Search our Site

No

Hands-on Critical Infrastructure and Control System Cybersecurity Course

  • Roadmap and Overview
  • Course Ethics and General Security Awareness
  • Critical Infrastructure Control System Cybersecurity Background
    • – Brief History of Critical Infrastructure and Control Systems
    • – Risk Management (Threats, Vulnerabilities and Exploits)
    • – Laboratory: Training Kit Orientation and Setup
  • Control System Cyber Architecture and Device Programming
    • – Control System Cyber Architecture Components
    • – Programmable Logic Controllers, Ladder Logic, Points and OPC/HMI
    • – Laboratory: Introduction to Programmable Logic Controllers, Logic, Communications and OLE for Process Control (OPC) / Human Machine Interface (HMI) Programming
  • Cyber Asset Vulnerability Assessments
    • – Case Study Review and Analysis (e.g. Bellingham Gas Pipeline; BP Texas Refinery; Washington DC Metro)
    • – ICS-CERT Vulnerability Notification Review and Analysis
    • – Open Source Intelligence (OSINT)
    • – Cyber, Physical and Operational Security Assessments
    • – Cyber Toolsets
    • – Laboratory: PLC Vulnerability Assessments
    • – Laboratory: Analyze and develop control system oriented Metasploit modules
    • – Laboratory: Mock Environment Analysis (e.g. Power Grid, Traffic Lights)
  • Automation Technologies Attack Surface and Mitigations
    • – Programmable Logic Controller Analysis
    • – Mitigating Controls
    • – Laboratory: Blackbox Network Discovery
    • – Analyzing Control System IEDs
    • – Laboratory: Applied Vulnerability Security Analysis
  • OLE for Process Control / Human Machine Interface Attack
    Surface and Mitigations
    • – OPC / HMI Analysis
    • – Mitigating Controls
    • – Laboratory: OPC/HMI Exploit Analysis and Control
  • Communications Attack Surface and Mitigations
    • – General Communications Protocol Analysis
    • – DNP3, IEC Variants, ICCP, Modbus Specific Protocol Analysis
    • – Vulnerabilities and Exploits
    • – Analyzing Wireless in Control Systems
    • – Mitigating Controls
    • – Laboratory: Communications Exploit Analysis and Control
    • – Laboratory: Protocol Spoofing and Fuzzing
    • – Laboratory: Communications Visualization
  • Integrated Defense in Depth Security Controls
    • – Layered Operational, Cyber and Physical Controls
    • – Forensics and attribution in control systems
    • – Performing Physical-Cyber-Operational Assessments and Penetration Tests
    • – Laboratory: Integrated Security Preparedness
    • – Situation Awareness and Incident Response
    • – Laboratory: Live-Fire Simulated Control System Environment Attack and Defend

Who should attend our Critical Infrastructure and Control System cybersecurity course?

The class establishes both a high-level understanding of Control System cybersecurity and deep dive analysis of vulnerabilities, exploits and mitigating controls valuable to a wide-range of professionals, whether directly in the field or responsible for compliance.  The class also dives into a great deal of real-world cybersecurity applications and satisfies those who need or want to understand the inner-workings of the systems as well as the programming behind industrial automation.  Therefore, the class is applicable to:

  • · Security personnel whose job involves assessing, deploying, or securing control system components, communications and operations
  • · Programmers, network and system administrators supporting control systems
  • · Process engineers and field technicians
  • · Operations and plant management personnel
  • · Control System hardware, software and integrator vendor personnel
  • · Penetration testers
  • · NERC CIP, DHS CFATS, IEC 62443 and other Auditors who need to build deeper technical skills
  • · Computer emergency response teams

Participant Requirements

Each team of two participants (a Pod) are provided training kits containing all hardware and software necessary for the course: a laptop, PLC programming software, HMI software, customizable actuator/sensor training unit, communications network and cabling, external wireless card, Teensyduino, customized Kali™ Linux platform (i.e. CybatiWorks-1).  The participant is not required to bring any technology to the class.  The participants may use their own analysis tools. 

What material is covered during the five course days?

  • · Brief history of critical infrastructure and control systems
  • · Control system risk management (Threats, Vulnerabilities and Exploits)
  • · Surveying your attack surface; fingerprinting control system components, performing OSINT and communications analysis inside your organization
  • · Introduction to programmable logic controllers, function block diagrams, ladder logic, points/tags, communications and OLE for process control (OPC) / Human Machine Interface (HMI) programming
  • · Sensor and actuator design analysis using customizable I/O control system trainer units
  • · Performing physical-cyber-operational assessments and penetration tests
  • · Hardware hacking networks, mice, technician PLC/PAC USB cables and more within control systems
  • · Analyze small-scale mock control system environments (i.e. Traffic Light)
  • · AB PCCC, Ethernet/IP, DNP3, IEC Variants, ICCP, Modbus communication protocol overview, analysis and fuzzing
  • · Control system cyber asset and communication protocol exploit analysis and development
  • · Integrating and monitoring layered operational, cyber and physical controls
  • · Simulated control system red team / blue team exercise
Are you an individual interested in learning cyber-physical security NOW? Buy our onDemand CybatiWorks Critical Infrastructure and Control System Cybersecurity course with FREE mini kit for $3,995. Videos are provided by VIMEO and the Mini Kit and course materials will be shipped to you.

How can we help you?

Select your specific interest.
High Schools
High School You are a high school seeking cyber-physical security education.
CU 31
University or College You are a University or College seeking cyber-physical security education and / or physical laboratory equipment.
img instrumentation
Professional You are a professional seeking cyber-physical security education onDemand or onsite at your facility.
Applied Research and Modeling You want to perform cybersecurity research and development for cyber-physical systems.