ICS and SCADA Systems Security Training

Print Friendly, PDF & Email
Introduction:

ICS and SCADA Systems Security Training Course with real World hands-on labs (Online, Onsite and Classroom Live)

From the power grid to water treatment facilities, SCADA controls our nation’s mission critical infrastructure. Our ICS and SCADA Systems Security Training workshop builds your homeland security skills by teaching you how to assess and secure SCADA systems — and you’ll gain hands-on experience on the latest threats via our SCADA Cyber Range.

You’ll learn everything from field-based attacks to automated vulnerability assessments for SCADA networks. The ICS and SCADA Systems Security Training workshop also prepares you to pass the CSSA certification exam and become a Certified SCADA Security Architect.

Related Courses
Customize It
  • If you are familiar with some aspects of ICS and SCADA Systems Security Training, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the ICS and SCADA Systems Security Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ICS and SCADA Systems Security course in manner understandable to lay audiences.
Audience / Target Group

The target audience for this ICS and SCADA Systems Security Training course is defined here:

  • SCADA system operators
  • SCADA analysts
  • Control systems engineers
  • ICS and SCADA consultants
  • IT and security professionals with a desire to learn how to protect critical infrastructure
  • IT and ICS cybersecurity personnel
  • Field support personnel and security operators
  • All individuals who need to understand the ICS and SCADA Protection concepts
  • Electric utility engineers working in electric industry security
ICS and SCADA Systems Security Training - Prerequisites:

The knowledge and skills that a learner must have before attending this ICS and SCADA Systems Security Training course are as follows:

  • Understanding of computer hardware and operating systems
  • Basic knowledge of SCADA systems
ICS and SCADA Systems Security Training - Objectives:

This ICS and SCADA Systems Security Training workshop prepares you to properly secure the SCADA systems used in a variety of industries, including power transmission, oil and gas and water treatment. You’ll build your knowledge and skills needed to successfully pass the CSSA exam, including:

  • Fundamentals of ICS and SCADA
  • Access control
  • SCADA protocol security issues
  • Securing field communications
  • User authentication and authorization
  • ICS/SCADA Vulnerabilities
  • Risk Management Basics
  • Selecting and implementing controls for ICS Security
  • ICS/SCADA Server Security
  • ICS/SCADA Network and Device Security
  • SCADA Security Program Development and Deployment
  • Wireless Security Applied to SCADA
  • Hands ON, Workshops, and Group Activities
  • Sample Workshops and Labs for Industrial Control Systems and SCADA Security
ICS and SCADA Systems Security Training – Course Syllabus:

Fundamentals of ICS and SCADA

  • Industrial Control Systems Overview
  • Global Industrial Cybersecurity Professional (GICSP)
  • Roles and Responsibilities of ICS
  • Real-time Operating Systems
  • Programmable Logic Controllers (PLC)
  • Distributed Control Systems (DCS)
  • Supervisory Control and Data Acquisition (SCADA)
  • Master Servers
  • Industrial Computing Applications and SCADA Systems
  • Communication Protocols
  • Network Design
  • Types of SCADA Networks
  • SCADA Network Operations and Management
  • Communications Media and Signals
  • SCADA  Reliability, Redundancy and Safety
  • Planning and Managing SCADA Projects
  • SCADA Technical Operations
  • SCADA Characteristics, Threats and Vulnerabilities
  • Comparing SCADA and IT Systems
  • SCADA and DCS Comparison
  • Physical Security of SCADA Systems
  • ICS Network Architecture

ICS/SCADA Vulnerabilities

  • ICS Attack Architecture
  • Attacks on Human Machine Interface (HMI)
  • Attacks on User Interfaces
  • Potential SCADA Vulnerabilities
  • Policy and Procedure Vulnerabilities
  • Platform Vulnerabilities
  • Network Vulnerabilities
  • SCADA Network Communication Attacks
  • Risk Factors
  • Standardized Protocols and Technologies
  • Increased Connectivity
  • Insecure and Rogue Connections
  • Public Information
  • Possible Incident Scenarios
  • Sources of Incidents
  • Documented Incidents
  • Web Attacks
  • ICS Server Attacks
  • Attacks on ICS Remote Devices
  • Firmware Attacks

 Risk Management Basics

  • Risk and Industrial Control Systems
  • Threat Identification
  • Vulnerability Management
  • Industrial Consequences of Vulnerabilities
  • Risk Classification
  • ICS Risk Assessment
  • Planning
  • System and Services Acquisition
  • Certification, Accreditation, and Security Assessments
  • Operational Controls
  • Personnel Security
  • Physical and Environmental Protection
  • Contingency Planning
  • Configuration Management
  • Maintenance
  • System and Information Integrity
  • Incident Response
  • Awareness and Training
  • Identification and Authentication
  • Access Control
  • Audit and Accountability
  • Asset Classification
  • System and Communications Protection

 Selecting and Implementing Controls for ICS Security

  • ICS Security Assessment
  • ICS Vulnerability Assessment
  • Configuration Assessment and Auditing
  • Risk Reduction
  • Standards and Security Controls Applied to ICS (NIST, ISA and CPNI)
  • ICS Security Technologies

 ICS/SCADA Server Security

  • Different Server Types Used in ICS
  • Windows Operating Systems in ICS
  • Linux/Unix Operating Systems in ICS
  • Endpoint Protection
  • Automation and Auditing
  • Log Management for ICS Servers

 ICS/SCADA Network and Device Security

  • Fundamentals of Networks
  • Ethernet, TCP/IP Protocol
  • ICS Protocol Architectures
  • Firewalls and Gateways
  • Honeypots
  • ICS Wireless Systems
  • Satellite, Mesh, Wi-Fi, and Bluetooth Systems
  • SCADA Security Network Architecture
  • Firewalls and Logically Separated Control Network
  • Network Segregation
  • Specific SCADA Firewall Issues
  • Data Historians
  • Remote Support Access
  • Multicast Traffic
  • Single Points of Failure
  • Redundancy and Fault Tolerance
  • Preventing Man-in-the-Middle Attacks

 SCADA Security Program Development and Deployment

  • Business Case for Security
  • Potential Consequences
  • Key Components of the Business Case
  • Resources for Building Business Case
  • Presenting the Business Case to Leadership
  • Developing a Comprehensive Security Program

 Wireless Security Applied to SCADA

  • Overview of Current Wireless Technologies
  • 11, 802.15 and 802.16 Technologies
  • Overview of Wireless Security
  • WEP
  • TKIP and the WPA/WPA2
  • IEEE 802.11i
  • Authentication, Encryption, and Integrity Methods
  • Cellular/Mobile Interworking
  • LTE application in SCADA

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Time Frame: 0-3 Months4-12 Months

0