About the Author.

Acknowledgments.

Introduction.

Chapter 1: What Is a SCADA System?

Chapter 2: SCADA Systems in the Critical Infrastructure

Chapter 3: The Evolution of SCADA Protocols.

Chapter 4: SCADA Vulnerabilities and Attacks.

Chapter 5: SCADA Security Methods and Techniques.

Chapter 6: SCADA Security Standards and Reference Documents.

Chapter 7: SCADA Security Management Implementation Issues and Guidelines.

Chapter 8: Where We Stand Today.

Appendix A: Acronyms and Abbreviations.

Appendix B: System Protection Profile Industrial Control Systems.

Appendix C: Bibliography.

Index.

RONALD L. KRUTZ, PhD, P. E., CISSP, ISSEP, is Senior Information Security Researcher for Lockheed Martin Information Technologies. He has worked with distributed computing systems, computer architectures, real–time systems, and information security for more than forty years. Dr. Krutz founded the Carnegie Mellon Research Institute Cybersecurity Center and is coauthor of the bestselling CISSP Prep Guide, also published by Wiley.

How to secure systems that weren′t built for security

Worldwide, critical economic and governmental infrastructures have evolved into complex networks that facilitate communication, cost reduction, and efficiency. But the very features that create such benefits make these supervisory control and data acquisition, or SCADA, systems a security nightmare.

In the first guidebook to specifically address this vital problem, a veteran systems security expert shows you how SCADA systems have developed and how to understand their components and architecture, recognize risks and vulnerabilities, and learn to use appropriate protocols and countermeasures to protect vital information from cyber–terrorism.

Learn how to make SCADA systems safe

• Understand SCADA system architectures and components
• Recognize breaches in security and what makes SCADA systems vulnerable
• See how SCADA security is critical at every level, from a small town′s water supply to natural gas pipelines, oil refineries, and nuclear power plants
• Examine system architecture and understand how it contributes to security or vulnerability
• Explore effective countermeasures and safeguards and see how to apply them in your organization
• Understand why needed security measures are not being used in some operations
• Analyze your situation and take appropriate steps