Who should attend our control system cybersecurity courses?

The class establishes a high-level understanding of Control System cybersecurity valuable to a wide-range of professionals, whether directly in the field or responsible for compliance.  The class also dives into a great deal of real-world cybersecurity applications and satisfies those who need or want to understand the inner-workings of the systems as well as the programming behind industrial automation.  Therefore, the class is applicable to:

  • Security personnel whose job involves assessing, deploying, or securing control system components, communications and operations
  • Programmers, network and system administrators supporting control systems
  • Process engineers and field technicians
  • Operations and plant management personnel
  • Control System vendor personnel
  • Penetration testers
  • NERC CIP, DHS CFATS and other Auditors who need to build deeper technical skills
  • Cyber emergency response teams

What are some of the topics in the two to five day courses?

  • Introduction to programmable logic controllers, function block diagrams, ladder logic, communications and OLE for process control (OPC) / Human Machine Interface (HMI) programming
  • Surveying your attack surface; Fingerprinting Control System components and communications inside your organization
  • Security Assessments of ICS Devices (PLCs, PACs, RTUs, MTUs, other embedded devices)
  • Sensor and actuator design analysis using the customized control system trainer units
  • Case study review and analysis (e.g. Bellingham Gas Pipeline; BP Texas Refinery; Washington DC Metro; Taum Sauk Dam; Polish Tram System)
  • Reviewing and analyzing CERT and ICS-CERT vulnerability notifications through the establishment of a vulnerability assessment process
  • Kinetic and non-kinetic control analysis using physical and simulated control system scenarios (e.g. small-scale physical programmed models of a robotic arm, pipeline, chemical storage and mixing, traffic lights, heavy rail, and a simulated power grid)
  • AB PCCC, Ethernet/IP, DNP3, IEC Variants, ICCP, Modbus communication protocol analysis
  • Industrial use of wireless (IEEE 802.11, 900 Mhz, GPRS and IEEE 802.15.4/Zigbee) analysis
  • Communication exploit analysis, protocol spoofing and fuzzing
  • OLE for process control attack surface, exploitation and mitigating controls
  • Performing physical-cyber-operational assessments and penetration tests
  • Analyzing and developing Control System oriented Metasploit modules
  • Understanding open source intelligence (OSINT) mechanisms used in control system social engineering operations
  • Secure remote access solutions; Architecture and operations for administrative and operations remote access
  • Integrating and monitoring layered operational, cyber and physical controls

Author Statement

We wrote this class so that people could understand the elements of, ethically hack and proactively defend our control systems.   This course will help the participants figuratively and literally get their hands around the challenges of protecting local and geographically dispersed control environments. 

Participant Requirements

Each team of two participants (a Pod) are provided training kits during the course duration containing all hardware and software necessary for the course: laptop, PLC programming software, HMI software, customizable actuator/sensor training unit, communications network and cabling, external wireless card, teensyduino++, and customized Backtrack platform.

What are the security risks of Control System components, communication protocols and operations?

Whether the Control System is automating an industrial facility or a local amusement park roller coaster, the system was designed to operate in a physically, cyber and operationally secure domain.  This domain extends throughout the facility using a combination of Programmable Logic Controllers, Programmable Automation Controllers, embedded logic controllers, Remote Terminal Units, as well as Human Machine Interfaces interlinked with one or a variety of communication protocols across local and long distance geographic regions.  The risks vary from simple eavesdropping or electronic denial of service to more sophisticated asset misuse and destruction.  To further compound the challenge, today there are not enough professionals with security skills to sufficiently deter, detect and defend active threats against our critical infrastructure's control systems. 

How can we progress from control system security policy development to design, deployment, and assessment?

This course was designed to help organizations struggling with control system cybersecurity by equipping personnel with the skills needed to design, deploy, operate, and assess a control system's cybersecurity architecture.  The course begins by quickly describing the risks and then introducing the participants to a customizable actuator and sensor control system trainer and programmable logic environment.  This automation programming analysis creates the platform to identify logic flaws that combined with active cyber, physical, and operational procedures may lead to increased risk.  The participants then utilize this knowledge to analyze the control system architecture through cyber, physical and operational risks including:

  • Control System component engineered, programmed and firmware logic flaws
  • Wired and wireless communication protocol analysis
  • Physical, cyber and operational procedures
  • Deterrence, detection and response to threats

The participant's knowledge is challenged through non-kinetic and kinetic analysis associated with common industry components using small-scale simulated control system environments such as Traffic Lights, Chemical Storage and Mixing, Pipelines, Robotic Arms, Heavy Rail and Power Grids. 

 

Control System Cybersecurity Course Features

Knowledge elements of the control system cybersecurity course:

  • Learn ladder logic and associated element cyber-physical risks
  • Vulnerability assessments and penetration tests
  • Protective physical, operational and cyber controls
  • Limiting ports and services to only those necessary
  • Situational awareness and response
  • Open source intelligence
  • Communications protocol analysis
  • Sensor, actuator and logic analysis
  • Small-scale kinetic attack and defend scenarios (e.g. heavy rail, power grid, robotics, traffic lights)

Sign Up for our ONLINE
 course with a FREE
MINI KIT $2,995

Take our control system cybersecurity course LIVE and ONSITE at your facility!

An intense two to five day control system cybersecurity course using the CybatiWorks™ Industrial Edition to protect your most critical assets.  The Mini Kit is typically included for the participants to retain.

Request more information.