Besides the big world of the Internet that we surf in every day, there is also a set of industrial networks connecting power plants, electrical power grids, pipelines, water supply systems, manufacturing plants, transportation systems, and more. Some of them are indeed connected to the open Internet, while others are air-gapped. Generally called industrial control systems (ICS) and covering multiple industries, there is a subset called supervisory control and data acquisition (SCADA) systems, for example, for dealing with programmable logic controllers (PLCs).

Industrial Control Systems are still a playground for hackers of all kinds, the systems are by no means shielded from the mischief that happens on the open Internet (or even the Dark Web). The ICS systems have been the target of many attacks over the years, including the Stuxnet attack on the Natanz uranium enrichment plants in the late 2000s, the attack on the Colonial pipeline in the US in 2021, the German steel mill blast furnace attack in 2014, and the Brazil power grid attack in 2005. Some of these network-based attacks resulted in severe physical damage of the target infrastructure, while other were held at ransom while services were being denied to legitimate customers or clients. We live in a world where those attacks can and will affect our daily lives.

This 500-page book provides insights into this world of ICS with the perspective of securing the infrastructure and suggesting strategies for doing so. The book is divided into 17 chapters that address various foundational aspects as well as practical approaches for strengthening, analyzing, and understanding ICS, plus an appendix and a set of comprehensive references. The chapters are mostly self-contained essays with color diagrams, tables, and (pseudo-)code snippets, but the references are shared at the end of the book across all chapters, rather than at the end of the chapters.

The first chapter on "Comprehensive Overview of Industrial Control Systems ICS: Evolution, Components, and Security Challenges" gives an overview of the field of ICS, with its terminology, architectures, requirements, impact, and various components that make it distinct from other setups.

The second chapter "SCADA Systems in Industrial Control: Cloud Connectivity, Security Protocols, and Architectural Design" focuses on the SCADA world mentioned earlier. Here the reader will find the specific scenarios for SCADA, learn about (Programmable Logic Controllers) PLCs, RTUs (Remote Terminal Units), and HMIs (Human-Machine Interfaces), and related security contexts.

The third chapter "Understanding Communication and Protocols in ICS: Securing Network Infrastructure and Data Exchange" shifts the interest towards the network communication in ICS and the protocols in use across various industries. Here the reader will learn about ModBus, Distributed Network Protocol (DNP3), EtherCAT, and ProfiNet among others.

The fourth chapter "Exploring Industrial Automation Systems: Security Strategies, Optimization of Control Mechanisms, and AI Integration" looks at automation systems, with the context of sensory setups, various hardware components, and mechanical setups for automation in industry. The automation details are augmented with some angles on integrating Artificial Intelligence into those processes.

The fifth chapter "Mitigating the ICS Attack Surface: Identifying Attack Vectors, Reducing Vulnerabilities, and Security Mapping Techniques" delves deeper into the security aspect, namely the attack surface of ICS. The reader gains insights into what the attack methods are and how they can be mitigated.

The sixth chapter "Network Segmentation in Industrial Operations: Enhancing ICS Security Through Threat Mitigation and DNS Leak Prevention" goes deeper into techniques for mitigation the attack surface by using architectural changes, namely network segmentation.

The seventh chapter "Comprehensive Overview of Field Devices in ICS: Protocol Management, Security Challenges, and Lifecycle Optimization" looks at field devices, such as those using ModBus, explores LabView for analyzing protocols, and considers strategies for protecting ICS.

The eighth chapter "Exploring Supervisory Systems Security Threats: Legacy SCADA Vulnerabilities, Communication Protocols, and System Security Strategies" provides a taxonomy of threats for legacy SCADA systems and their protocols.

The ninth chapter "Assessing Supervisory Systems Security Threats: Mitigating Sectoral Risks, Addressing Insider Threats, and Designing Human-Centric Security Solutions" explores insider threats and well as Advanced Persistent Threats (APTs), one of the more sophisticated threats on the Internet that also impacts ICS. APTs tend to be originated by nation-state actors and are often aimed at critical infrastructures, such as those manages by ICS.

The tenth chapter "Controller Security Threats: Mitigating Advanced Persistent Threats (APTs), Enhancing Authentication, and Securing Control Architectures" goes further in evaluating advanced threat techniques like zero days, such as those used by APTs and mitigating them. Here the reader will learn about filtering techniques and more advanced authentication mechanisms such as MFA.

The eleventh chapter "Building ICS Cyber Resilience: AI and Machine Learning Strategies, System Hygiene Practices, and Secure Smart Grid Frameworks" covers practical solutions for making ICS more resilient. The reader will find out about SIEM, Active Directory, and AI-related defenses.

The twelfth chapter "Strengthening ICS Attack Resiliency: Advanced Incident Response, Threat Intelligence, and Cyber-Physical Systems Monitoring" moves the reader into considering evaluation techniques for the resilient ICS environment that they have, adhering to the NIST cybersecurity frameworks.

The thirteenth chapter "ICS Security Requirements: Cybersecurity Frameworks, Incident Response Strategies, and IoT Device Compliance" continues to address the defense mechanisms for ICS, including perspectives on Internet of Things.

The fourteenth chapter "Static Defense Strategies for ICS: Prioritizing Patch Management, Defense-in-Depth Approaches, and Regulatory Compliance" covers static defense strategies, regulatory compliance (e.g. NERC CIP or HIPAA), and layered security measures for ICS.

The fifthteenth chapter "Intrusion Detection Systems (IDS) in ICS: Supervisory Frameworks, Signature Versus Anomaly-Based Detection, and Architectural Design" covers the classical intrusion detection systems (IDSs), both host and network-based including hybrid variants, plus the intrusion prevention systems that enhance the IDSs into proactive mode rather than pure detection.

The sixteenth chapter "Common Cyberattacks, Cryptographic Key Management, and Host-Based Mitigation Strategies" explores recovery techniques from known attacks and helps the reader to understand the impact of such attacks. There is also information about how Public Key Infrastructure helps in defending against these attacks.

The seventeenth and last chapter "Some Case Studies of Industry Control System" talks about the attacks mentioned earlier in this review, helping the reader understand the impact and outcomes of the various attacks (to the extent that is disclosed publicly) and the lessons learned.

The appendix covers terminology and definitions for ICS and the security context.

Rahman et al. have created this book as a series of chapters or self-contained essays of many aspects of ICS security, covering strategies for defending against increasingly challenging attacks. The book is aimed at security professionals working in the field of ICS, but it is also beneficial to those security researchers and analysts who want to learn how different the ICS and SCADA world is compared the the "regular Internet." While some of the chapters seem to be repetitive at times, it helps the reader focus on the material without having to flip pages too much. I enjoyed reading this book for new insights into a different yet fascinating world.

Sven Dietrich reviews technology and security books for IEEE Cipher. He welcomes your thoughts at spock at ieee dot org.