial IoT use cases -examining the cyber risk gap; Energy and smart grids; Manufacturing; Cyberattack on industrial control systems-Stuxnet case study; Event flow; Key points; Risk gap summary; Smart city and autonomous transportation; Healthcare and pharmaceuticals; The ransomware attack on the healthcare enterprise-""WannaCry"" case study; Cyber risk gap summary; Summary; Chapter 2: Industrial IoT Dataflow and Security Architecture; Primer on IIoT attacks and countermeasures; Attack surfaces and attack vectors; OWASP IoT attack surfaces
- Attack treesFault tree analysis; Threat modeling; STRIDE threat model; DREAD threat model; Trustworthiness of an IIoT system; Industrial big data pipeline and architectures; Industrial IoT security architecture; Business viewpoint; Usage viewpoint; Functional viewpoint; Implementation viewpoint; IIoT architecture patterns; Pattern 1
- Three-tier architectural model; Pattern 2- Layered databus architecture; Building blocks of industrial IoT security architecture; A four-tier IIoT security model; Summary; Chapter 3: IIoT Identity and Access Management; A primer on identity and access control
- IdentificationAuthentication; Authorization; Account management; Distinguishing features of IAM in IIoT; Diversity of IIoT endpoints; Resource-constrained and brownfield considerations; Physical safety and reliability; Autonomy and scalability; Event logging is a rarity; Subscription-based models; Increasing sophistication of identity attacks; Risk-based access control policy; Identity management across the device lifecycle; Authentication and authorization frameworks for IIoT; Password-based authentication; Biometrics; Multi-factor authentication; Key-based authentication; Symmetric keys