The International Society of Automation (ISA) has published a new book that outlines proven security principles, practices and standards that can safeguard nations’ critical infrastructure, defence establishment, and production capabilities from the risks of cyberattack.
Industrial Automation and Control System Security Principles has been written by Ronald L. Krutz. He is a scientist and consultant specialising in cybersecurity services.
Dr. Krutz illustrates that while cyberwarfare presents considerable challenges to essential national assets—such as refineries, chemical plants, manufacturing operations, power plants and pipelines– there are highly effective, structured defenses against such aggression.
His book reveals a practical, implementable cybersecurity formula that incorporates the fundamentals of information system security while addressing the unique requirements of industrial automation and control systems.
“While there are numerous and worthy publications that discuss the protection of computer-based systems in a wide variety of implementations, these documents focus more on general terms, mostly in the area of risk analysis, and apply to disparate areas of applications,” says Dr. Krutz.
“In my book, I focus on in-depth treatment of proven, clearly identified cybersecurity principles, practices and standards, and how they can be tailored and applied to the special environments of industrial automation and control systems.”
"For cybersecurity solutions to be effective," he emphasizes, "they must be practical instruments that can be clearly understood by practicing control system professionals and straightforwardly applied in real-world situations.”
In separate chapters of the book, Dr. Krutz also highlights the importance of staying up to date on technological trends affecting future industrial automation and controls systems, and providing the necessary training to cybersecurity-related personnel.
At the end of all chapters are review questions. Answers are provided in the appendix.
Dr. Krutz is Chief Scientist for Security Risk Solutions South Carolina. He has more than 30 years of experience in industrial automation and control systems, distributed computing systems, computer architectures, information assurance methodologies and information security training.
Dr. Krutz (pictured here) has served as: a Senior Information Security Consultant at Lockheed Martin, BAE Systems, and REALTECH Systems; an Associate Director of the Carnegie Mellon Research Institute, which he founded; a professor in the Carnegie Mellon University Department of Electrical and Computer Engineering; and a lead instructor for (ISC)2 in its Certified Information Systems Security Professionals (CISSP) training seminars.
He authored the book, Securing SCADA Systems, and three textbooks on microcomputer system design, computer interfacing and computer architecture.
He holds seven patents in the area of digital systems, and has published more than 30 technical papers.
The 447-page book is priced at US$89.00 for non-ISA members.