Resource guide: cybersecurity cornucopia

Our latest slate of articles, white papers, videos and other valuable resources come from ICEweb, Exida, ISA, and others.

NIST novel on ICS security 

This recently updated, 247-page opus, "Guide to industrial control systems (ICS) security," was written by Keith Stouffer and his colleagues at the National Institute of Standards and Technology (NIST), and provides a comprehensive overview of cybersecurity as it affects supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS) and programmable logic controllers (PLC). 

Read it here

NIST / www.nist.gov

Sources clearinghouse

The great ICEweb repository of process control and automation resources has an especially good subsection on cybersecurity with dozens of useful articles and links. 

Read them here

ICEweb / www.iceweb.com.au

Security 101 video

This 43-minute video, "Introduction to Process Control Cybersecurity," is based on a webinar presented by exida LLC. It provides an introduction to control system cybersecurity and the security lifecycle for managers and engineers involved in operating, maintaining and integrating industrial automation and control systems. While the course follows the security level lifecycle from ANSI/ISA-99.01.01 and ANSI/ISA-99.02.01, it also references other relevant industry standards and industry best practices, in particular, drawing parallels to the well established functional safety lifecycle from ANSI/ISA-84.00.01-2004 Part 1 (IEC 61511-1 Mod). 

Access the video here

EXIDA / www.exida.com

Clear-eyed assessment 

This classic, 16-page article, "Bound to fail: Why cybersecurity risk cannot simply be 'managed' away," was written by legendary security gurus Ralph Langner and Perry Pederson, who report that, "Both government and business approaches to ICS cybersecurity of critical infrastructure assets over the last 10 years are systemically flawed and doomed to failure." Instead of the usual business logic-based risk management rationale, they suggest a policy-based approach that sets clear guidelines for asset owners, starting with regulations for new critical infrastructure facilities. 

Register and download it here

Control / www.controlglobal.com

Risk management practices

This 15-page white paper, "Industrial Cyber Security Risk Management Best Practices," from Honeywell Process Solutions and presented by ISA, provides a good rundown about when and where to act on security risks that have been identified, determining risk tolerances and appetites, device and zone consequences, and minimizing vulnerabilities.

It's available here

ISA / www.isa.org

All about trustworthiness 

The 175-page document, "Industrial Internet of Things, Volume G4, Security Framework," by the Industrial Internet Consortium explains the basic aspects of overall trustworthiness as it relates to cybersecurity, and shows how to establish it for application in the Industrial Internet of Things (IIoT). 

It's located here

Industrial Internet Consortium / www.iiconsortium.org

Weiss lecture at Stanford 

Control's "Unfettered" cybersecurity blogger Joe Weiss wrote the book, "Protecting Industrial Control Systems from Electronic Threats," and delivers a thorough, 84-minute presentation, "Cyber Security of Industrial Control Systems," at Stanford University. In the video of the lecture, Weiss discusses the state of the cybersecurity of industrial control systems, such as those in power plants and water pumping facilities. He examines the shortcomings of current protocols and regulation in the post-Stuxnet era.

It's located here

Stanford University / www.stanford.edu

Some cybersecurity history 

This 32-page document, "An Abbreviated History of Automation and Industrial Controls Systems and Cybersecurity," was authored by Ernie Hayden, Michael Assante and Tim Conway and presented by SANS, and it puts cybersecurity in context with controls theory and closed-loop control. 

It's available here

SANS / www.sans.org

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

  • Appreciated perusing the article above , truly clarifies everything in detail,the article is extremely fascinating and effective.Thank you and good fortunes for the up and coming article.Writer @custom essay writing service

    Reply

RSS feed for comments on this page | RSS feed for all comments