The move to using open standards such as Ethernet, TCP/IP, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems. This course provides a detailed look at how the ANSI/ISA99 standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. This course will assist managers, system operators and industrial data communications specialists in setting up secure systems.

Topics covered include: introduction and terminology; electronic security; threat sources; understanding the current industrial security environment; how cyberattacks happen; creating a security program; risk analysis; addressing risk with security policy, organization, and awareness; addressing risk with selected security counter measures; addressing risk with implementation measures; monitoring and improving the CSMS.

If you are using any form of communication system, this course will give you the essential tools in securing and protecting your industrial networks whether they be automation, process control, PLC or SCADA based.

Exercises include:

  • Develop a business case for industrial security
  • Conduct security threat analysis
  • Investigate scanning and protocol analysis tools
  • Apply basic security analysis tools software

ISA Standards to be reviewed:

  • ANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007) - Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts & Models
  • ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)  - Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
  • ANSI/ISA-62443-3-3  - Security for industrial automation and control systems: System security requirements and security levels

This course is required for the ISA99/IEC 62443 Cybersecurity Fundamentals Specialist Certificate Program.

Anyone who will be designing, installing and commissioning, maintaining, securing and troubleshooting industrial networked sites will benefit, including:

  • Design engineers
  • Instrumentation engineers
  • Technicians
         
  • Electrical engineers
  • Network engineers
         
  • Engineering managers
  • Network system administrators


YOU WILL LEARN:

  • The principles behind creating an effective long term program security
  • How to interpret the ANSI/ISA99 industrial security guidelines and apply them to your operation
  • The basics of risk and vulnerability analysis methodologies
  • The principles of security policy development
  • The concepts of defence in depth and zone/conduit models of security
  • Current trends in industrial security incidents and methods hackers use to attack a system
  • The principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls, and virtual private networks

Next intake is scheduled for July 13, 2015.  Limited places available.

Contact us now to obtain course details and fees and to secure your place.

Payment is not required until two weeks before the start of the course.

Course Outline

MODULE 1: INTRODUCTION (PART 1)

  • Overview of basic concepts
  • Concepts of physical, operational and electronic security

MODULE 2: INTRODUCTION (PART 2)

  • Defining Cyber Security
  • Relative to industrial automation
  • Relative to control systems

MODULE 3: TERMINOLOGY, CONCEPTS, MODELS AND METRICS (PART 1)

  • IEC/TS 62443-1-1
  • Terminology

MODULE 4: TERMINOLOGY, CONCEPTS, MODELS AND METRICS (PART 2)

  • Concepts and models:
  • Basis for the ISA99 series of standards
  • Practices
  • Technical reports
  • Current industrial security environment

MODULE 5: NETWORKING BASICS

  • Network Basics
  • Network types
  • ISO/OSI reference models
  • IP addressing and IT versus Industrial Control System differences

MODULE 6: INDUSTRIAL NETWORKING AND NETWORK SECURITY BASICS

  • Investigate and study address security
  • Firewalls
  • Segmentation
  • Encryption
  • Secure protocols
  • Intrusion detection

MODULE 7: ICS SECURITY MANAGEMENT PROGRAM (PART 1)

  • Creating an ICS Security Management Program
  • ISA-62443-2-1
  • How to create a security program for control systems

MODULE 8: ICS SECURITY MANAGEMENT PROGRAM (PART 2)

  • Cyber Security Management System (CSMS)
  • Elements and requirements:
  • Risk Analysis
  • Addressing the risk with CSMS
  • Monitoring and improving the CSMS

MODULE 9: DESIGNING / VALIDATING SECURE SYSTEMS (PART 1)

  • How to apply security levels
  • Security lifecycle
  • Identify risks and significance
  • Qualitative/quantitative risks

MODULE 10: DESIGNING / VALIDATING SECURE SYSTEMS (PART 2)

  • Risk assessments
  • Identifying threats
  • Security level (SL) definitions

MODULE 11: DEVELOPING SECURE PRODUCTS AND SYSTEMS

  • Software Security Assurance (SSA)
  • Control system security layers of responsibility
  • Incorporating security

MODULE 12: CONCLUSION

  • Integration of security at the various phases of the development lifecycle
  • ISA Security Compliance Institute (ICSI)
  • ISASecure Certification

Download Course Brochure

Latest Local News

How can an e-learning course be interactive?

Boredom can be a real danger, however, we use an interactive approach to our e-Learning – with live sessions instead of recordings.  The webinar software allows everyone to interact and involves participants in group work; including hands-on exercises with simulation software and remote laboratories where possible.  You can communicate with text messages, or live VoIP speech, or can even draw on the whiteboard during the sessions.

 

Go to top