更新时间:2021-06-10 18:43:29
coverpage
Title Page
Dedication
About Packt
Why subscribe?
Packt.com
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
A Brave New World
Defining the IoT
Defining cyber-physical systems
Cybersecurity versus IoT security
The IoT of today
An IoT-enabled energy grid
Modernizing the transportation ecosystem
Smart manufacturing
Smart cities spread across the globe
The importance of cross-industry collaboration
The IoT ecosystem
Physical devices and controllers
The hardware
Real-time operating systems
Gateways
IoT integration platforms and solutions
Connectivity
Transport protocols
Network protocols
Data link and physical protocols
IEEE 802.15.4
ZWave
Bluetooth low energy
Cellular communications
Messaging protocols
MQTT
CoAP
XMPP
DDS
AMQP
Data accumulation
Data abstraction
Applications
Collaboration and processing
The IoT of tomorrow
Autonomous systems
Cognitive systems
Summary
Vulnerabilities Attacks and Countermeasures
Primer on threats vulnerability and risks
The classic pillars of information assurance
Threats
Vulnerability
Risks
Primer on attacks and countermeasures
Common IoT attack types
Attack trees
Building an attack tree
Fault (failure) trees and CPS
Fault tree and attack tree differences
Merging fault and attack tree analysis
Example anatomy of a deadly cyber-physical attack
Today's IoT attacks
Attacks
Authentication attacks
Distributed Denial of Service (DDoS)
Application security attacks
Wireless reconnaissance and mapping
Security protocol attacks
Physical security attacks
Lessons learned and systematic approaches
Threat modeling an IoT system
Step 1 – identify the assets
Step 2 – create a system/architecture overview
Step 3 – decompose the IoT system
Step 4 – identify threats
Step 5 – document the threats
Step 6 – rate the threats
Approaches to Secure Development
The Secure Development Life Cycle (SDLC)
Waterfall
Requirements
Design
Implementation
Verification
Spiral
Agile
Security engineering in Agile
DevOps
Handling non-functional requirements
Security
