Cyber Security for Industrial Automation and Industrial Control System (PLC, DCS, SCADA and IED) Course

Course Overview:

This course covers industrial control system (ICS) security, SIEM, DCS and PLC systems. Students will also be introduced to unique factors, threats and weaknesses associated with ICS networks as well as the security frameworks like ISA and NIST.

Important topics include: the network topology design, firewalls, alarm systems and SCADA protective devices. 

Other covered topics include the security system design, implementation modalities, risk management and cyberattack prevention methods. 

This course is meant for engineers, IT practitioners, dedicated security personnel and industrial partners and enables participants in protecting critical infrastructural components and ensuring the safe operation of industrial control systems.

Course Objectives:

Upon the successful completion of this course, participants will be able to:-

• Apply and gain comprehensive knowledge on the security of industrial control systems including SCADA, DCS & PLC and recognize their characteristics, threats, and vulnerabilities
• Identify different ISA security standards and determine industrial control system security program development and deployment
• Emphasize network architecture in industrial control system and list down the recommended firewall rules for specific services
• Determine the various industrial control system security controls including management, operational & technical controls and identify the SCADA vulnerabilities & attacks
• Employ SCADA security methods, mechanisms & techniques and explain SCADA security standards and reference documents
• Acquire knowledge on SCADA security management implementation issues & guidelines and determine the unique characteristics & requirements of SCADA systems
• Analyze the selected ISA technical papers of security issues including the physical protection of critical infrastructures & key assets, critical infrastructure protection, network security in the wireless age, etc.

Who Should Attend?

This course provides an overview of all significant aspects and considerations of cybersecurity of industrial control system (PLC, DCS, SCADA & IED) for a broad audience that includes asset owners from the process, power, and other critical infrastructures, control systems engineers, IT engineers, IT professionals, instrumentations engineers, instrumental & control staff, information and security officers and vendors, as well as security experts from government, industry associations and academia.

Course Outlines:

Overview of Industrial Control Systems

• Overview of SCADA, DCS, and PLCs
• Industrial Control System Operation
• Key Industrial Control System Components
• SCADA Systems
• Distributed Control Systems
• Programmable Logic Controllers
• Industrial Sectors and Their Interdependencies

Industrial Control System Characteristics, Threats & Vulnerabilities

• Comparing Industrial Control System and IT Systems
• Threats Potential Industrial Control System Vulnerabilities
• Risk Factors
• Possible Incident Scenarios
• Sources of Incidents
• Documented Incidents

ISA Security Standards

• ANSI/ISA-TR99.00.01-2004
• ANSI/ISA-TR99.00.02-2004
• ANSI/ISA-TR99.00.01-2007
• ANSI/ISA-TR99.00.02-2007
• ANSI/ISA-TR99.00.03-2007
• ANSI/ISA-TR99.00.04-2007

Industrial Control System Security Program Development and Deployment

• Business Case for Security
• Developing a Comprehensive Security Program

Network Architecture

• Firewalls
• Logically Separated Control Network
• Network Segregation
• Recommended Defense-in-Depth Architecture
• General Firewall Policies for Industrial Control System
• Recommended Firewall Rules for Specific Services
• Network Address Translation (NAT)
• Specific Industrial Control System Firewall Issues
• Single Points of Failure
• Redundancy and Fault Tolerance
• Preventing Man-in-the-Middle Attacks

Industrial Control System Security Controls

• Management Controls
• Operational Controls

Industrial Control System Security Controls

• Technical Controls

SCADA Vulnerabilities & Attacks

• The Myth of SCADA Invulnerability
• SCADA Risk Components
• Managing Risk
• SCADA Threats and Attack Routes
• SCADA Honeynet Project

SCADA Security Methods & Techniques

• SCADA Security Mechanisms
• SCADA Intrusion Detection Systems
• SCADA Audit Logs
• Security Awareness

SCADA Security Standards & Reference Documents

• ISO/IEC 17799:2005 and BS 7799-2:2002
• ISA-TR99.00.01-2004 Security Technologies for Manufacturing and Control Systems
• ISA-TR99.00.02-2004 Integrating Electronic Security into the Manufacturing and Control Systems Environment
• GAO-04-140T Critical Infrastructure Protection, Challenges in Securing Control Systems
• NIST, System Protection Profile for Industrial Control Systems (SPP ICS)
• Federal Information Processing Standards Publication (FIPS Pub) 199, Standards for Security Categorization of Federal Information and Information Systems, February 2004
• Additional Useful NIST Special Publications

SCADA Security Management Implementation Issues & Guidelines

• Management Impressions of SCADA Security
• SCADA Culture
• Unique Characteristics and Requirements of SCADA Systems
• Limitations of Current Technologies
• Guidance for Management in SCADA Security Investment
• NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems

Selected ISA Technical Papers on Security Issues

• The Physical Protection of Critical Infrastructures and Key Assets
• Critical Infrastructure: Control Systems and the Terrorist Threat
• Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems
• The Myths and Facts Behind Cyber Security Risks for Industrial Control Systems
• Network Security in the Wireless Age
• Remote Method Security in a Distributed Processing Architecture Supporting Generic Security Objects
• Current Status of Technical Issues Concerning Cyber Security of Control Systems for Water and Wastewater Industries
• Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
• 21 Steps to improve Cyber Security of SCADA Networks