Cybersecurity for Automation, Control, and SCADA Systems

The Training Course

The move to using open standards such as Ethernet, TCP/IP, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. This course provides a detailed look at how the ANSI/ISA99 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. This workshop will assist managers, system operators and industrial data communications specialists in setting up secure systems.

Topics covered include: introduction and terminology; electronic security; threat sources; understanding the current industrial security environment; how cyberattacks happen; creating a security program; risk analysis; addressing risk with security policy, organization, and awareness; addressing risk with selected security counter measures; addressing risk with implementation measures; monitoring and improving the CSMS.

WHAT IS INCLUDED?

  • Receive a certificate of attendance in support of your continuing professional commitment
  • All workshops include the associated hardcopy technical manual
  • Printed workshop handouts
  • Lunch and refreshments
  • Interact and network with workshop attendees and experienced instructors
  • Practical, industry driven content to assist you in your continuing professional development (CPD)
  • Attendees automatically become IDC subscribers and receive exclusive deals and technical content every month

WHO SHOULD ATTEND?

If you are using any form of communication system this workshop will give you the essential tools in securing and protecting your industrial networks whether they be automation, process control, PLC or SCADA based. Anyone who will be designing, installing and commissioning, maintaining, securing and  troubleshooting industrial networked sites will benefit including:

  • Design engineers
  • Electrical engineers
  • Engineering managers
  • Instrumentation engineers
  • Network engineers
  • Network system administrators
  • Technicians

CONTENT SUMMARY

REGISTRATION & INTRODUCTION

  • Background to workshop
  • Overview of basic concepts
  • Concepts of physical, operational, and electronic security
  • Defining Cyber Security relating to industrial automation and control systems

TERMINOLOGY, CONCEPTS, MODELS AND METRICS

  • Discuss IEC/TS 62443-1-1
  • Terminology
  • Concepts and models
  • Understanding the current Industrial Security Environment orporate policies

SECURITY BASICS

  • Networking Basics Part 1
  • Networking Basics Part 2
  • Industrial Networking
  • Network Security Basics
  • Network types
  • ISO/OSI reference models
  • IP addressing
  • IT vs. Industrial Control System differences
  • Address security
  • Firewalls
  • Segmentation
  • Encryption
  • Secure protocols
  • Intrusion detection

SECURITY MANAGEMENT PROGRAM

  • Creating an ICS Security Management Program
  • ISA-62443-2-1
  • How to create a security program for control systems
  • “Cyber Security Management System” (CSMS)
  • Elements and requirements:
  • Risk Analysis
  • Addressing the Risk with CSMS
  • Monitoring and Improving the CSMS

DESIGNING / VALIDATING SECURE SYSTEMS

  • Understand how to apply security levels
  • Security Lifecycle
  • Identify risks and significance
  • Study Qualitative/Quantitative risks
  • Risk assessments
  • Identifying threats
  • Security Level (SL) definitions

DEVELOPING SECURE PRODUCTS AND SYSTEMS

  • Software Security Assurance (SSA)
  • Control System Security Layers of Responsibility
  • Incorporating security
  • Integration of security at the various phases of the development lifecycle
  • ISA Security Compliance Institute (ICSI)
  • ISA Secure Certification

Book Now

 

 

This course is available fully online by our sister organization the Engineering Institute of Technology (EIT).

CLICK HERE for more information.