Ressourcen

Videos

Cracking Stuxnet, a 21st Century Cyber Weapon

Stuxnet 60 Minutes

The First Deployed Cyber Weapon in History

Descructive Cyber Weapons

Physical Cyber Attacks and National Security

Cyber Warfare

Critical Penetration

Cyber-physical attack engineering

Stuxnet Attack Code Deep Dive

Cyberwar Threat

Introducing an Operations Technology Security Program

Whitepaper & Artikel

To kill a centrifuge

By Ralph Langner

The Ripe framework

By Ralph Langner

A RIPE implementation of the NIST cyber security framework

By Perry Pederson

The Ripe crosswalk

By Perry Pederson

Bound to Fail

By Ralph Langner and Perry Pederson for the Brookings Institution

Stuxnet’s Secret Twin

Foreign Policy, November 19, 2013
By Ralph Langner

Buch

Robust Control System Networks

From the researcher who was one of the first to identify and analyze the infamous industrial control system malware „Stuxnet,“ comes a book that takes a new, radical approach to making Industrial control systems safe from such cyber attacks: design the controls systems themselves to be „robust.“ Other security experts advocate risk management, implementing more firewalls and carefully managing passwords and access. Not so this book: those measures, while necessary, can still be circumvented. Instead, this book shows in clear, concise detail how a system that has been set up with an eye toward quality design in the first place is much more likely to remain secure and less vulnerable to hacking, sabotage or malicious control. It blends several well-established concepts and methods from control theory, systems theory, cybernetics and quality engineering to create the ideal protected system. The book’s maxim is taken from the famous quality engineer William Edwards Deming, „If I had to reduce my message to management to just a few words, I’d say it all has to do with reducing variation.“ Highlights include: – An overview of the problem of „cyber fragility“ in industrial control systems – How to make an industrial control system „robust,“ including principal design objectives and overall strategic planning – Why using the methods of quality engineering like the Taguchi method, SOP and UML will help to design more „armored“ industrial control systems.

What people say about the book:

„This is the first great, 5-star ICS security book“
(Dale Peterson, Digital Bond)

„Read Robust Control System Networks — it’s brief, concise, well-written, full of compelling anecdotes, and groundbreaking“
(Richard Bejtlich, TaoSecurity)

„Ralph is truly one of the experts in control system cyber security. His work on Stuxnet was superb“
(Joe Weiss, Applied Control Solutions)

„This is the kind of material I can read over and over until the concepts embed in DNA“ (Bryan Owen, OSIsoft)

„A great reference resource that can help people down the HOW path of making control system installations robust — excellent job!“ (Ron Southworth, Scadaperspective)

„A brilliant book“ (Thomas Rid, King’s College London)