ICS Cyber Security Overview
Reliable and safe operation of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems are considered critical for a broad range of industries supporting the wellbeing on a national level. The growing convergence of IT and ICS, long-time separated domains, calls for a special attention and adoption of ICS-oriented best practices. That being said, these functionalities can be jeopardised internally by an incentivised individual, or through remote access by a hostile organisation; Hence appropriate preventive measures should be taken to mitigate these breaches and minimize possible damages.
The purpose of the workshop is to educate engineers on cyber risks and defense and educate them on challenges and solutions which are needed for protecting ICS and SCADA systems. Upon completion of this 16 hours workshop the participants will acquire knowledge in the field of industrial systems’ cyber defense measures, understand attack vectors and defense processes and will be better prepared the future challenges.
The actual training will be via the Internet and divided to 8 sessions of 2 hours, including time for Q&A. The training will be structured taking into consideration their basic knowledge and background of participants in the field of IT and ICS. Each session will include ~ 40 slides, total of ~300+ slides will be presented.
Complete Workshop Itinerary
The workshop is designed for 8 Sessions – 16 Academic hours
Live sessions – Mondays and Thursdays – 4pm AEDT
Sessions will be recorded so not essential to attend live sessions
- Introduction ICS (SCADA, OT) architecture
- Typical ICS applications and Benefits
- Control units PLC, RTU, IED, SIS and IIoT
- Principles to ICS design and programming
- Industrial Cyber Kill Chain attack process
- Introduction to the MITTRE ATT&CK process
- Step by step attack process on ICS
- Safety and Cyber Security considerations
- Explaining the Triangle and Purdue Model
- Introduction to ISA 62443 standard
- Introduction on Shodan.io ICS tracker
- Introduction to Cyber security assessment
- Protecting buildings, data centers, etc.
- Conduction Secure Maintenance for ICS
- ICS vs. IT systems cyber risks differences
- Introduction to ICS Security Vulnerabilities
- Introduction to BMS Cyber security risks
- Typical cyber-attacks: MitM, DOS, DDoS, GPS
- Principles of Encryption and Authentication
- Defense in Depth and packet’s inspection for ICS
- Firewalls, IDS, DMZ, UGW, Sensor inspection,
- Coordinated operation with SIEM, SOAR, SOC
- Famous attacks on ICS worldwide
- Introduction to BCP, DRP and IR
- Introduction to ICS Forensic processes
- Best Practices for protecting ICS.
- Principles of Secure development
- Summary and Q&A