1st Edition

Countering Cyber Sabotage
Introducing Consequence-Driven, Cyber-Informed Engineering (CCE)

  • Available for pre-order. Item will ship after January 20, 2021
ISBN 9780367491154
January 20, 2021 Forthcoming by CRC Press
314 Pages

USD $120.00

Prices & shipping based on shipping country


Book Description

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. 

Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable.

Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.

Table of Contents


Foreword by Michael J. Assante   xi

Preface   xxi

Author Bio   xxix

Introduction   xxxi

1 Running to Stand Still and Still Falling Behind 1

2 Restoring Trust: Cyber- Informed Engineering 29

3 Beyond Hope and Hygiene: Introducing Consequence-

    Driven Cyber- Informed Engineering 57

4 Pre- engagement Preparation 77

5 Phase 1: Consequence Prioritization 87

6 Phase 2: System- of- Systems Analysis 105

7 Phase 3: Consequence- Based Targeting 123

8 Phase 4: Mitigations and Protections 141

9 CCE Futures: Training, Tools, and What Comes Next 165

Acknowledgments 181

Glossary 185

Appendix A CCE Case Study: Baltavia Substation Power Outage 199

Appendix B CCE Phase Checklists 259

Index 270

View More



Andy Bochman is the Senior Grid Strategist for Idaho National

Laboratory’s National and Homeland Security directorate. In this role, Mr.

Bochman provides strategic guidance on topics at the intersection of grid

security and resilience to INL leadership as well as senior US and international

government and industry leaders.

A frequent speaker, writer, and trainer, Mr. Bochman has provided

analysis on electric grid and energy sector infrastructure security actions,

standards, and gaps to the Department of Energy, Department of Defense,

Federal Energy Regulatory Commission (FERC), North American

Electric Reliability Corporation (NERC), National Institute of Standards

and Technology (NIST), National Association of Regulatory Utility

Commissioners (NARUC), the Electricity Subsector Coordinating Council

(ESCC), and most of the US state utility commissions. Teaming with DOE,

NARUC, USAID, and international partners, he has cyber-trained grid

operators, and is a cybersecurity subject matter expert listed with the US

State Department Speakers Bureau.

Mr. Bochman has testifi ed before the US Senate Energy and Natural

Resources Committee on energy infrastructure cybersecurity issues

and before FERC on the security readiness of smart grid cybersecurity

standards. He has also held recurring conversations on grid security

matters with the Senate Select Committee on Intelligence (SSCI) and the

National Security Council (NSC). Prior to joining INL, he was the Global

Energy & Utilities Security Lead at IBM and a Senior Advisor at the

Chertoff Group in Washington, DC.

Mr. Bochman received a Bachelor of Science degree from the US Air

Force Academy and a Master of Arts degree from the Harvard University

Extension School.


Sarah Freeman is an Industrial Control Systems (ICS) cyber security analyst

at Idaho National Laboratory (INL), where she provides US government

partners and private sector entities with actionable cyber threat

intelligence, developing innovative security solutions for the critical infrastructure

within the US.

At Idaho National Laboratory, Ms. Freeman pursues innovative threat

analysis and cyber defense approaches, most recently Consequencedriven

Cyber-informed Engineering (CCE). As Principle Investigator on a

laboratory discretionary research, her current research is focused on new

signatures and structured methods for cyber adversary characterization.

Following the December 2015 electric grid attacks, Ms. Freeman participated

in the DOE-sponsored training for Ukrainian asset owners in May

2016. She has also researched the Ukrainian 2015 and 2016 cyber-attacks

and the Trisis/Hatman incident.

Ms. Freeman received a Bachelor of Arts from Grinnell College and

a master’s in security and intelligence studies from the University of