• Tous les prix incluent la TVA.
Il ne reste plus que 6 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon.
Emballage cadeau disponible.
Quantité :1
Robust Control System Net... a été ajouté à votre Panier
+ EUR 2,99 (livraison)
D'occasion: Comme neuf | Détails
Vendu par livres_allemands
État: D'occasion: Comme neuf
Commentaire: Livre d'occasion. Expédié en direct de Grande-Bretagne sous 7 à 10 jours ouvrés. Vendeur établi depuis 2000.
Amazon rachète votre
article EUR 14,74 en chèque-cadeau.
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 2 images

Robust Control System Networks: How to Achieve Reliable Control After Stuxnet (Anglais) Relié – 28 septembre 2011


Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon Neuf à partir de Occasion à partir de
Relié
"Veuillez réessayer"
EUR 84,42
EUR 51,65 EUR 42,38

Descriptions du produit

From the researcher who was one of the first to identify and analyze the infamous industrial control system malware "Stuxnet", comes a book that takes a new, radical approach to making Industrial control systems safe from such cyber attacks: design the controls systems themselves to be "robust". Other security experts advocate risk management, implementing more firewalls and carefully managing passwords and access. Not so this book: those measures, while necessary, can still be circumvented. Instead, this book shows in clear, concise detail how a system that has been set up with an eye toward quality design in the first place is much more likely to remain secure and less vulnerable to hacking, sabotage or malicious control. It blends several well-established concepts and methods from control theory, systems theory, cybernetics and quality engineering to create the ideal protected system. The book's maxim is taken from the famous quality engineer William Edwards Deming, "If I had to reduce my message to management to just a few words, I'd say it all has to do with reducing variation". Highlights include: an overview of the problem of "cyber fragility" in industrial control systems; how to make an industrial control system "robust", including principal design objectives and overall strategic planning; and, why using the methods of quality engineering like the Taguchi method, SOP and UML will help to design more "armored" industrial control systems.


Vendez cet article - Prix de rachat jusqu'à EUR 14,74
Vendez Robust Control System Networks: How to Achieve Reliable Control After Stuxnet contre un chèque-cadeau d'une valeur pouvant aller jusqu'à EUR 14,74, que vous pourrez ensuite utiliser sur tout le site Amazon.fr. Les valeurs de rachat peuvent varier (voir les critères d'éligibilité des produits). En savoir plus sur notre programme de reprise Amazon Rachète.

Détails sur le produit


En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Dans ce livre (En savoir plus)
Parcourir les pages échantillon
Couverture | Copyright | Table des matières | Extrait | Index | Quatrième de couverture
Rechercher dans ce livre:

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles

Commentaires client les plus utiles sur Amazon.com (beta)

Amazon.com: 7 commentaires
7 internautes sur 9 ont trouvé ce commentaire utile 
1st 5-Star SCADA Security Book - Perfect for ICS Engineer 12 septembre 2011
Par Dale Peterson - Publié sur Amazon.com
Format: Relié
It would have been easy for Ralph Langner to write a first hand book on the twists and turns of the Stuxnet story. Instead, he goes in a completely different direction by writing essentially an engineering practices book, Robust Control System Networks. And it is one heck of a second act to Stuxnet.

This is the first great, 5-star ICS security book ... and Ralph will probably protest that it is not an ICS security book. It is the book you should give to ICS engineers who have been pushing back on cyber security. It is the book you should give to ICS security professionals who need to know how to intellectually reach an ICS engineer. I think an honest engineer reading this book will be embarrassed at the realization of how he has allowed fragility in the form of `cyber' to live in his SCADA or DCS.

Importantly it is not a book to learn what SCADA and DCS are, how firewalls, IDS/IPS, and other technical security controls should be applied to ICS, or how to perform an ICS security assessment.

ICS security professionals have been preaching security and cajoling owner/operators to implement security controls for a decade now with very limited success. In this book, Mr. Langner takes a different approach. He talks about inputs and outputs to a process, controlling variances and other techniques that ICS engineers use all the time. But he applies it to the cyber / information realm making the argument that the ICS community has allowed these applications, systems and networks to be built with a fragility that would not be accepted in the physical systems they design.

Langner argues a robust system should both limit and be able to handle variances, while a fragile system may not work properly with a variance from expected inputs. It is a new language where terms like confidentiality-integrity-availability, least privilege, authorization ... are replaced with variance, fragility, robustness and resilience. The idea of a security risk assessment is addressed and dismissed quickly because risk and security, particularly related to threat, are hypothetical while fragility and robustness can be proven for certain inputs.

Chapter 2: The Problem of Cyber Fragility in IACS and Chapter 3: Cyber Robustness are the must reads. I think it will change the lexicon of, and approach to, ICS security for many practitioners.

Mr. Langner spends portions of multiple chapters on documentation, both on the specifications and the actual system model. When you consider the disparity between the physical engineering diagrams and the logical interface diagrams it is not surprising that variances cause problems because often times owner/operators (and even the vendors) don't know the details of logical interface. The documentation may be the hardest sell from the book, but again you can ask the owner/operators if they would deploy and operate a system with a similar lack of physical system understanding and documentation.

The book is very well written and edited. It flows logically and pulls you along a path. The tone and approach is consistent, but there are enough war stories (consistently in italics) to keep it interesting and emphasize the concepts are not just theories.

Those new to ICS should make sure to read the Appendices. They contain story after story about how variances in applications, systems and networks have had negative affects on ICS. The difference is it is not written with the common defensive reflex "ICS are different". It was my least favorite part of the book, but I'm sure many new the field will enjoy it.

Nits To Pick

There is not much to criticize about this book, but here are two very minor points:

1. The book is written for engineers, but I found myself thinking a few times that a certain engineering effort was almost identical to an Information Security (IS) practice. For example the UML diagrams for the cyber process system model in Chapter 4 seemed almost identical to threat modeling. It likely would have ruined the flow of the book to try to include this comparison in each chapter, but the second edition could benefit from an appendix mapping engineering practice to the IS practice.

2. Creating and frequently using the words robustifying and robustification. This really is just a writer's complaint. It is intuitive what they mean, but I hope they don't become common usage in ICS security.
Creative, Inspiring 25 juillet 2013
Par Thomas Rid - Publié sur Amazon.com
Format: Relié
A brilliant book.

There is not much to add to Dale Peterson's and Richard Bejtlich's really helpful reviews. Except to highlight Ralph Langner's annex: the book is not just useful and inspriring for asset owners and ICS engineers, but also for scholars working on cyber security. Langner, rather unexpectedly, teases out fascinating conceptual differences between IT security and process security. He does so by bringing in core ideas from control theory. I know this may sound dry to some, but it is actually fascinating.
Practical Steps With Appropriate Level of Engineering Rigor 13 juin 2014
Par Michael D. Carr, P.E. - Publié sur Amazon.com
Format: Relié Achat vérifié
Removes ICS security ambiguity and replaces with sensible framework for Robustification of systems and processes. Not much left to the imagination with these recommendations! Concepts developed and vetted by complex real-world scenarios. Essentially, a must "read and heed" manual for successful process control in today's environment.
A FUD-free approach to security 13 septembre 2014
Par Austin M Scott - Publié sur Amazon.com
Format: Relié Achat vérifié
Other than the mention of "$tuxnet" in the title, Ralph Langner takes a fear tactic free approach to ICS / PCD security. Strong focus on creating solutions that will stand up to the ever changing industrial networking environment,
The first 5 star control system cyber security book I have read.
Printing and diagram quality is very poor 24 juillet 2013
Par Tim Evans - Publié sur Amazon.com
Format: Relié Achat vérifié
Interesting book, but small, not many pages and the printing quality is terrible. Many of the diagrams are nearly unreadable. It's an expensive book; the quality should be much higher.
Ces commentaires ont-ils été utiles ? Dites-le-nous


Commentaires

Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?