Industrial control systems (ICSs) are systems comprising computers and devices that may be electrical and/or mechanical in nature. They are widely used to partially or totally control equipment in chemical plants, electric/power/nuclear utilities, water distribution/treatment plants, oil and gas distribution networks, manufacturing, industries, and so on. Supervisory control and data acquisition (SCADA) systems are a subclass of ICSs in which supervision is exercised over multiple, distributed lower-level control systems. The security vulnerabilities in ICSs have been a matter of great concern because public safety could be significantly affected if hackers exploit them. This book on the cyber-security of SCADA and other ICSs has been published in the Springer series “Advances in Information Security.” It has 16 chapters contributed by academics and researchers.

The introductory chapter contains a preview of the book. The rest of the chapters look at a variety of topics. These include components of an ICS that may be connected by wires, which, though very useful, may get damaged by natural or man-made disasters. So it is necessary to look at wireless infrastructure in ICSs. Modern ICSs are often complex; hence, it is essential to consider IT and operational technology in those systems. It is important to understand security threats to ICSs and also the attacks made possible by those threats. Security taxonomies help in understanding the threats and attacks in a beneficial manner. Cyber risk assessment and management is also crucial in the context of ICSs because we must quantify the risks and try to mitigate them.

The chapter on security metrics concentrates on metrics of resilience. Pointers are given for formulating metrics that will be effective. It is important to understand the science, technology, and practice of human perception, comprehension of events, and entities in the defense of ICSs. This is called situational awareness. It is essential to detect intrusions into ICSs. A chapter studies intrusion detection along with a case study. The next chapter focuses on the use of physical measurements for intrusion detection and also includes a case study. Experimental methods are shown to be crucial for control system security research. Despite the existence of decision-support systems and experimentation methods, it is not easy for stakeholders of ICSs to make decisions. Thus, it is necessary to study governance and assessment strategies. Nowadays, it has become requisite to study ways of responding to attacks on ICSs due to the threat of sabotage by rogue nations; a chapter is devoted exclusively to this unusual topic. The concluding chapter looks at the future: IoT (Internet of Things) and security of its control systems. In the future, IoT is going to become predominant in many industrial applications including ICSs, so this explains the need for focusing on the security of IoT.

The book, which contains a few color illustrations, includes contributions from many authors with varying backgrounds. In spite of this, the editors have produced a consistent book. The chapters include many references to the literature, but the book does not have an index. There are very few books in the market on the cyber-security of ICSs [see 1-6], so this book is a welcome addition. It includes contributions from experts; however, it is quite readable even by novices. It can be used for teaching a course on the security of ICSs.