ICS/SCADA Systems Security Training

Learn the best practices for securing SCADA networks and systems. This ICS/SCADA Systems Security Training course teaches you how to defend against both internal and external attackers to provide holistic security for critical industrial automation systems! SCADA controls our nation’s mission critical infrastructure, everything from the power grid to water treatment facilities

ENO Security has joined forces with industry leaders to equip security professionals and control system engineers with the cybersecurity skills they need to defend national critical infrastructure. This ICS/SCADA Systems Security Training Workshop provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The SCADA Systems Security Training course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.

ICS/SCADA Systems Security TrainingDuration: 5 days

  • We can adapt this ICS/SCADA Systems Security Training course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this ICS/SCADA Systems Security Training course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the ICS/SCADA Systems Security Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ICS/SCADA Systems Security course in manner understandable to lay audiences.

The target audience for this ICS/SCADA Systems Security course:

  • SCADA system operators
  • SCADA analysts
  • Control systems engineers
  • ICS and SCADA consultants
  • IT and security professionals with a desire to learn how to protect critical infrastructure

The knowledge and skills that a learner must have before attending this ICS/SCADA Systems Security course are:

  • Understanding of computer hardware and operating systems
  • Basic knowledge of SCADA systems
ICS/SCADA Systems Security Training - OBJECTIVES

Upon completing this ICS/SCADA Systems Security course, learners will be able to meet these objectives:

This ICS/SCADA Systems Security course prepares you to properly secure the SCADA systems used in a variety of industries, including power transmission, oil and gas and water treatment. You’ll build your knowledge and skills needed to successfully pass the CSSA exam, including:

  • SCADA security policy development
  • SCADA security standards and best practices
  • Access control
  • SCADA protocol security issues
  • Securing field communications
  • User authentication and authorization
  • Detecting cyber-attacks on SCADA systems
  • Vulnerability assessment
ICS/SCADA Systems Security Training - COURSE SYLLABUS


  • Introduction to CSSA
  • Industrial Control Systems (ICS)
  • Types of ICS
  • ICS components
  • BPCS & SIS
  • Control system strengths and weaknesses
  • ICS PCN & protocols
  • PCN evolution
  • Modbus / DNP3 / HART
  • Lab: Modbus PLC
  • IT vs. ICS
  • RS-232 and RS-485
  • TASE 2.0 / ICCP
  • CIP
  • FOUNDATION fieldbus
  • Open vs. proprietary protocols
  • HMI applications
  • HMI/OIT implementations
  • OPC and OPC UA
  • Data historians
  • Integration software (ERP/MES)


  • Threat to SCADA
  • SCADA attacks and threats case studies
  • Lab: Attacking the infrastructure
  • SCADA security challenge
  • Security frameworks, strategy, policies
  • Standards, procedures and guidelines
  • SCADA security standards bodies (NIST / ISA / CFATS / NERC CIP)
  • Risk management process
  • Lab: “Theoretical” assessment with CSET
  • SCADA security assessment methodology
  • NESCOR guide to vulnerability assessment
  • Scada/ICS Security Training Workshop


  • Security assessment strategy
  • Pentesting steps
  • Safety and security considerations
  • Information gathering
  • Architecture analysis
  • Host, application and platform fingerprinting
  • DNS and SNMP recon
  • Lab: SNMP recon
  • Host and port scanning
  • Security considerations
  • Scanning tools and techniques
  • Lab: Scanning ICS/SCADA networks
  • Network communications capture and analysis
  • RF signal capture
  • Sniffing network traffic
  • Device functionality analysis
  • Lab: Datasheet analysis
  • Vulnerability identification
  • Common SCADA vulnerabilities
  • Finding vulnerabilities
  • Physical access
  • Vulnerability scanning
  • Server OS testing
  • Patch levels
  • Default and insecure configurations
  • Authentication and remote access
  • Firmware analysis
  • Attacking ICS
  • Attacking standard services (HTTP, FTP)
  • Attacking server OS
  • Lab: Exploiting OS-level vulnerabilities (Shellshock exploit)
  • Attacking ISC Protocols
  • Lab: Capturing and manipulating protocol data
  • Attacking wireless communications
  • Lab: Recovering ZigBee network keys
  • Lab: WEP/WPA2 password cracking


  • Categorization of system controls
  • Physical security & safety
  • Identification, Authentication & Authorization (IA&A)
  • IA&A and access control
  • Remote access security
  • Encryption
  • Logical security
  • Lab: Firewall rule design
  • Monitoring, detection and protection
  • Secure SCADA architecture
  • Lab: Security architecture (group discussion)
  • IDS/IPS (Introduction to Snort)
  • Log monitoring and management
  • Lab: SCADA honeypot (Conpot)
  • Lab: Snort SCADA rules (Quickdraw)
  • Incident response
  • Anti-malware
  • Application whitelisting
  • Patch management
  • Active Directory and group policy
  • Summary of good security practices
ICS/SCADA Systems Security Training Course Wrap-Up

Whether you are looking for general information or have a specific question, we want to help.
Request More Information

    Time frame: