Atjaunināt sīkdatņu piekrišanu

Critical Infrastructure Security: Assessment, Prevention, Detection, Response [Hardback]

Edited by
  • Formāts: Hardback, 326 pages, height x width: 234x156 mm, Illustrations
  • Izdošanas datums: 31-May-2011
  • Izdevniecība: WIT Press
  • ISBN-10: 1845645626
  • ISBN-13: 9781845645625
Citas grāmatas par šo tēmu:
  • Hardback
  • Cena: 205,57 €
  • Grāmatu piegādes laiks ir 3-4 nedēļas, ja grāmata ir uz vietas izdevniecības noliktavā. Ja izdevējam nepieciešams publicēt jaunu tirāžu, grāmatas piegāde var aizkavēties.
  • Daudzums:
  • Ielikt grozā
  • Piegādes laiks - 4-6 nedēļas
  • Pievienot vēlmju sarakstam
Critical Infrastructure Security: Assessment, Prevention, Detection, ResponsePalielināt
  • Formāts: Hardback, 326 pages, height x width: 234x156 mm, Illustrations
  • Izdošanas datums: 31-May-2011
  • Izdevniecība: WIT Press
  • ISBN-10: 1845645626
  • ISBN-13: 9781845645625
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781845645625.html
Keywords:
This book provides a comprehensive survey of state-of-the-art techniques for the security of critical infrastructures, addressing both logical and physical aspects from an engineering point of view. Recently developed methodologies and tools for CI analysis as well as strategies and technologies for CI protection are investigated in the following strongly interrelated and multidisciplinary main fields: - Vulnerability analysis and risk assessment - Threat prevention, detection and response - Emergency planning and management Each of the aforementioned topics is addressed considering both theoretical aspects and practical applications. Emphasis is given to model-based holistic evaluation approaches as well as to emerging protection technologies, including smart surveillance through networks of intelligent sensing devices. Critical Infrastructure Security can be used as a self-contained reference handbook for both practitioners and researchers or even as a textbook for master/doctoral degree students in engineering or related disciplines.More specifically, the topic coverage of the book includes: - Historical background on threats to critical infrastructures - Model-based risk evaluation and management approaches - Security surveys and game-theoretic vulnerability assessment - Federated simulation for interdependency analysis - Security operator training and emergency preparedness - Intelligent multimedia (audio-video) surveillance - Terahertz body scanners for weapon and explosive detection - Security system design (intrusion detection / access control) - Dependability and resilience of computer networks (SCADA / cyber-security) - Wireless smart-sensor networks and structural health monitoring - Information systems for crisis response and emergency management - Early warning, situation awareness and decision support software
Preface xv
Part I Fundamentals of Security Risk and Vulnerability Assessment
1 Model-based risk analysis for critical infrastructures
3(18)
1 Introduction
3(2)
2 The critical infrastructure problem
5(1)
3 Tools
6(2)
4 Multi-criterion tools (CARVER and MSRAM)
8(2)
4.1 CARVER
8(1)
4.2 MSRAM
9(1)
5 CI/KR as a Network
10(4)
5.1 MBRA
11(2)
5.2 KDAS
13(1)
6 Resource allocation
14(4)
6.1 Network science
15(1)
6.2 An illustration
16(2)
7 Conclusion
18(3)
2 Physical vulnerability assessment
21(18)
1 Introduction
21(2)
1.1 Terminology
21(1)
1.2 What a VA is not
22(1)
2 Common techniques for finding vulnerabilities
23(5)
2.1 Security Survey
23(1)
2.2 Security Audit
23(1)
2.3 Design Basis Threat (DBT)
24(1)
2.4 CARVER Method
25(1)
2.5 Delphi Method
25(1)
2.6 Fault Tree Analysis
26(1)
2.7 Software tools
26(1)
2.8 Adversarial Vulnerability Assessments
26(2)
3 VA best practices
28(6)
3.1 VA personnel
28(1)
3.2 Brainstorming
29(2)
3.3 Common security mistakes
31(2)
3.3 The VA report: Delivering the "bad news"
33(1)
4 Vulnerability myths and mistakes
34(5)
Part II Modeling and Simulation Tools for Critical Infrastructures
3 Modeling and simulation of critical infrastructures
39(18)
1 Introduction
39(1)
2 Interdependency modeling
40(2)
3 Holistic approaches
42(3)
4 Critical Infrastructures as Complex Systems
45(3)
4.1 Topological analysis
45(2)
4.2 Functional analysis
47(1)
5 Simulative approaches
48(4)
5.1 Agent-based approaches
50(1)
5.2 Multilayer approaches
51(1)
6 Conclusions
52(5)
4 Graphical formalisms for modelling critical infrastructures
57(18)
1 Introduction
57(1)
2 Requirements for CI modelling and simulation
58(2)
3 Graphical formalisms for CI modelling and simulation
60(5)
3.1 Graph-based techniques
60(1)
3.2 Petri Nets (PNs)
61(1)
3.3 General simulation environments
62(1)
3.4 Agent-based modelling and simulation
62(1)
3.5 Discussion of requirements
63(2)
4 Practical experiences in modelling CIs: meeting the requirements with SAN
65(5)
4.1 CRUTIAL and HIDENETS: a brief introduction
66(1)
4.2 On the usage of SAN to match requirement R4
66(3)
4.3 On the usage of SAN to match requirement R6
69(1)
5 Conclusions
70(5)
5 Semantic interoperability among federated simulators of critical infrastructures -- DIESIS project
75(16)
1 Introduction
76(2)
2 Related works and initiatives
78(2)
3 DIESIS project
80(9)
3.1 Managerial, legal and economic features
80(1)
3.2 Technical features
81(8)
4 Conclusion
89(2)
6 Game theory in infrastructure security
91(16)
1 Introduction
91(2)
2 Game-theoretic models
93(7)
2.1 Simultaneous AD games
93(1)
2.2 Sequential DA games
94(2)
2.3 Sequential AD games
96(1)
2.4 Sequential DAD games
97(1)
2.5 Simultaneous DD games
98(2)
3 Limitations of game-theoretic models
100(1)
4 Conclusion
101(6)
Part III Cybersecurity in Information and SCADA Systems
7 Modelling, measuring and managing information technology risks
107(18)
1 Introduction
107(1)
2 What is risk with respect to information systems?
108(2)
2.1 Threats
108(1)
2.2 Vulnerabilities
109(1)
3 Why is it important to manage risk?
110(1)
4 Managing risk at the organizational level
110(1)
5 How is risk assessed?
111(6)
5.1 Quantitative risk assessment
112(1)
5.2 Qualitative risk assessment
112(5)
6 How is risk managed?
117(4)
6.1 Strategies for managing individual risks
117(1)
6.2 High-level risk management strategies
118(1)
6.3 Communicating risks and risk management strategies
119(1)
6.4 Implementing risk management strategies
120(1)
7 What are some common risk assessment/management methodologies and tools?
121(1)
7.1 NIST methodology
121(1)
7.2 OCTAVE®
122(1)
7.3 FRAP
122(1)
7.4 GRC tools
122(1)
8 Summary
122(3)
8 Trustworthiness evaluation of critical information infrastructures
125(16)
1 Introduction
125(1)
2 Dependability and security evaluation approaches
126(5)
2.1 A taxonomy for evaluation approaches
126(2)
2.2 Common evaluation approaches and applications
128(3)
3 On the evaluation of Financial Infrastructure Protection (FIP)
131(3)
3.1 FCI: Trustworthiness evaluation trends
131(1)
3.2 FIP trustworthiness requirements and key components
132(1)
3.3 FIP example: CoMiFin as a FCI wrapper
133(1)
3.4 Metric-based FIP trustworthiness evaluation
134(1)
4 On the evaluation of CIIP
134(4)
4.1 Design requirements for CIIP
135(1)
4.2 Peer-to-Peer (P2P)-based CIIP
136(1)
4.3 Mitigation strategy for node crashes
137(1)
4.4 Mitigation strategy for illicit SCADA data modification
137(1)
4.5 Evaluation of P2P-based CIIP
137(1)
5 Conclusion
138(3)
9 Network resilience
141(14)
1 Introduction
141(3)
2 A component-based framework for improving network resilience in CIs
144(2)
3 Intrusion detection and reaction in satellite networks
146(2)
4 Detection and remediation of a distributed attack over an IP-based network
148(1)
5 Diagnosis-driven reconfiguration of WSNs
149(3)
6 Conclusions
152(3)
10 Wireless sensor networks for critical infrastructure protection
155(22)
1 Introduction
155(2)
2 Security threat analysis
157(2)
2.1 Adversary models
157(1)
2.2 Risk assessment
158(1)
3 Survey of the state of the art
159(6)
3.1 Sensor node protection
160(1)
3.2 Dependable sensor networking
161(3)
3.3 Dependable sensor network services
164(1)
4 Conclusions and identification of further research topics
165(12)
Part IV Monitoring and Surveillance Technologies
11 Intelligent video surveillance
177(14)
1 Introduction
177(2)
2 Architecture of an IVS system
179(2)
3 Examples of applications
181(6)
3.1 LAICA project
181(1)
3.2 THIS project
182(4)
3.3 Other examples
186(1)
4 Conclusions
187(4)
12 Audio surveillance
191(16)
1 Introduction
191(2)
2 Sound recognition for audio surveillance
193(4)
3 A representative picture of the related literature
197(4)
3.1 Evaluation of audio surveillance frameworks
199(2)
4 Privacy
201(1)
5 Conclusion
202(5)
13 Terahertz for weapon and explosive detection
207(14)
1 Introduction
207(1)
2 Terahertz technology
208(3)
2.1 Overview
208(1)
2.2 THz systems
209(2)
3 Terahertz for weapons detection
211(2)
4 Terahertz for explosive detection
213(3)
5 Discussion
216(5)
14 Structural health monitoring
221(12)
1 Introduction
221(1)
2 Structural evaluation
222(1)
3 Sensor selection
223(5)
3.1 Accelerometers
224(1)
3.2 Strain sensors
224(1)
3.3 Tilt sensors
224(1)
3.4 Displacement sensors
224(1)
3.5 Corrosion sensors
225(1)
3.6 Fiber Bragg Gratings (FBGs)
226(1)
3.7 Acoustic emission sensors
227(1)
3.8 Additional technologies
227(1)
4 System design and integration
228(2)
4.1 Data acquisition
229(1)
5 Review and interpretation of the data
230(1)
6 Summary
230(3)
15 Networks of simple sensors for detecting emplacement of improvised explosive devices
233(16)
1 Introduction
233(1)
2 Clues to IED emplacement
234(7)
2.1 Cameras versus nonimaging sensors
234(1)
2.2 Prior probabilities for emplacement
235(3)
2.3 Anomalous behavior
238(1)
2.4 Goal changing and coordinated activity
239(2)
3 Sensor management
241(1)
4 Experiments
242(2)
5 Conclusions
244(5)
Part V Security Systems Integration and Alarm Management
16 Security systems design and integration
249(18)
1 Introduction
249(1)
2 The intrusion detection system
250(5)
2.1 Sensors
251(2)
2.2 Internal sensors
253(1)
2.3 External sensors
254(1)
3 The access control system
255(2)
4 The video surveillance system
257(3)
5 The communication network
260(3)
6 Integration of security systems: The supervision and control system
263(2)
7 Conclusions
265(2)
17 Multisource information fusion for critical infrastructure situation awareness
267(12)
1 Introduction
267(1)
2 Joint Directors of Laboratories (JDL) data fusion process model
268(2)
3 Comments on the state of the art
270(1)
4 Human-centric information fusion
271(3)
5 Implications for infrastructure situation awareness
274(1)
6 Summary
274(5)
18 Simulation-based learning in the physical security industry
279(14)
1 Introduction
279(1)
2 Simulation overview
279(1)
3 Security simulation
280(1)
4 Security simulation domains
280(3)
4.1 Computation simulators
280(2)
4.2 Interactive simulation
282(1)
5 Simulation in a training environment
283(4)
5.1 Systematic approach to training for simulation
284(3)
6 Interactive simulators and simulation learning theory
287(2)
6.1 Learning retention
288(1)
7 Security simulation and vulnerability assessment
289(1)
8 Historical adoption curve of use of simulators
289(2)
9 Conclusion
291(2)
19 Frameworks and tools for emergency response and crisis management
293
1 Introduction
293(1)
2 CATS
294(7)
2.1 CATS architecture
294(2)
2.2 Model descriptions
296(2)
2.3 Consequence assessment
298(3)
3 Summary and conclusions
301
Prof. Francesco FLAMMINI (Ph.D., Computer Science, University of Naples Federico II) is an Adjunct Professor of Software Engineering and Computer Science at the University of Naples "Federico II", ITALY From October 2003 through January 2007, he worked at Ansaldo STS as a Software/RAMS Engineer in the Verification & Validation unit and was involved in several European Railway Traffic Management System / European Train Control System projects, specializing in functional testing of critical control systems. Since February 2007, after moving to the Innovation & Competitiveness unit, he has won several company awards for his work on critical infrastructure protection, transportation security and several interdisciplinary research projects. The author of more than 35 scientific papers published in international journals, book chapters and conference proceedings, his main research interests are the dependability and security of critical systems and infrastructures, including multi-paradigm modeling approaches. He is Editor in Chief of the International Journal of Critical Computer-Based Systems (Inderscience Publishers). He has served as a chairman, a member of the International Program Committee and a reviewer for several international conferences and IEEE journals. He is Vice-Chair of the IEEE Computer Society Italy and participates on several Technical Committees, including Software Engineering and Fault Tolerant Computing. He is also a member of the European Workshop on Industrial Computer Systems Reliability, Safety and Security (EWICS TC7), FME (Formal Methods Europe), ERCIM Working Group on Formal Methods for Industrial Critical Systems (FMICS), ESRA TC on Operational Safety and Security of Interconnected Critical Infrastructures, and IEEE SMC TC on Homeland Security.