Cybersecurity in the electricity sector: managing critical infrastructure
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Cham
Springer
[2019]
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | xvi, 213 Seiten Illustrationen (überwiegend farbig) |
| ISBN: | 9783030195403 9783030195373 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV047086950 | ||
| 003 | DE-604 | ||
| 005 | 20250203 | ||
| 007 | t| | ||
| 008 | 210114s2019 xx a||| |||| 00||| eng d | ||
| 020 | |a 9783030195403 |9 978-3-030-19540-3 | ||
| 020 | |a 9783030195373 |9 978-3-030-19537-3 | ||
| 035 | |a (OCoLC)1257805157 | ||
| 035 | |a (DE-599)BVBBV047086950 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-11 |a DE-739 | ||
| 082 | 0 | |a 005.8 |2 23 | |
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 100 | 1 | |a Leszczyna, Rafał |d ca. 20./21. Jahrhundert |e Verfasser |0 (DE-588)1201424615 |4 aut | |
| 245 | 1 | 0 | |a Cybersecurity in the electricity sector |b managing critical infrastructure |c Rafał Leszczyna |
| 264 | 1 | |a Cham |b Springer |c [2019] | |
| 264 | 4 | |c © 2019 | |
| 300 | |a xvi, 213 Seiten |b Illustrationen (überwiegend farbig) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 650 | 4 | |a Security | |
| 650 | 4 | |a Power Electronics, Electrical Machines and Networks | |
| 650 | 4 | |a Data protection | |
| 650 | 4 | |a Production of electric energy or | |
| 650 | 0 | 7 | |a Energieversorgung |0 (DE-588)4014736-8 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | 1 | |a Energieversorgung |0 (DE-588)4014736-8 |D s |
| 689 | 0 | |5 DE-604 | |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe |z 978-3-030-19538-0 |
| 856 | 4 | 2 | |m Digitalisierung UB Passau - ADAM Catalogue Enrichment |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032493609&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 943 | 1 | |a oai:aleph.bib-bvb.de:BVB01-032493609 | |
Datensatz im Suchindex
| _version_ | 1823834013918298112 |
|---|---|
| adam_text |
Contents 1 Introduction. 1 1.1 Transformation . 1 1.1.1 SmartGrid. 3 1.1.2 Internet of Energy. 6 1.1.3 Industrial CPS, Industrial Cloud, Industry 4.0 and Industrial Internet. 7 1.2 Dependence on the ICT. 8 1.3 Cybersecurity. 9 1.4 Priority Critical Infrastructure. 11 1.5 The Structure of This Book. 12 References. 13 2 The Current State of Cybersecurity in the Electricity Sector. 2.1 Introduction. 2.2 Studies. 2.2.1 ENISA Study on the Security of Smart Grids. 2.2.2 ENISA Study on the Security of IACS . 2.2.3 Other Studies
. 2.3 Vulnerabilities. 2.3.1 Vulnerabilities Brought in by IACS. 2.3.2 Smart Meters as a Point of Exposure to Cyberattacks. 2.3.3 Misconfigured Firewalls and FirewallLimitations. 2.3.4 Insecure Communication Protocols and Devices. 2.3.5 Use of TCP/IP-Based and Wireless Communication . 2.3.6 Vast Use of Commodity Software and Devices. 2.3.7 Physical Exposure . 2.4 Threats. 2.4.1 Data Injection Attacks Against State Estimation . 2.4.2 DoS and DDoS. 2.4.3 Targeted Attacks, Coordinated Attacks, Hybrid Attacks, Advanced Persistent Threats. 39 19 19 20 20 23 25 27 27 31 32 32 33 34 34 35 36 37 ix
Contents X Challenges. 2.5.1 Specific Properties and Environmental Constraints of Power Systems. 41 2.5.2 Complexity. 2.5.3 Secure Integration of Legacy Systems and Proprietary Systems. 42 2.5.4 Privacy. 2.5.5 Limitations in the Application of Cryptography. 2.5.6 Hindered Key Management. 2.5.7 Lack of Awareness. 2.5.8 Marginal Exchange of Information . 2.5.9 Security in the Supply Chain. 2.6 Initiatives. 2.7 Future Directions. References. 40 3 Cybersecurity Standards Applicable to the Electricity Sector . 3.1 Introduction. 3.2 Literature
Search. 3.3 Literature Analysis. 3.4 Standards’ Selection and Evaluation Criteria. 3.5 Results. 3.5.1 Standards with Security Controls. 3.5.2 Standards Defining Cybersecurity Requirements. 3.5.3 Standards Describing Cybersecurity Assessment Methods . 3.5.4 Standards Addressing Privacy Issues. 3.6 Most Relevant Standards. 3.6.1 NISTIR7628 . 3.6.2 ISO/IEC 27001 and ISO/IEC 27000 Series. 3.6.3 IEC 62351 . 3.6.4 NERCCIP. 3.6.5 IEEE 1686. 3.6.6 ISA/IEC 62443 (ISA 99). 3.7 Standards’ Limitations. 3.8 Standards’ Implementation and Awareness .
References. 59 59 60 61 61 62 62 64 66 68 68 69 70 71 72 73 73 76 78 80 4 A Systematic Approach to Cybersecurity Management. 87 4.1 Introduction. 87 4.2 Cybersecurity Management Approaches in Standards. 88 4.2.1 NERCCIP. 88 4.2.2 IEC 62443-2-1 . 90 4.2.3 NIST SP 800-82 . 98 4.2.4 NISTIR7628 . 100 4.2.5 ISO/IEC 27001. 102 2.5 42 43 44 45 46 46 47 48 48 55
Contents xi 4.2.6 ISO/IEC 27019. 105 4.2.7 NIST SP 800-53 . 107 4.2.8 NRC RG 5.71. 109 4.2.9 NIST SP 800-64. 111 4.2.10 NIST SP 800-124. 111 4.3 The Systematic Approach to Cyberseurity Management in the Electricity Sector. 114 4.3.1 Cybersecurity Programme Establishment. 114 4.3.2 Risk Assessment. 118 4.3.3 Risk Treatment. 121 4.3.4 Cybersecurity Assessment, Monitoring and Improvement .122 4.3.5 Communication and Consultation .123 References.124 5 Cost of Cybersecurity Management. 127 5.1 Introduction. 127 5.2 Economic Studies. 129 5.3 Organisation Management
Studies. 130 5.4 Cost-Benefit Analysis. 132 5.4.1 I-CAMP and I-CAMPII. 132 5.4.2 SAEM. 133 5.4.3 SQUARE. 134 5.5 Cost Calculators . 134 5.6 Costing Metrics. 134 5.6.1 NPV. 135 5.6.2 RR. 135 5.6.3 ROI . 135 5.6.4 ALE. 135 5.6.5 Cost of Vulnerability Mitigation. 136 5.7 CAsPeA. 136 5.7.1 Selected and Adapted Costing System. 137 5.7.2 List of Activities. 138 5.7.3 Cost Centres and Activity Cost Drivers. 139 5.7.4
Input Data. 141 5.7.5 Output Data. 142 5.8 Chapter Summary. 143 References.144 6 Cybersecurity Assessment.149 6.1 Introduction. 149 6.2 Security Assessment Methods for the Electricity Sector. 151 6.3 Cybersecurity Testbeds for Power Systems. 153 6.3.1 National SCADA Test Bed. 153 6.3.2 DETERLab.153 6.3.3 PowerCyber Testbed and Other Academic, Hybrid Testbeds 154
Contents xii 6.3.4 ERNCIP Inventory of Laboratories . 154 JRC Cybersecurity Assessment Method. 155 6.4.1 Analysis of Networks, Systems and Assets. 155 6.4.2 Reproduction of Networks, Systemsand Cyberassets in a Cybersecurity Laboratory. 156 6.4.3 Determination and Analysis of Usage Patterns. 157 6.4.4 Design of Experiments. 157 6.4.5 Performance of Experiments. 158 6.4.6 Analysis of Results. 158 6.5 Laboratory Infrastructure. 159 6.5.1 Mirrored System. 159 6.5.2 Threat and Attack Centre. 160 6.5.3 Observer Terminal. 162 6.5.4 Vulnerabilities and Countermeasures Repository. 163 6.5.5 Testbed Master Administrator. 164 6.5.6 Horizontal Services. 165 6.6 MAlSim. 166 6.6.1 Mobile Agents
. 167 6.6.2 JADE. 168 6.6.3 MAlSim Architecture. 169 6.6.4 Malware Templates . 170 6.6.5 Experiments’Life Cycle. 176 References. 176 6.4 7 Cybersecurity Controls. 181 7.1 Introduction. 181 7.2 Standard Technical Solutions. 184 7.2.1 Cryptographic Mechanisms. 184 7.2.2 Key Management. 186 7.2.3 Identification, Authentication and Authorisation. 188 7.2.4 Access Control. 189 7.2.5 Firewalls. 190 7.2.6 Intrusion Detection and PreventionSystems. 191 7.3 Information Sharing Platform on Cybersecurity Incidents for the Energy Sector
. 194 7.3.1 Anonymisation Mechanisms. 195 7.3.2 Cybersecurity Requirements and Measures.195 7.3.3 Data Model. 196 7.3.4 Data Sanitisation Rules. 197 7.4 Situation Awareness Network. 199 7.4.1 Architecture . 200 7.4.2 Security Requirements for Sensors. 201 7.4.3 Event Correlation Rules. 202 7.4.4 Testing Metrics. 203 References. 204
Contents 8 xiii Conclusions. 211 8.1 Challenges. 211 8.2 Solutions . 212 8.3 Systematic Cybersecurity Management. 212 |
| adam_txt | |
| any_adam_object | 1 |
| any_adam_object_boolean | |
| author | Leszczyna, Rafał ca. 20./21. Jahrhundert |
| author_GND | (DE-588)1201424615 |
| author_facet | Leszczyna, Rafał ca. 20./21. Jahrhundert |
| author_role | aut |
| author_sort | Leszczyna, Rafał ca. 20./21. Jahrhundert |
| author_variant | r l rl |
| building | Verbundindex |
| bvnumber | BV047086950 |
| classification_rvk | ST 277 |
| ctrlnum | (OCoLC)1257805157 (DE-599)BVBBV047086950 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| discipline_str_mv | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>00000nam a2200000 c 4500</leader><controlfield tag="001">BV047086950</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20250203</controlfield><controlfield tag="007">t|</controlfield><controlfield tag="008">210114s2019 xx a||| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9783030195403</subfield><subfield code="9">978-3-030-19540-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9783030195373</subfield><subfield code="9">978-3-030-19537-3</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1257805157</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV047086950</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-11</subfield><subfield code="a">DE-739</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Leszczyna, Rafał</subfield><subfield code="d">ca. 20./21. Jahrhundert</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1201424615</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Cybersecurity in the electricity sector</subfield><subfield code="b">managing critical infrastructure</subfield><subfield code="c">Rafał Leszczyna</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Cham</subfield><subfield code="b">Springer</subfield><subfield code="c">[2019]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">© 2019</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xvi, 213 Seiten</subfield><subfield code="b">Illustrationen (überwiegend farbig)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Power Electronics, Electrical Machines and Networks</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Data protection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Production of electric energy or</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Energieversorgung</subfield><subfield code="0">(DE-588)4014736-8</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Energieversorgung</subfield><subfield code="0">(DE-588)4014736-8</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe</subfield><subfield code="z">978-3-030-19538-0</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032493609&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-032493609</subfield></datafield></record></collection> |
| id | DE-604.BV047086950 |
| illustrated | Illustrated |
| index_date | 2024-07-03T16:18:06Z |
| indexdate | 2025-02-12T07:00:53Z |
| institution | BVB |
| isbn | 9783030195403 9783030195373 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-032493609 |
| oclc_num | 1257805157 |
| open_access_boolean | |
| owner | DE-11 DE-739 |
| owner_facet | DE-11 DE-739 |
| physical | xvi, 213 Seiten Illustrationen (überwiegend farbig) |
| publishDate | 2019 |
| publishDateSearch | 2019 |
| publishDateSort | 2019 |
| publisher | Springer |
| record_format | marc |
| spelling | Leszczyna, Rafał ca. 20./21. Jahrhundert Verfasser (DE-588)1201424615 aut Cybersecurity in the electricity sector managing critical infrastructure Rafał Leszczyna Cham Springer [2019] © 2019 xvi, 213 Seiten Illustrationen (überwiegend farbig) txt rdacontent n rdamedia nc rdacarrier Security Power Electronics, Electrical Machines and Networks Data protection Production of electric energy or Energieversorgung (DE-588)4014736-8 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Computersicherheit (DE-588)4274324-2 s Energieversorgung (DE-588)4014736-8 s DE-604 Erscheint auch als Online-Ausgabe 978-3-030-19538-0 Digitalisierung UB Passau - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032493609&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Leszczyna, Rafał ca. 20./21. Jahrhundert Cybersecurity in the electricity sector managing critical infrastructure Security Power Electronics, Electrical Machines and Networks Data protection Production of electric energy or Energieversorgung (DE-588)4014736-8 gnd Computersicherheit (DE-588)4274324-2 gnd |
| subject_GND | (DE-588)4014736-8 (DE-588)4274324-2 |
| title | Cybersecurity in the electricity sector managing critical infrastructure |
| title_auth | Cybersecurity in the electricity sector managing critical infrastructure |
| title_exact_search | Cybersecurity in the electricity sector managing critical infrastructure |
| title_exact_search_txtP | Cybersecurity in the electricity sector managing critical infrastructure |
| title_full | Cybersecurity in the electricity sector managing critical infrastructure Rafał Leszczyna |
| title_fullStr | Cybersecurity in the electricity sector managing critical infrastructure Rafał Leszczyna |
| title_full_unstemmed | Cybersecurity in the electricity sector managing critical infrastructure Rafał Leszczyna |
| title_short | Cybersecurity in the electricity sector |
| title_sort | cybersecurity in the electricity sector managing critical infrastructure |
| title_sub | managing critical infrastructure |
| topic | Security Power Electronics, Electrical Machines and Networks Data protection Production of electric energy or Energieversorgung (DE-588)4014736-8 gnd Computersicherheit (DE-588)4274324-2 gnd |
| topic_facet | Security Power Electronics, Electrical Machines and Networks Data protection Production of electric energy or Energieversorgung Computersicherheit |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=032493609&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT leszczynarafał cybersecurityintheelectricitysectormanagingcriticalinfrastructure |