Hands-on Critical Infrastructure and Control System Cybersecurity Course

  • Roadmap and Overview
  • Course Ethics and General Security Awareness
  • Critical Infrastructure Control System Cybersecurity Background
    • – Brief History of Critical Infrastructure and Control Systems
    • – Risk Management (Threats, Vulnerabilities and Exploits)
    • – Laboratory: Training Kit Orientation and Setup
  • Control System Cyber Architecture and Device Programming
    • – Control System Cyber Architecture Components
    • – Programmable Logic Controllers, Ladder Logic, Points and OPC/HMI
    • – Laboratory: Introduction to Programmable Logic Controllers, Logic, Communications and OLE for Process Control (OPC) / Human Machine Interface (HMI) Programming
  • Cyber Asset Vulnerability Assessments
    • – Case Study Review and Analysis (e.g. Bellingham Gas Pipeline; BP Texas Refinery; Washington DC Metro)
    • – ICS-CERT Vulnerability Notification Review and Analysis
    • – Open Source Intelligence (OSINT)
    • – Cyber, Physical and Operational Security Assessments
    • – Cyber Toolsets
    • – Laboratory: PLC Vulnerability Assessments
    • – Laboratory: Analyze and develop control system oriented Metasploit modules
    • – Laboratory: Mock Environment Analysis (e.g. Power Grid, Traffic Lights)
  • Automation Technologies Attack Surface and Mitigations
    • – Programmable Logic Controller Analysis
    • – Mitigating Controls
    • – Laboratory: Blackbox Network Discovery
    • – Analyzing Control System IEDs
    • – Laboratory: Applied Vulnerability Security Analysis
  • OLE for Process Control / Human Machine Interface Attack
    Surface and Mitigations
    • – OPC / HMI Analysis
    • – Mitigating Controls
    • – Laboratory: OPC/HMI Exploit Analysis and Control
  • Communications Attack Surface and Mitigations
    • – General Communications Protocol Analysis
    • – DNP3, IEC Variants, ICCP, Modbus Specific Protocol Analysis
    • – Vulnerabilities and Exploits
    • – Analyzing Wireless in Control Systems
    • – Mitigating Controls
    • – Laboratory: Communications Exploit Analysis and Control
    • – Laboratory: Protocol Spoofing and Fuzzing
    • – Laboratory: Communications Visualization
  • Integrated Defense in Depth Security Controls
    • – Layered Operational, Cyber and Physical Controls
    • – Forensics and attribution in control systems
    • – Performing Physical-Cyber-Operational Assessments and Penetration Tests
    • – Laboratory: Integrated Security Preparedness
    • – Situation Awareness and Incident Response
    • – Laboratory: Live-Fire Simulated Control System Environment Attack and Defend

Who should attend our Critical Infrastructure and Control System cybersecurity course?

The class establishes both a high-level understanding of Control System cybersecurity and deep dive analysis of vulnerabilities, exploits and mitigating controls valuable to a wide-range of professionals, whether directly in the field or responsible for compliance.  The class also dives into a great deal of real-world cybersecurity applications and satisfies those who need or want to understand the inner-workings of the systems as well as the programming behind industrial automation.  Therefore, the class is applicable to:

  • · Security personnel whose job involves assessing, deploying, or securing control system components, communications and operations
  • · Programmers, network and system administrators supporting control systems
  • · Process engineers and field technicians
  • · Operations and plant management personnel
  • · Control System hardware, software and integrator vendor personnel
  • · Penetration testers
  • · NERC CIP, DHS CFATS, IEC 62443 and other Auditors who need to build deeper technical skills
  • · Computer emergency response teams

Participant Requirements

Each team of two participants (a Pod) are provided training kits containing all hardware and software necessary for the course: a laptop, PLC programming software, HMI software, customizable actuator/sensor training unit, communications network and cabling, external wireless card, Teensyduino, customized Kali™ Linux platform (i.e. CybatiWorks-1).  The participant is not required to bring any technology to the class.  The participants may use their own analysis tools. 

What material is covered during the five course days?

  • · Brief history of critical infrastructure and control systems
  • · Control system risk management (Threats, Vulnerabilities and Exploits)
  • · Surveying your attack surface; fingerprinting control system components, performing OSINT and communications analysis inside your organization
  • · Introduction to programmable logic controllers, function block diagrams, ladder logic, points/tags, communications and OLE for process control (OPC) / Human Machine Interface (HMI) programming
  • · Sensor and actuator design analysis using customizable I/O control system trainer units
  • · Performing physical-cyber-operational assessments and penetration tests
  • · Hardware hacking networks, mice, technician PLC/PAC USB cables and more within control systems
  • · Analyze small-scale mock control system environments (i.e. Traffic Light)
  • · AB PCCC, Ethernet/IP, DNP3, IEC Variants, ICCP, Modbus communication protocol overview, analysis and fuzzing
  • · Control system cyber asset and communication protocol exploit analysis and development
  • · Integrating and monitoring layered operational, cyber and physical controls
  • · Simulated control system red team / blue team exercise