Logo

Industrial Control System and Cyber Security Training Course

Introduction

Industrial Control System and Cyber Security Training Course

Course Objectives

This training course aims to empower professionals to:

• Thoroughly understand the fundamentals of Industrial Control Systems and cyber security
• Demonstrate highly developed practical skillset in eliminating all online threats such as malware, darknets, dark markets, zero-day, exploit kits vulnerabilities, advanced hackers and trackers, and cybercriminals
• Understand the different classes of firewalls that are available and the threats they help eliminate
• Train other professionals on identifying security vulnerabilities within the ICS through vulnerability scanning and network hacking techniques
• Predict and assess risks in the ICS architecture and analyse risk management procedures that can be applied to it
• Thoroughly understand the security standards in ICS networks and ways to impede attacks on the network
• Identify the components of standard ICS/OT security monitoring and incident response programs
• Advanced competency in network segmentation and asset inventory management
• Expertise in remote access controls and vulnerability assessment techniques
• Enhanced understanding of regulatory compliance frameworks and audit preparation
• Skills in incident response planning and cyber-physical attack mitigation
• Proficiency in modern ICS security tools and monitoring technologies

Who Should Attend?

This Industrial Control System and Cyber Security Training Course is designed for:

• IT and ICS cybersecurity professionals that realise the need for collaborative security approaches and are interested in industrial control systems
• End-users, asset owners, integrators, and vendors dealing with the problem of securing ICS
• Electric utility engineers working in electric industry security
• Operators, technicians, and maintenance personnel working at electric utility companies
• Investors and contractors who plan to invest in the electric industry that specialises in creating security standards for ICS
• Anyone who wants to develop competency in industrial control systems and cybersecurity
• Control systems engineers and automation professionals
• Manufacturing and process industry security specialists
• Critical infrastructure protection personnel
• Compliance officers and audit professionals in industrial sectors

Course Outline

Module 1: Overview of ICS

• Meaning
• Roles and Responsibilities
• Types of ICS
• Comprehensive ICS category including control systems, devices, networks, and protocols
• Critical infrastructure applications including power grids, water treatment, and manufacturing
• Classification based on function, scale, and deployment environment
• Distinction between field devices and supervisory control systems

Module 2: Industrial control system functional components

• Control loop
• Distributed Control System
• SCADA
• Programmable logic controller
• Actuator
• Intelligent Electronic Device
• PID controller feedback loops for real-time process adjustment
• RTUs (Remote Terminal Units) for microprocessor-based field data collection
• HMI (Human-Machine Interface) for graphical operator interaction
• Sensors and actuators forming the backbone of ICS operations

Module 3: ICS Network and Industrial Architecture

• Fundamentals of Networks:
• Ethernet, TCP/IP Protocol
• ICS Wireless Systems
• Satellite, Mesh, Wi-Fi, and Bluetooth Systems
• Honeypots
• Firewalls and Gateways
• The OSI 7-Layer Model
• Routers and Firewalls
• Network Data Analysis
• Fieldbus Industrial Protocols
• Backend Industrial Protocols
• ICS Protocol Architectures
• Industrial protocols including MODBUS, DNP3, and EtherNet/IP
• IEC 61850 standard for substation automation and interoperability
• PROFIBUS and MQTT protocols for high-speed automation and data transfer
• Network segmentation and zone-conduit model for cybersecurity

Module 4: Overview of Cybersecurity tools and Cyberattack

• Meaning of cybersecurity
• History of cybersecurity
• Types and motives of cyber attacks
• Cyber attack countermeasures
• Ransomware threats targeting IT systems with OT operational impact
• Nation-state attacks on critical infrastructure and industrial facilities
• ICS-specific malware designed to target industrial control systems
• Cyber-physical attack vectors and their potential consequences

Module 5: Network Security and Database Vulnerabilities

• Meaning of Database
• Types of Databases
• Types of Database Vulnerabilities
• Tools needed to research a database vulnerability of a database
• Historian databases storing operational and process data
• Engineering workstation databases containing system configurations
• SQL injection and database access control vulnerabilities
• Data integrity and availability threats in industrial environments

Module 6: Penetration Testing, Incident Response and, forensics

• Stages of Penetration testing
• Penetration testing tools
• Digital forensics and Digital evidence
• Power of scripting
• Scanning and Vulnerability Enumeration
• ICS-specific penetration testing methodologies and ethical considerations
• Network scanning techniques adapted for industrial environments
• Digital forensics in OT environments and evidence preservation
• Vulnerability assessment tools for industrial control systems

Module 7: Vulnerabilities in ICS Architecture

• Policy and procedure vulnerabilities
• Platform configuration vulnerabilities
• Platform hardware and software vulnerabilities
• Malware Protection Vulnerabilities
• Network Configuration Vulnerabilities
• Network Hardware Vulnerabilities
• Network Perimeter Vulnerabilities
• Legacy system vulnerabilities and patch management challenges
• Remote access vulnerabilities and unauthorized entry points
• Weak authentication and default credential exploitation
• Network perimeter weaknesses and inadequate segmentation

Module 8: ICS and Cybersecurity

• Relevance of Cybersecurity to industrial control systems
• Motivation for attacking the ICS.
• The effect of cyber attacks on the ICS:
• It can cause a change in the Programmable Logic Controllers (PLC),
• It can cause changes in the operating system and application configurations of the ICS.
• It can tamper with safety controls
• Convergence of IT and OT creating expanded attack surfaces
• Safety system manipulation and physical damage potential
• Process disruption and production shutdown consequences
• Data exfiltration and intellectual property theft risks

Module 9: ICS Server Attacks

• How are ICS servers attacked:
• Attacks on ICS Remote Devices
• Firmware Attacks
• HMI server compromise and operator interface manipulation
• Engineering workstation attacks and configuration tampering
• Firmware modification and persistent backdoor installation
• Lateral movement from compromised servers to field devices

Module 10: Assessing and Managing Risk

• Meaning of risk
• Effects of risk on operational security and integrity
• Identification, classification and, ranking of Cybersecurity risks to ICS
• Appropriate measures to mitigate residual risks in the ICS
• Asset inventory and criticality assessment for ICS components
• Threat modeling specific to industrial control system environments
• Risk quantification including operational impact and financial consequences
• Risk treatment strategies and residual risk acceptance criteria

Module 11: Selecting and Implementing Security Controls for ICS

• Meaning of security control
• The relationship between Security controls and risk management
• Categories of security control
• Standards and Security Controls Applied to ICS
• IEC 62443 series standards for industrial cybersecurity
• NERC CIP requirements for electrical utility critical infrastructure
• NIST Cybersecurity Framework adaptation for industrial environments
• ISO 27001/27002 controls customized for ICS environments

Module 12: Cybersecurity best practices for Industrial control systems

• Risk management and cyber security governance
• Physical and Environmental Security
• System monitoring and Hardening
• Malware Protection and Detection
• Periodic Assessments and Edits
• Incident Planning and Resource
• Intrusion Detection
• Patchware Management
• Network Segmentation
• Host security
• Network segmentation using DMZs and secure remote access
• Continuous monitoring and anomaly detection for ICS networks
• Patch management strategies for critical industrial systems
• Backup and recovery procedures for ICS configurations

Module 13: Real-life cases of cyber attacks on ICS System

• Stuxnet worm (Manipulation of centrifuges inside nuclear facilities in Iran)
• BlackEnergy (Ukraine Case Study)
• Zotob PnP worm attack on Daimler Chrysler U.S. car Manufacturing plant in 2005
• Colonial Pipeline ransomware attack and fuel shortage consequences (2021)
• TRITON/TRISIS malware targeting safety instrumented systems
• NotPetya impact on manufacturing and logistics operations
• Industroyer/CrashOverride attacks on Ukrainian power grid
• Lessons learned and defense improvements from historical incidents
• Attribution challenges and geopolitical implications of ICS attacks