Home Company Information Consulting Course Catalog Contact Us Request a Quote Government Corporate
 

SCADA

 
   
Course Name: SCADA Security Challenges and Solutions Training
   
Deployment Options: Onsite - Instructor-Led Training
   
Course Duration: 2-3 days depending on audience background and options
   
Related Courses
 
Introduction:
 
SCADA and other process control networks, generically called SCADA, run the nation?s mission critical infrastructure, everything from the power grid to water treatment, chemical manufacturing to transportation. These networks are at increasing risk due to the move to standard protocols, the Microsoft OS and interconnection to other networks. Learn the skills required to direct and manage the appropriate cyber security protection for your SCADA system.

SCADA and industrial networks operate as vital supporting infrastructure to critical applications and processes. Their secure, safe, continued availability is not negotiable. This short course identifies challenges and defines solutions, so that the operational integrity of these mission-critical networked services can be confidently assured.
 
Audience:
 
The course is suitable for SCADA professionals (managers, planners, support personnel), instrumentation personnel, IT- professionals and SCADA vendors/designers.

Very little is assumed about existing security knowledge, but delegates should have a working understanding of SCADA and industrial networking technologies. For beginners, we recommend our SCADA and Industrial Networks; Fundamentals, Principles and Emerging Trends course prior to this course.
 
Course Objectives:
 

The objective of this course is to familiarize SCADA personnel with the security issues they must be aware of and provide detailed knowledge of security threats and best practice recommendations. Further, it provides students with the tools to assess and mitigate security vulnerabilities -- and appreciate the ways in which IT-oriented security measures will help, and understand where unique-to-SCADA approaches are necessary.

Features of Presentation

Each delegate receives a permanent, comprehensive workbook that is much more than a set of lecture notes. These workbook manuals include:

  • A thorough, descriptive text format, designed to be a highly readable, valuable reference on the job.
  • A textbook style Subject Index and a comprehensive Table of Contents, consistent with enabling effective reference access to content details.
  • This course is presented as a workshop program with a series of workshop tasks focusing on SCADA security analysis and awareness. Delegates will have opportunity to develop concepts and interact with others in creating strategies to support and maintain state-of-the-art industrial network security.
 
Course Outline
 

(i) Introduction

  • Security Challenges are Universal
  • Increased Vulnerability Due To Open Systems Trend
  • Increased Vulnerability From Motivated, Knowledgeable Attackers
  • Some Documented SCADA Security Failure Incidents

(ii) Open Systems Issues Push The Agenda

  • Protocols of the Internet Architecture
  • Ethernet and Other IT-derived Networks
  • Fieldbus Standards
  • IEC Standards
  • Ethernet/IP and CIP
  • Computer Operating Systems; Windows and Unix/Linux

(iii) Points of Vulnerability

  • The IT Infrastructure
  • Leased Infrastructure; Frame Relay and Other Services
  • The Sensor/Fieldbus Networks
  • Wireless LAN Systems
  • Rogue (Undocumented) Dial and Wireless Links
  • Infected/Compromised Portable Equipment
  • Network Management Systems

(iv) SCADA Network Protocols

  • Features Common to Most SCADA Networks
  • The MODBUS Protocol and Lack of Security
  • Demonstration: MODBUS Dialog
  • The DNP3 Protocol and Its Security Limitations
  • The IEC-6xxxx Series of Standards
  • OPC (OLE for Process Control)
  • The Near-Universal Trend to Ethernet-Based Networks
  • Network Management Systems

(v) Encryption

  • Starting With a Secure Physical Environment
  • Traditional Purpose of Assuring Privacy is a Minor Issue
  • Traditional Symmetric Key Cryptography
  • Public Key Cryptography and RSA
  • Protecting Field Networks From Intrusion With Encryption

(vi) Firewalls and Perimeter Security

  • Firewall Design Objectives
  • Survey of Firewall Types
  • Network Address Translation
  • Creating and Populating a SCADA DMZ
  • Field-Level Firewalls in the SCADA Network

(vii) Access Control and Authorization: Managing Users

  • Limitations of User ID's and Passwords
  • Multi-Factor Authentication Methods
  • Microsoft's Active Directory Services
  • RADIUS, TACACS and Diameter Authentication Services

(viii) Intrusion Detection and Prevention

  • NIDS Principles and Features
  • Deployment Scenarios
  • Packet Signature and Traffic Pattern Analysis
  • Strategies For Dealing With The Volumes of Data

(ix) Wireless Security Issues

  • Wireless Technology Offers Compelling Advantages
  • Early Misadventures With Wireless Security
  • TKIP and the WPA/IEEE 802.11i Supplemental Standard
  • Private Point-to-Point Wireless Services
  • Cellular/Mobile Data Networks; Benefits and Risks

(x) The Trend Toward Adopting SCADA Security Standards

  • The traditions of proprietary SCADA solutions and indifference to SCADA security
  • The US NIST initiative with SP 800-82 (Guide to SCADA and Industrial Control Systems Security)
  • The US NIST initiative with SP 800-53 (Recommended Security Controls in Federal Information Systems) in context of FISMA
  • The NERC CIP-series of standards for the North American electrical industry
  • Standards applicable to other industry segments;
  • OAGi initiatives
  • ISA SP99
  • AGA-12
  • European-based International Electrotechnical Commission (IEC) initiatives

(xi) Creating and Documenting A Security Solution

  • Essential Elements of a Secure Environment
  • Promoting User Awareness
  • Elements of an Effective Security Policy
  • Defining a Model for Internet Access
  • 10 Essential Steps to Improving SCADA Security

Appendix

Workshop Exercises

  • Firewall configurations

Lab Projects

  • Modbus protocol, operation and vulnerabilities
  • DNP3 protocol, operation and vulnerabilities
  • Security-related tools; Wireshark, Netstumbler, scanning utilities

General Index

 

For organizational purchases, please send us a message at salesinfo@eno.com or complete and submit this form .

 
Other Expertise: