IEC 62443 Training

The training can be used by both cybersecurity professionals focusing on Information Technology (IT) to gain a deeper understanding of Operational Technology (OT) and also by OT professionals to gain a better understanding of cybersecurity.

About IEC 62443 Series of Standards

IEC 62443 is an internationally recognized family of standards providing a complete framework for assessing various actors involved in OT, also known as Industrial Automation and Control Systems (IACS). Initially designed for Industrial Control Systems (ICS), IEC 62443 is now considered a relevant standard across many industry verticals due to the holistic way in which its requirements are expressed. The series of standards was created in line with this increasing awareness of OT security.

The series of standards are divided into different sections that cover both technical and process-related aspects of OT cybersecurity. Moreover, it divides the topics of cybersecurity based on the responsibilities of various stakeholders, such as operators, service providers, and component/system manufacturers.

The documents included in IEC 62443 standards are split into four levels:

• General concepts;
• Policies & Procedures;
• System level;
• Component level.

Why should you attend?

The IEC 62443 training will allow you to:

• Understand the general concepts of OT cybersecurity;
• Get an understanding of how the IEC 62443 family of standards is organized;
• Deep dive into the requirements of IEC 62443 standards;
• Learn about potential certification schemes based on IEC 62443;
• Explore lessons learned from several case studies.

Intended Audience

The training is designed to address different stakeholders, such as operators, product manufacturers of industrial components and systems, and cybersecurity professionals willing to learn more about OT cybersecurity. The expected audience consists of:

• Cybersecurity professionals;
• IT specialists and administrators;
• OT specialists and engineers;
• Anyone with interest in OT cybersecurity and IEC 62443 standards in particular.

Required Skills & Expertise

The training is designed to explain and deep dive into the contents of the IEC 62443 series of standards. No previous knowledge of IEC 62443 is necessary. Basic knowledge of cybersecurity concepts is preferred to follow the presented concepts smoothly.

Program

The training is designed to cover all the topics presented below in 3 days.

Day 1

Introduction, Definition & General Concepts

• Definitions & Vocabulary
• Statement & challenges of cybersecurity in the OT world
• The scope of cybersecurity in the company / in the projects
• Types of cyberattacks applicable for OT
• IEC 62443 Architecture of the standard
• IEC 62443 Common Concepts
• Overview of IEC 62443: different sub-parts, global structure

Introduction to the Automation world

• Description of IACS layers
• ICS components
• Protocols used in OT

Cybersecurity Organization

• Threats and risks in organization security
• Requirements for an IACS security management system (IEC 62443-2-1)

Life cycle & Risk assessment

• The life cycle of products and IACS (IEC 62443-1-1)
• Zones and conduits: concepts
• Risk assessments / Architecture partitioning (IEC 62443-3-2)

Day 2

Focus on IEC 62443-3-3 & 4-2

• Description of Security Requirements (SR) and Component Requirements (CR)
• Specific requirements for dedicated devices

A detailed review of requirements

• System Security Requirements and security level, IEC 62443-3-3
• Differences between IEC 62443- 3-3 and IEC 62443- 4-2
• Usual Questions
• Pieces of evidence
• Testing aspects

Key security mechanisms

• Authentication, encryption, signature
• Defense-in-depth, least privileges, reduce attack surfaces.
• Security by design, Segmentation,
• Vulnerabilities, pentesting, patch management

Day 3

Focus on IEC 62443-2-4

• Description of Functional areas
• Maturity model

Focus on IEC 62443-4-1

• Description of the security practices (SM, SRs, SD, SI, SVV, DM, SUM, SG)
• A detailed review of requirements
• Questions
• Pieces of evidence
• Audit

Overview of certification under the IECEE scheme

• IECEE organization and its activities
• CBTL & NCB
• IECEE 62443 Certifiable parts
• Templates, certification rules

Use case - Ukraine power grid cyberattack