Robert Radvanovsky - Böcker

This comprehensive handbook covers fundamental security concepts, methodologies, and relevant information pertaining to supervisory control and data acquisition (SCADA) and other industrial control systems used in utility and industrial facilities worldwide. A community-based effort, it collects differing expert perspectives, ideas, and attitudes regarding securing SCADA and control systems environments toward establishing a strategy that can be established and utilized.Including six new chapters, six revised chapters, and numerous additional figures, photos, and illustrations, the second edition serves as a primer or baseline guide for SCADA and industrial control systems security. The book is divided into five focused sections addressing topics inSocial implications and impactsGovernance and managementArchitecture and modelingCommissioning and operationsThe future of SCADA and control systems securityThe book also includes four case studies of well-known public cyber security-related incidents.The Handbook of SCADA/Control Systems, Second Edition provides an updated and expanded source of essential concepts and information that are globally applicable to securing control systems within critical infrastructure protection programs. It presents best practices as well as methods for securing a business environment at the strategic, tactical, and operational levels.

Critical Infrastructure: Homeland Security and Emergency Preparedness, Fifth Edition represents a continuation of research and recommendations from the past editions that spans nearly twenty years of focusing on critical infrastructure (CI) protection. Over that time, the operating, threat, and technical environments have changed drastically. The doctrines that have guided practitioners across various domains have also evolved due to changing demands. This is a natural result when doctrines collide and gradually evolve toward, and coalesce into, a singular understanding of an issue. Those who have practiced in this domain have seen these collisions in the past - an example being the convergence of physical security and cyber information and operational) technologies security.It is with this backdrop and understanding of the domain that the authors not only describe the current state of affairs, but also provide a means through which researchers and participants - such as practitioners, students, industry stakeholders, owners, and operators in various government and private CI sectors - can look at trends and changes the in the domain that may not be apparent elsewhere.The authors identify shifts in today’s environment that move the thinking away from simply the robustness of systems to their adaptability and resilience. They outline design processes that, likewise, are evolving away from the simple adoption of best practices to risk-based management and even towards structures based on engineering-driven principles. These changes are not occurring at a unified pace and the differences can result in tensions between certain communities. However, the debate itself is indicative of the critical thinking that is beginning to take hold within each infrastructure domain.Critical Infrastructure, Fifth Edition continues to critically examine the evolving importance of our critical infrastructure to our society - recognizing the underpinning value of cyber technology and how physical infrastructures and delivery models impact and affect people and society.

Risk Management for Operational Technology (OT) Systems highlights the importance of applying risk assessments specifically tailored to OT environments, rather than relying solely on traditional IT-focused approaches.Conventional IT and enterprise risk management methods often fail to adequately address OT systems—despite their critical role in sustaining and maintaining the operational status of essential infrastructure. As such, OT environments demand greater attention and specialized frameworks. Historically, industries such as petrochemical refining and nuclear power generation have implemented comprehensive safety and risk assessments, covering every aspect of operations. These rigorous processes, refined over decades, have proven highly effective in ensuring safe, stable, and optimized production. OT computing systems within these facilities were traditionally isolated from corporate IT networks, making their performance and risk profile well-understood and reliably managed through engineered specifications.However, the situation has changed. Modern requirements for integration, interoperability, and remote accessibility mean that formerly isolated OT systems are now increasingly interconnected with IT networks and, in many cases, the wider Internet. This connectivity introduces new vulnerabilities, exposing once-secure operational systems to external threats and sophisticated adversaries.The authors propose a modern approach to risk management in OT, one that recognizes these new realities. This approach emphasizes proactive measures to operationally protect legacy and modern OT systems alike from tampering, intrusion, and cyberattack—ensuring that critical infrastructure can remain resilient, safe, and reliable in a connected world.

Highlighting the importance of transportation to a country’s infrastructure and survival, Transportation Systems Security presents the strategic and practical considerations involved in the implementation of physical, procedural, and managerial safeguards required to keep all modes of transportation up and running during an actual or potential disaster. Structured in an easy cognitive fashion, the book begins with a basic introduction providing terms and definitions. It describes both physical and information system layouts and defines who controls what parts of the process, how far control is extended, and who oversees controls within the system. Building on this foundation, subsequent chapters discuss problems such as the need for a more defined “domain-based” approach when threats, assets, vulnerabilities, and safeguards are not under local control. The book describes and refines the concepts of criticality, impact, and consequence as they relate to the assignation of value for personnel, assets, facilities, information and activities in terms of how they might support performance. By comparing continuity of operations planning (COOP) to business continuity planning (BCP), the book presents security measures as a value-added benefit rather than a hindrance to business and introduces the notion of certification, accreditation, and licensure. It demonstrates safeguards that layer outward from the entity and across the system with the ability to prevent, detect, and notify, as well as respond to and recover from a crisis. Emphasizing the sharing of information and methods, the book encourages security to become an integrated component within the system, not just imposed on top of it. It takes a holistic approach to the transportation infrastructure, introducing the concept of fragility and the measurable factors involved, and including a 20 page questionnaire to help managers determine their company’s fragility in terms of transportation security.