چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Cybersecurity in Transport Systems (Transportation)

Martin Hawley

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Martin Hawley
سال انتشار
۲۰۲۳
فرمت
PDF
زبان
انگلیسی
حجم فایل
۱۷٫۲ مگابایت
شابک
9781785616686، 1785616684

دربارهٔ کتاب

The role of data and information and communication technology (ICT) is growing in all areas of transport, with autonomous vehicles among the most advanced examples. This opens up opportunities for malevolent interference, such as remote-control of vehicles for criminal or terrorist purposes or interruption of increasingly interconnected transport systems. It is therefore imperative that cybersecurity is upgraded and designed into new systems. Focusing on the management of security and the principles of security technologies in the context of transport systems, this book equips readers with an understanding of what management actions need to be taken and the sort of technologies available to defend against cyberattacks. To improve their decision making, managers need to understand how security practices and technologies work, so the book spans a range of areas: from regulations to security management, to the principles of selected technologies. Cybersecurity in Transport Systems provides insights across multiple modes of transport, including insight from seasoned practitioners. It also addresses advances and themes in current research and the future outlook as we move to increasing digital transformation. The book is aimed at managers in the transport sector but is widely applicable to other sectors, especially those that are safety critical. Much of the book will be useful to students considering careers in industries that rely on information technology, and to researchers in academia and industry. Contents About the Editor Introduction 1 Modernisation in transport 1.1 Introduction 1.2 Drivers of change in the transport sector 1.2.1 Introduction 1.2.2 Growth as a driver for change 1.2.3 Performance drivers 1.2.4 Network effects 1.2.5 Regulatory drivers 1.2.6 Trends in regulation 1.2.6.1 Performance-based regulation 1.2.6.2 Regulatory resources 1.2.6.3 Privacy 1.3 Convergence of OT and IT 1.3.1 Operational technology 1.3.2 Integration of IT into operations 1.3.3 Mobility as a service 1.3.4 IoT devices 1.3.5 AI - attack and defence 1.3.6 Growing hazards 1.4 Cross sector examples of modernisation 1.4.1 Introduction 1.4.2 Global navigation satellite systems 1.4.3 Passenger information systems 1.4.4 On-board infotainment systems 1.4.5 Retail systems 1.5 Aviation modernisation 1.5.1 Overview 1.5.2 The connected aircraft 1.5.2.1 Control of the aircraft 1.5.2.2 Airline information services 1.5.2.3 Passenger cabin entertainment 1.5.3 Modernisation of communications networks 1.5.4 Digital towers 1.5.5 Surveillance in aviation 1.5.5.1 Flight tracking applications 1.5.5.2 ADS-B vulnerabilities 1.6 Maritime modernisation 1.6.1 Overview 1.6.2 Automatic identification system 1.6.2.1 Ship tracking applications 1.6.2.2 AIS vulnerabilities 1.7 Rail modernisation 1.7.1 Overview 1.7.2 The European rail traffic management system 1.7.3 GNSS in rail 1.8 Road modernisation 1.8.1 Overview 1.8.2 Highly automated vehicles 1.8.3 Threats and vulnerabilities 1.8.4 Data protection and privacy 1.8.5 The Vienna convention 1.9 Conclusions References 2 Navigating the transport system security landscape: threats, responses and governance 2.1 Introduction 2.2 Context 2.3 Transport system evolution 2.4 What are we trying to protect? 2.4.1 Self-protection and collaborative support 2.4.2 Assets 2.4.2.1 Physical assets 2.4.2.2 Human assets 2.4.2.3 Information assets 2.4.2.4 Organisational assets 2.4.2.5 Service provision 2.5 Threats and vulnerabilities 2.5.1 Threats 2.5.2 Threat agents 2.5.3 Vulnerabilities 2.6 Impacts 2.7 Cyber-security incidents in transport 2.7.1 Introduction 2.7.2 Malware 2.7.2.1 Rail signalling systems immobilized 2.7.2.2 Flight-planning computer immobilized 2.7.2.3 Air traffic control system loss of integrity 2.7.2.4 Airport-targeted phishing scam 2.7.2.5 Railway reservation systems made inaccessible 2.7.2.6 Exposure of airport employee personal details 2.7.3 System breaches 2.7.3.1 Tram derailment 2.7.3.2 Databases compromised 2.7.3.3 Breach of cargo handling systems to enable drug smuggling 2.7.3.4 Breach of airline booking system 2.7.4 Remote monitoring, maintenance and control 2.7.4.1 Loss of airport communications including ATC 2.7.4.2 Remote access to control car systems 2.7.4.3 Eavesdropping 2.7.4.4 GNSS spoofing 2.7.5 Unintentional acts 2.7.5.1 Unintentional denial of GNSS service 2.8 Responding to the challenge 2.8.1 Introduction 2.8.2 Cyber-security strategies 2.8.3 Cyber resilience 2.8.4 System-wide approach 2.8.5 Holistic view 2.8.6 System life cycle 2.8.7 Common level of security 2.8.8 Secure information sharing 2.8.9 Handling security incidents 2.8.10 Security culture 2.9 Regulations, standards and guidance material 2.9.1 Introduction 2.9.2 Cross modal 2.9.2.1 International standards and guidance 2.9.2.2 Regional regulations 2.9.2.3 National standards and guidance 2.9.3 Aviation 2.9.3.1 Global regulations, standards and guidance 2.9.3.2 Regional regulations, standards and guidance 2.9.3.3 National regulations, standards and guidance 2.9.3.4 Observations 2.9.4 Maritime 2.9.4.1 Global standards 2.9.4.2 Regional regulations and standards 2.9.4.3 National regulations and standards 2.9.4.4 Observations 2.9.5 Rail 2.9.5.1 Global standards and guidance 2.9.5.2 Regional regulations and standards 2.9.5.3 National regulations, standards and guidance 2.9.5.4 Observations 2.9.6 Road 2.9.6.1 Guidance material 2.9.6.2 Standards 2.9.6.3 Regulations 2.9.6.4 Observations 2.10 Conclusions 2.11 Forthcoming Developments References 3 Introduction to risk management 3.1 Introduction 3.1.1 Overview 3.1.2 Risk management 3.1.3 Risk and decision-making 3.1.3.1 What is risk? 3.1.3.2 Risk embodies knowledge 3.1.4 Dealing with the extremes of impact and probability 3.1.5 Taking decisions from risk assessment 3.1.6 The language of risk 3.1.6.1 Probability 3.1.6.2 Likelihood 3.1.6.3 Frequency 3.1.6.4 Uncertainty 3.1.7 Approaches to risk management 3.1.7.1 Generalised approach to risk management 3.1.7.2 Technical approach to risk management 3.2 Cybersecurity risk management 3.2.1 Introduction 3.2.2 Cybersecurity risk concepts 3.2.2.1 Assets 3.2.2.2 Risk 3.2.2.3 Threat 3.2.2.4 Threat actor 3.2.2.5 Attack method 3.2.2.6 Vulnerability 3.2.2.7 Impact 3.2.2.8 Risk evaluation 3.2.2.9 Security control 3.2.3 Cybersecurity risk management standards 3.2.3.1 Introduction 3.2.3.2 ISO 27005 3.2.3.3 Other risk frameworks 3.2.3.4 Comparing risk frameworks 3.2.3.5 Supply chain risk 3.2.4 Analysing cybersecurity risk 3.2.5 Resourcing cybersecurity risk management 3.3 Walk-through of risk management 3.3.1 Introduction 3.3.2 Establishing the context 3.3.2.1 Security criteria/objectives 3.3.2.2 Estimating the impact of loss of CIA on each primary asset 3.3.2.3 Impact categorization 3.3.3 Risk assessment 3.3.3.1 Risk identification 3.3.3.2 Risk analysis 3.3.3.3 Determining risk 3.3.3.4 Risk evaluation 3.3.4 Risk treatment 3.3.4.1 Implementing controls 3.3.4.2 Control specifications 3.3.5 Communicating and consulting 3.3.6 Risk monitoring and review 3.3.7 System level risk management 3.4 Conclusion References 4 Security management systems 4.1 Introduction 4.2 Security and operational continuity - organisational resilience 4.2.1 Security 4.2.2 Organisational security 4.2.3 Resilience spectrum - beyond defending the fortress 4.2.4 Critical infrastructure thinking 4.3 Management systems 4.4 Aspects of security management system implementation 4.4.1 Introduction 4.4.2 Implementing a security management system 4.4.3 Human factors 4.4.3.1 Security risk perception 4.4.3.2 Incident situational awareness 4.4.4 Organisational and security culture 4.4.5 Reinventing the wheel - what can we learn from safety? 4.4.6 Technological support for security management 4.5 Collaborative security management 4.5.1 Introduction 4.5.2 Information Sharing and Analysis Centres 4.5.3 Information exchange 4.5.4 Information sharing methods 4.5.5 Developing a collaborative approach 4.5.6 Collaborative support 4.6 Conclusions References 5 Security and safety 5.1 Introduction 5.1.1 Safety management and assurance 5.1.2 Differences in risk management approaches 5.2 Safety management 5.3 Safety risk management 5.3.1 Safety management without failure 5.3.2 Safety management in failure conditions 5.4 Safety assurance 5.5 The safety case 5.5.1 Safety case structure 5.6 The security case 5.6.1 Introduction 5.6.2 Structure of a security case 5.6.3 Security claim 5.6.4 Argument 1: security policy 5.6.5 Argument 2: security concept 5.6.6 Argument 3: collaborative support 5.6.7 Argument 4: incident preparedness and operational continuity management 5.6.8 Argument 5: security interaction with outside systems 5.6.9 Argument 6: credibility of the security case 5.6.10 Argument 7: relationship between security and other KPIs 5.7 Linking cybersecurity with safety 5.7.1 Introduction 5.7.1.1 Resilience 5.7.1.2 Challenges in creating a resilience case 5.7.2 Improve transport industry awareness and supporting guidance 5.7.3 Agree a common cyber and safety taxonomy 5.7.4 The extent that cyber and safety should be integrated 5.7.5 Methodologies for integrating safety and security processes 5.7.5.1 Cyber-physical systems safety and security alignment approach 5.7.5.2 HAZOP-based security analysis 5.7.5.3 System-theoretic process analysis applied to security 5.7.6 Operational challenges in linking cybersecurity with safety 5.7.7 Professional development 5.7.8 Regulation and guidance 5.8 Conclusions References 6 Prevention security controls 6.1 Introduction 6.1.1 Post-event controls 6.1.2 Defence in depth and breadth 6.1.3 Organisation of the chapter 6.2 Designing in security through better software 6.2.1 Introduction 6.2.2 A hardware primer 6.2.3 Introducing software 6.2.4 Creating software 6.2.5 How does software become vulnerable? 6.2.5.1 What is a vulnerability? 6.2.5.2 How do bugs arise? 6.2.6 Summary 6.3 Patch management 6.4 Encryption 6.5 Internet security 6.5.1 Transmission of data 6.5.2 IPSec 6.5.3 Transport layer security 6.6 Passwords 6.6.1 Offline password cracking 6.6.2 Rainbow tables 6.6.3 Key derivation functions 6.6.4 Password policies 6.6.5 Multifactor authentication 6.7 Malware protection 6.8 Firewalls 6.8.1 Packet filter firewalls 6.8.2 Deep packet inspection 6.8.3 Application-layer firewalls 6.8.4 Implementation considerations 6.9 Email security 6.9.1 The email problem 6.9.1.1 Introduction 6.9.1.2 Email as a common point of entry 6.9.2 Key components of email communication 6.9.3 Securing email 6.9.4 DMARC, SPF and DKIM 6.9.4.1 Sender policy framework 6.9.4.2 Domain keys identified mail 6.9.4.3 DMARC 6.9.5 Email security awareness 6.10 Conclusion References 7 Threat identification, monitoring and detection 7.1 Introduction 7.1.1 Overview 7.1.2 Why securing the perimeter is not enough 7.1.2.1 The permeable organisation in the current threat landscape 7.1.2.2 Cyber resilience 7.1.2.3 The increasing capability of threat actors 7.1.2.4 Chapter contents 7.2 What are threats and how do we detect them? 7.2.1 Threats and Threat Intelligence 7.2.2 Types of threat intelligence 7.2.3 Indicators of compromise 7.2.4 Threat hunting 7.2.5 Threat actors 7.2.6 Threat analysis methods and frameworks 7.2.6.1 Threat modelling 7.2.6.2 STRIDE 7.2.6.3 Adversary models 7.2.6.4 The Cyber Kill Chain® as a framework for understanding cyber attacks 7.2.6.5 MITRE ATT&CK Framework 7.3 Monitoring and detection technologies 7.3.1 Introduction 7.3.1.1 Associated standards and regulation 7.3.2 Log management 7.3.3 Security information and event manager (SIEM) 7.3.4 Network monitoring and intrusion detection systems (IDS) 7.3.4.1 IDS Implementation considerations 7.3.4.2 IDS limitations 7.3.4.3 Summary 7.3.5 Intrusion prevention 7.3.6 Anomaly detection 7.3.6.1 Baselining the network 7.3.6.2 Anomaly detection algorithms and machine learning 7.3.6.3 Monitoring decentralised networks 7.3.7 End point detection and response 7.3.7.1 Practical considerations with EDR 7.3.7.2 Adding threat intelligence feeds into EDR 7.4 Services 7.4.1 Managed detection and response 7.4.2 Security operations centre 7.4.2.1 Implementing a SOC 7.4.3 Computer emergency response teams 7.5 Conclusions References 8 Technical response and correction 8.1 Introduction 8.1.1 Context 8.1.2 What is an incident? 8.1.3 Types of incidents 8.1.3.1 Actor 8.1.3.2 Actions 8.1.3.3 Attributes 8.1.4 Incident response 8.1.4.1 Phases of an effective incident response 8.2 Preparation 8.2.1 Incident handling policy 8.2.2 Definition of an incident 8.2.3 Incident categorisation 8.2.4 Responsibility for reporting an incident 8.2.5 Roles and responsibilities 8.2.6 Incident response plan 8.2.7 Incident response team 8.2.8 Extended incident response team 8.2.9 Playbooks 8.2.10 Supporting documentation 8.2.11 Technology 8.2.12 Workflow technology 8.2.13 Investigative technology 8.2.14 Remediation technology 8.2.15 Training 8.2.16 Reputation 8.3 Incident analysis and investigation 8.3.1 Event triage 8.3.1.1 Effective triage 8.3.1.2 The importance of visibility and automation in triage 8.3.2 Scope of an investigation 8.3.2.1 Analysis 8.3.2.2 What to collect 8.3.2.3 Methods of collection 8.3.2.4 Inference 8.3.2.5 Action 8.4 Incident remediation 8.4.1 Creating a remediation team 8.4.1.1 Finding the right remediation owner 8.4.1.2 Empowering security teams 8.4.1.3 Securing incident communications from actors 8.4.2 Creating a remediation plan 8.4.2.1 Enabling the investigation and future remediation actions 8.4.2.2 Logging and monitoring 8.4.2.3 Configurations 8.4.2.4 Software vulnerabilities 8.4.2.5 Limiting disruption to compromised assets 8.4.2.6 Internal and external communications 8.4.3 Containment 8.4.3.1 When to initiate containment 8.4.3.2 Automated or human 8.4.3.3 Sophistication 8.4.3.4 Scope 8.4.3.5 Timeframe 8.4.3.6 Impact to critical business functions 8.4.3.7 Examples of containment 8.4.3.8 Company A 8.4.3.9 Company B 8.4.4 Eradication and recovery 8.4.4.1 Eliminate attacker entry vector/s and persistence 8.4.4.2 Execute recovery and prevent recurrence 8.4.4.3 Eliminate attacker connectivity 8.4.5 Post-mortem and continuous improvement 8.4.5.1 Common lessons learned 8.5 Closing remarks 8.6 Case Study - Surviving the extinction event - The 2017 NotPetya attack 8.6.1 What is an extinction event? 8.6.1.1 What is the relevance to the transport sector? 8.6.2 What are the causes of an extinction event? 8.6.2.1 Technical sophistication 8.6.2.2 Collateral damage 8.6.3 Anticipating an extinction event 8.6.3.1 The extinction event scenario 8.6.4 Being ready 8.6.4.1 Do the basics really, really well 8.6.4.2 Have an answer to the 'what ifs' 8.6.4.3 Practice makes perfect 8.6.5 Managing the event 8.6.5.1 Reset your risk appetite 8.6.5.2 Value your people 8.6.5.3 Communicate, communicate, communicate 8.6.5.4 Assume that help is not coming 8.6.5.5 Keep your eye on the horizon 8.6.6 Concluding an extinction event 8.6.6.1 Celebrating success 8.6.6.2 Closure 8.6.6.3 Post-event 8.6.7 Learning from the event 8.6.7.1 Resilience 8.6.7.2 Recovery 8.6.7.3 Continuity 8.6.8 Conclusion References 9 Autonomous vehicles - cybersecurity and privacy challenges and opportunities 9.1 Introduction 9.2 Cybersecurity of autonomous vehicles 9.2.1 Vehicle networks and communications 9.2.1.1 In-vehicle communications 9.2.1.2 Extra-vehicle communications 9.2.2 Cyber threats to CAVs 9.2.3 Attacks on CAVs 9.2.3.1 Global Positioning System 9.2.3.2 Inertial Measurement Unit 9.2.3.3 Monoscopic and stereoscopic cameras 9.2.3.4 Passcode and key attacks 9.2.3.5 V2X network attacks 9.2.3.6 On-board diagnostics: port-based attacks 9.2.3.7 ECU firmware tampering attacks 9.2.3.8 Attacking machine learning models 9.2.4 AI as a cybersecurity mechanism 9.2.4.1 ML/DL in CAVs 9.2.5 Open challenges 9.3 Privacy in CAVs 9.3.1 Privacy issues of CAVs 9.3.2 Data generated by autonomous vehicles 9.3.3 Who wants these data? 9.3.4 Compliance with GDPR 9.3.5 Privacy by design for CAVs 9.4 Autonomous vehicle security: economics and wider landscape 9.4.1 Investment in automotive vehicles 9.4.2 Innovation in security and safety 9.4.3 The autonomous vehicles landscape 9.5 Maritime case study 9.5.1 Autonomy and data: what it means to the maritime industry 9.5.2 IMO approaching to autonomy 9.5.3 Challenges of autonomy in maritime 9.5.4 The future of autonomous shipping 9.6 Conclusions Appendix: IoT communication protocols References 10 Continued transport modernisation and the implications for security 10.1 The changing environment 10.2 Research themes 10.3 Theme 1: cyber and data solutions can help with physical security issues 10.3.1 Crowd analysis and monitoring/crowd resilience 10.3.2 Prediction for preventative security 10.3.3 Theme 2: securing the decision-making process in autonomous systems 10.4 Theme 3: securing the inputs 10.5 Theme 4: securing the communications 10.6 Theme 5: building trust between the human and the autonomous machine 10.6.1 How do we gain trust in machine intelligence? 10.6.2 Moving forward with assurance and accountability References Appendix 1: Assuring the cybersecurity of rail systems Introduction Formal verification of protocols Cryptographic analysis Considering the future References Index

قیمت نهایی

۴۴٬۰۰۰ تومان