Linked e-resources
Details
Table of Contents
Intro; Preface; Contents; List of Abbreviations; Part I Security Analysis and Advanced Threats; Securing Industrial Control Systems; 1 Introduction; 2 Urban Myths; 3 Information Technology; 3.1 Operational Technology; 4 ICS Security Properties; 4.1 Controllability, Observability and Operability; 4.2 Ensuring ICS Security; 5 IT Defenses; 5.1 Cryptography; 5.2 Intrusion Detection; 5.3 Trusted Computing; 6 Safety vs. Security; 6.1 Information Technology in an OT Environment; 6.1.1 Security Updates; 6.1.2 System Shutdown; 6.1.3 Software Security; 6.2 Independence Assumptions
7 Information Channels Beyond IT7.1 Zones and Conduits; 7.2 Delivering Attack Payloads via Process Physics; 7.3 Information Flow via Process Physics; 8 Security Architecture; 8.1 Multiple Independent Levels of Security Architecture; 8.2 Role of the Vendor; 8.3 Example: Smart Meters; 9 Conclusion; References; Towards a Secure Industrial Internet of Things; 1 Introduction; 2 Identify; 2.1 Security Requirements; 2.2 Integration Approaches; 2.3 Industrial IoT Security Parameters; 3 Protect; 3.1 Hardware Security Measures; 3.2 Communication Channels Security; 3.3 General Protection Approaches
4 Detect5 Respond and Recover; 6 Conclusions; References; Advanced Persistent Threats and Zero-Day Exploits in Industrial Internet of Things; 1 Introduction; 2 SCADA Related Protocols and Architectures; 3 Zero-Day Exploits on Human-Machine Interface Applications; 3.1 Memory Corruption; 3.2 Credential Harvesting; 3.3 Insecure Installation, Authentication and Authorization Procedures; 3.4 Code Injection; 4 APT Attack Scenarios on Industrial IoT Field Devices; 4.1 Stuxnet; 4.2 Dragonfly; 4.3 Attacking Internet Facing PLCs: PLC-Blaster; 4.4 Attacking Industrial Robots
4.5 PLC Ransomware: LogicLocker5 APT Attacks on Smart Grid SCADA Networks and Field Devices; 5.1 Attacks on Generation Systems: The Aurora Attack; 5.2 Attack on the Ukraine's Smart Grid Distribution Network (2015); 5.3 Attack on the Ukraine's Kiev Transmission Station (2016); 6 Conclusions; References; Part II Secure Interconnection Mechanisms; A Survey on Lightweight Authenticated Encryption and Challenges for Securing Industrial IoT; 1 Introduction; 2 Key IoT Applications in Industries; 3 Target Devices; 4 Lightweight Cryptography Standards; 5 Evaluation Metrics; 5.1 Performance Metrics
5.2 Hardware-Specific Metrics5.3 Software-Specific Metrics; 6 Design Classification; 6.1 Underlying Constructions; 6.2 Underlying Modes; 6.3 Functional Characteristics; 7 Security; 8 Overview of LWAE Candidates; 8.1 Stream-Cipher Based AE Candidates; 8.2 Hybrid Candidates; 8.3 Sponge Based Candidates; 8.4 Block Cipher Based Candidates; 9 Comparisons; 10 Open Challenges; 11 Conclusion; References; Access Control in the Industrial Internet of Things; 1 Introduction; 2 Background; 2.1 IIoT Architecture; 2.2 Access Control Requirements; 3 Access Control Approaches; 3.1 Role-Based Access Control; 3.2 Capability-Based Access Control
7 Information Channels Beyond IT7.1 Zones and Conduits; 7.2 Delivering Attack Payloads via Process Physics; 7.3 Information Flow via Process Physics; 8 Security Architecture; 8.1 Multiple Independent Levels of Security Architecture; 8.2 Role of the Vendor; 8.3 Example: Smart Meters; 9 Conclusion; References; Towards a Secure Industrial Internet of Things; 1 Introduction; 2 Identify; 2.1 Security Requirements; 2.2 Integration Approaches; 2.3 Industrial IoT Security Parameters; 3 Protect; 3.1 Hardware Security Measures; 3.2 Communication Channels Security; 3.3 General Protection Approaches
4 Detect5 Respond and Recover; 6 Conclusions; References; Advanced Persistent Threats and Zero-Day Exploits in Industrial Internet of Things; 1 Introduction; 2 SCADA Related Protocols and Architectures; 3 Zero-Day Exploits on Human-Machine Interface Applications; 3.1 Memory Corruption; 3.2 Credential Harvesting; 3.3 Insecure Installation, Authentication and Authorization Procedures; 3.4 Code Injection; 4 APT Attack Scenarios on Industrial IoT Field Devices; 4.1 Stuxnet; 4.2 Dragonfly; 4.3 Attacking Internet Facing PLCs: PLC-Blaster; 4.4 Attacking Industrial Robots
4.5 PLC Ransomware: LogicLocker5 APT Attacks on Smart Grid SCADA Networks and Field Devices; 5.1 Attacks on Generation Systems: The Aurora Attack; 5.2 Attack on the Ukraine's Smart Grid Distribution Network (2015); 5.3 Attack on the Ukraine's Kiev Transmission Station (2016); 6 Conclusions; References; Part II Secure Interconnection Mechanisms; A Survey on Lightweight Authenticated Encryption and Challenges for Securing Industrial IoT; 1 Introduction; 2 Key IoT Applications in Industries; 3 Target Devices; 4 Lightweight Cryptography Standards; 5 Evaluation Metrics; 5.1 Performance Metrics
5.2 Hardware-Specific Metrics5.3 Software-Specific Metrics; 6 Design Classification; 6.1 Underlying Constructions; 6.2 Underlying Modes; 6.3 Functional Characteristics; 7 Security; 8 Overview of LWAE Candidates; 8.1 Stream-Cipher Based AE Candidates; 8.2 Hybrid Candidates; 8.3 Sponge Based Candidates; 8.4 Block Cipher Based Candidates; 9 Comparisons; 10 Open Challenges; 11 Conclusion; References; Access Control in the Industrial Internet of Things; 1 Introduction; 2 Background; 2.1 IIoT Architecture; 2.2 Access Control Requirements; 3 Access Control Approaches; 3.1 Role-Based Access Control; 3.2 Capability-Based Access Control