Industrial Control Systems (ICS) Security Training
Industrial Control Systems (ICS) form the backbone of everyday life, underpinning everything from critical infrastructure to building automation. This course is given by Secura ICS Security Experts and has been designed to provide attendees with insight into the ICS security landscape in order to equip them to assess and defend industrial systems.
Register your interest for this 2-day training course
Do you want to know what to expect? Watch our webinar Assessing & Protecting critical infrastructure of November 2018. This free webinar will give you a basic understanding of the ICS SCADA landscape and relevant standards related to critical infrastructure. During the 2-day training course we will dive deeper into the ICS threats with real-world examples or lab demonstrations so you go home with a very concrete insight into what the ins and outs of ICS cyber security look like in the real world.
Learn from the expert! Jos Wetzels is independent security researcher in embedded systems security. He previously worked as a researcher at the Distributed and Embedded Security group (DIES) at the University of Twente (UT) where he e.g. developed exploit mitigation solutions for constrained Industrial Control Systems (ICS) used in critical infrastructure.
Required skills & expertise
This course has been designed to benefit everyone from management requiring a high-level overview of the complexities of this challenging domain to seasoned control system engineers and IT & OT security personnel. Basic understanding of common computing & networking technologies and fundamental security principles and concepts (CIA triad, access control, firewalls, etc.) is recommended.
The program is divided into four modules, which are given in a two-day course. Each module consists of a theoretical part and practical illustration.
- Module 1: Introduction to ICS
The program starts with a walkthrough of ICS fundamentals: Industrial processes, control theory and plant organization basics, ICS architectures, equipment and protocols. Participants will be shown how controller logic is created, a PLC is programmed and how a simple control loop operates in a lab setting.
- Module 2: Threat Landscape & Attack Surface
After a brief overview of the history of ICS security, we will delve into the ICS threat landscape and take a look at attacker motives as well as capability and impact factors in order to properly assess risk. Next, we will explore the vast attack surface of industrial control systems: from breaching perimeters to lateral movement and pivoting across network segments in order to impact the process through exploitation of industrial protocol insecurities and compromising workstations, databases, controllers and field devices. This discussion will be richly illustrated by examples and lab demonstrations of vulnerabilities affecting widely deployed ICS equipment as well as case studies of real-world attacks.
- Module 3: Threat Modelling, Cyber-Physical Attack & Impact Analysis
If you want to defend against attackers, you’ll have to think like them. In this module we will use threat modelling in order to learn to look at an ICS through an attacker’s eyes. Whether the concern is targeted industrial espionage or destructive cyber-physical attacks, we will walk attendees through the complexities of attacker activities like process comprehension and damage scenario design in order to properly analyze potential incident impact and required attacker capabilities. The theoretical contents of this module will be accompanied by an interactive threat modelling session as well as a discussion of the actual and potential cyber-physical damage scenarios behind the Stuxnet and TRITON attacks.
- Module 4: Standards & Security Controls
Finally, attendees will learn how to navigate standards like IEC 62443 and how to integrate the perspectives and knowledge gained during this course into the application of effective security controls and risk management strategies.
- Gain a basic understanding of ICS fundamentals: industrial processes, architectures, equipment and protocols
- Learn about ICS threats, relevant attack surfaces, common vulnerabilities and the required attacker capabilities to exploit them
- Become familiar with the root causes behind several high-profile real-world ICS incidents and learn from the security failures enabling them
- Learn how to apply threat modelling & impact analysis to ICS environments
- Learn how to navigate applicable standards and apply effective security controls