Industrial Control Systems Security Introduction

Provided by

About the course

This one day introductory course provides valuable insight into the weaknesses and vulnerabilities within common Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) environments. We will discuss infamous and more recent critical infrastructure cyber-attack case studies and the vital lessons learnt. Identify systems that are discoverable and understand suitable countermeasures, threats and ICS technical controls. Audience This course is aimed at operational / engineering teams, IT staff and security practitioners working in public and private sectors who are looking to gain and insight and awareness of the security vulnerability exposure and defensive countermeasures for industrial control systems. Prerequisites There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet. Delegates will learn how to • Control systems – closed loop systems • ICS logic systems – relay, ladder, programmable systems • ICS security • Control system vulnerabilities and weaknesses • ICS technical security controls • Discoverable systems - countermeasures • Governance and standards Outline Module 1 – Introduction to ICS and SCADA Introduce concepts and function of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) • Control systems • Closed loop systems • ICS • Relay logic • Programmable logic controllers • PLC Programming • Sequential function charts • Ladder logic • ICS Network protocols • SCADA • ICS Security Module 2 – Introduction to Industrial Control Systems Security • When control systems go wrong • Critical national infrastructure (CNI) • Centre for the protection of national infrastructure (CPNI) • Vulnerable systems • Case study – STUXNET, Black Energy • Not all ICS systems are designed with security in mind • ICS common vulnerabilities • Visible & discoverable ICS systems • Risk management • Defence in depth modified Purdue Model • Typical ICS technical security controls • Governance regulations • Security standards

Related article

A concerning chuck of National Health Service trusts in England and Wales lack sufficient in-house cyber security expertise, new research has revea...