Cybersecurity for Industrial Control Systems and over one million other books are available for Amazon Kindle. Learn more
CDN$ 71.66
  • List Price: CDN$ 90.10
  • You Save: CDN$ 18.44 (20%)
Only 2 left in stock (more on the way).
Ships from and sold by
Gift-wrap available.
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS Hardcover – Dec 13 2011

See all 4 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 71.66
CDN$ 71.66 CDN$ 113.59

Frequently Bought Together

Customers buy this book with Beyond Risk: How to Build Robust Control System Networks CDN$ 99.37

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS + Beyond Risk: How to Build Robust Control System Networks
Price For Both: CDN$ 171.03

One of these items ships sooner than the other. Show details

  • This item: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

    In Stock.
    Ships from and sold by
    FREE Shipping. Details

  • Beyond Risk: How to Build Robust Control System Networks

    Usually ships within 3 to 5 weeks.
    Ships from and sold by
    FREE Shipping. Details

Customers Who Bought This Item Also Bought


Product Details

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on (beta) 8 reviews
5 of 5 people found the following review helpful
Best ICS Security Book To Date By Far March 27 2012
By Dale Peterson - Published on
Format: Hardcover Verified Purchase
I had high hopes for this book since Bryan Singer is very experienced in ICS, ICS security and IT security --- and Bryan and co-author Tyson McCauley did not disappoint. To date this is clearly the best book on ICS Security by far. (Note - Langner's book Robust Control System Networks: How to Achieve Reliable Control After Stuxnet is a 5-star, must read, but it intentionally talks engineering not security)

The two best things about this book are:

1. They got the facts right about both ICS and IT security. This is not as easy as it sounds as most books have failed or been simplistic in one area or another.

2. They provided the background information for a beginner to understand, but followed that up with significant technical detail and examples. It's a good book for a beginner or intermediate in either area, and even those with years of experience in both areas will learn something. For me the best new info was the Overall Equipment Effectiveness (OEE) and Security OEE as a future risk assessment technique in Chapter 4.

Chapter 1 provides a good background on ICS for the IT security audience. Again, sounds straightforward, but a lot of the ICS security books today read like the authors have not spent much hands on time with a SCADA or DCS. Excellent material for the IT security professional or anyone else new to ICS. They started to lose me on the Taxonomy of Convergence in that chapter, but I'm interested to hear what others thought of that sub-section.

Chapter 2 covers threats to ICS, and there is great information here such as:

- "given today's network threat environment, ICS security impacts are first and foremost likely to occur as a result of unintended effects of outsider attacks"
- "ICS is most likely to suffer as a matter of the lucky hit or collateral damage, as opposed to direct attack"
- "indirect threat of impacts associated with the probing, scanning and attacking inadvertently impacts the fragile ICS devices"
- "Differentiating between phishers, spammers, foreign intelligence, and organized crime is not very productive if they are all using the same attack vectors"

I could go on and on as I highlighted sentences throughout the chapter and was muttering yes as I read.

Chapter 3: ICS Vulnerabilities introduces the readers to classes of ICS impacts such as Loss of Control and Denial of View. This has been talked about at S4 and other conferences by Zach Tudor, Bryan and others, but it has not yet been adopted by those entering the ICS security world. Chapter 3 will likely be the most beneficial to the largest number of readers.

Chapter 4 covers ICS Risk Assessment Techniques. Those new to ICS security will benefit from the first half of the chapter covering the most popular current techniques. The old hands are likely to learn more in the second half of the chapter where the authors cover possible future techniques.

Chapter 5: What Is Next In ICS Security focuses primarily on IPv6. It's material readers won't find elsewhere, but it seems a bit out of the flow of the book. My guess is IPv6 is something one or both of the authors feel passionate about and wanted to add it in. There's nothing wrong with a bit of a self-reward as writing a book is a very difficult.

So why not a 5-star review? McCauley and Singer actually predict the reason in Chapter 1. They write "We intend to satisfy a wide range of readers in this book; this is where we become most ambitious". They are writing for the IT security professional who doesn't know ICS and for the ICS engineer who doesn't know security. Inevitably there are chunks of information that are simplistic for either audience, and this comes at the expense of an even more in depth discussion. It's an understandable decision to take this approach since it increases the potential readership size.

This is clearly the book to get or give if you want to read about ICS security today.
2 of 2 people found the following review helpful
Cybersecurity for ICS Jan. 29 2012
By MoonDoggy - Published on
Format: Hardcover Verified Purchase
This book has been an excellent read. It has an abundance of engineering detail and builds on the NIST 800-82 and NERC guidelines. I have recommended this book to my fellow security engineers and have shared it with folks at CSSP INL.
1 of 1 people found the following review helpful
Great basis for an APT strategy Feb. 26 2013
By Jovita Nsoh - Published on
Format: Hardcover
I would say that Dale Peterson's reviews of this book in Digital Bond [...] and here on amazon are the most poignant and insightful reviews and do not require a repeat by me. However, I must add that Macaulay's recommendations in "Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS", while great were more reactive in nature and did not provide much futuristic approaches to designing secure ICS devices. Implementing firewalls and IDS/IPS's and updating AV and OS patches, while important starting points, are things of the past, that are easily evaded by savvy and determined attackers. I am hoping that research on the use of more robust techniques such as secure hardware modules like TPMs or similar will surface and that techniques to secure those devices at the hardware abstraction layer will also be considered by vendors. Convergence will continue to bring those devices to the Internet, shunning proprietary protocols such as Modbus RTU, RP-570, Profibus, Conitel and DNP3 is not the answer. The days of security through obscurity are long gone. I think that Digital Bond's "Firesheep" should keep up the pressure on vendors to prevent both a second lost decade and a "Cyber Pearl Harbor" from happening.

This book along with the following resources form a great toolset to dealing with this issue:
1) Robust Control System Networks - Ralph Langner; Hardcover
2) DRAFT SP-023: Industrial Control Systems: [...]
3) Digital Bond's BaseCamp: [...]
4) Digital Bond's SCADApedia: [...]

I gave it 4 stars because of it's groundbreaking insight into a neglected critical area of our lives and I hope that future editions will introduce more robust security controls and architectural insights.

Jovita Nsoh, CISSP, CITA-P, CISM
Senior Security Architect.
Great book Jan. 13 2014
By D. Adewodu - Published on
Format: Hardcover Verified Purchase
This provides good explanation about the differences between ICS and IT cyber security. Ideal reader is someone new to cyber security in the ICS world.
graeat book very didactic Sept. 6 2013
By Santiago - Published on
Format: Kindle Edition Verified Purchase
grat investigation about the industrial control system, a very usefull orientation of the security problematic for this systems not tipycal