|Participant stepping through a hands-on laboratory exercise with the CybatiWorksTM Traffic Light Mini Kit||
CYBATI in collaboration with the Ohio State University is hosting a 3-day training event November 7 - 9, 2018. The 3-day training event offers CYBATI's Critical Infrastructure and Control System Cybersecurity course with retained CybatiWorksTM Mini Kit in a compressed format. More information is available below about each event and to register.
The power grid model gives an educator or student a device that closely emulates a smart AC power grid that is safely designed to protect the user from harm and allow investigation of scaled down power grid components. DC from a computer port is used to represent fuels. The sum of DC currents created from these DC voltages are used to produce an infrared beam that is connected to circuits producing an AC voltage proportional to the total energy input. A power amplifier is then used to produce the AC power required to drive a smart distribution grid. A transformer is used to step up the voltage that is transmitted over wires with resistance added to emulate a long distance. Another transformer is used to return the voltage to the required value for consumer consumption on the receiving end of the high voltage line. For safety purposes, the actual voltages are reduced by 100 times. To reduce the size of transformers required the AC frequency is increased by 10 times. Miniature houses with internal loads are switched on and off to emulate the consumption of the AC power after transmission. Software emulates power grid control operations using industrial protocols that would be present in the power plant generating the voltages being transmitted. A custom PCB coupler connects the power grid model to the Raspberry PI for remote monitoring and control by the CybatiWorks education and research platform.
The Power Grid Mini Kit comes with Raspberry PI, PCB Connector, Cabling, Software, the CybatiWorks digital living textbook and the Power Grid PCB. The Power Grid Mini Kit is only available as an add-on item to the full training session.
The CybatiWorksTM Critical Infrastructure and Control System Cybersecurity course by course author Matthew Luallen will be hosted in a compressed 3-day format at The Ohio State University Union. The three days will allow us to cover the critical details of defending critical control systems using the CybatiWorksTM Mini Kit.
What will you receive?
- The CybatiWorksTM Traffic Light Mini Kit
- 3 days of hands-on, instructor led control system cybersecurity training
Where is it?
The 3-day training event will be hosted at The Ohio State University Union from November 7 - 9, 2018 from 8:30am until 5:00pm. Morning and afternoon pastries and refreshments will be provided. A block of hotel rooms has been reserved at The Blackwell. After event registration you will receive more information about how to use our negotiated rate.
What do you need to bring?
A laptop with at least an I3 processor, 4 GB of RAM, 50 GB of free storage space and 1 USB port with the latest version of VM Workstation Player or Fusion.
The full Critical Infrastructure and Control System Cybersecurity Course Overview
- Roadmap and Overview
- Course Ethics and General Security Awareness
- Critical Infrastructure Control System Cybersecurity Background
- Brief History of Critical Infrastructure and Control Systems
- Risk Management (Threats, Vulnerabilities and Exploits)
- Laboratory: Training Kit Orientation and Setup
- Control System Cyber Architecture and Device Programming
- Control System Cyber Architecture Components
- Programmable Logic Controllers, Ladder Logic, Points and OPC/HMI
- Laboratory: Introduction to Programmable Logic Controllers, Logic, Communications and OLE for Process Control (OPC) / Human Machine Interface (HMI) Programming
- Cyber Asset Vulnerability Assessments
- Case Study Review and Analysis (e.g. Bellingham Gas Pipeline; BP Texas Refinery; Washington DC Metro)
- ICS-CERT Vulnerability Notification Review and Analysis
- Open Source Intelligence (OSINT)
- Cyber, Physical and Operational Security Assessments
- Cyber Toolsets
- Laboratory: PLC Vulnerability Assessments
- Laboratory: Analyze and develop control system oriented Metasploit modules
- Laboratory: Mock Environment Analysis (e.g. Power Grid, Traffic Lights)
- Automation Technologies Attack Surface and Mitigations
- Programmable Logic Controller Analysis
- Mitigating Controls
- Laboratory: Blackbox Network Discovery
- Analyzing Control System IEDs
- Laboratory: Applied Vulnerability Security Analysis
- OLE for Process Control / Human Machine Interface Attack
Surface and Mitigations
- OPC / HMI Analysis
- Mitigating Controls
- Laboratory: OPC/HMI Exploit Analysis and Control
- Communications Attack Surface and Mitigations
- General Communications Protocol Analysis
- DNP3, IEC Variants, ICCP, AB PCCC, S7, Modbus Specific Protocol Analysis
- Vulnerabilities and Exploits
- Analyzing Wireless in Control Systems
- Mitigating Controls
- Laboratory: Communications Exploit Analysis and Control
- Laboratory: Protocol Spoofing and Fuzzing
- Laboratory: Communications Visualization
- Integrated Defense in Depth Security Controls
- Layered Operational, Cyber and Physical Controls
- Forensics and attribution in control systems
- Performing Physical-Cyber-Operational Assessments and Penetration Tests
- Laboratory: Integrated Security Preparedness
- Situation Awareness and Incident Response
- Laboratory: Live-Fire Simulated Control System Environment Attack and Defend