SCADA Training Security Overview

Duration: 2 days

Introduction

SCADA Security Training course provides advanced SCADA technical overview of the emerging trends, advanced applications, operations, management and security.

We have Providing SCADA and Automation and Security Training and consulting for over 15 years with 20+ man-years of development experience.

SCADA Security Training course covers all aspects of Industrial Control System (ICS) security for several types of control systems including: Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and Other control system configurations such as skid-mounted  Programmable Logic Controllers (PLC).

SCADA Training Security Overview

Related Courses

After completing this course, attendees will be able to:

  • Explain the basic SCADA operations
  • Explore Advanced SCADA Systems
  • Review telecommunications services related to SCADA
  • SCADA Network Operations and Management
  • Describe SCADA security architecture
  • Describe the security issues with a SCADA system
  • Design a SCADA Security Policy
  • Look at access control to field devices with Microsoft Active Directory
  • Review interception and analyzing Modbus/TCP network traffic with a sniffer
  • Understand unauthorized commands to field device
  • Setup and configure a Modbus/TCP firewall
  • Review SCADA security policies
  • Understand Firewall architecture, DMZ, and rulebases
  • Review SCADA protocol security issues
  • Understand Securing field communications
  • Explore user authentication technologies and integration with SCADA applications
  • Review access control principles and implementation
  • Look at active Directory integration with SCADA applications
  • Explore how to Detect cyber attacks on SCADA systems
  • Explore vulnerability scanning
  • Review security patch management
  • Review anti-virus protection and management
  • Review SCADA security standards

Introduction to SCADA Operations and Security

  • Industrial Computing Applications and SCADA Systems
  • Telecommunications Services
  • Types of SCADA Networks
  • SCADA Network Operations and Management
  • Communications Media and Signals
  • SCADA  Reliability, Redundancy and Safety
  • Planning and Managing SCADA Projects
  • SCADA Technical Operations’
  • SCADA Project Management
  • SCADA Characteristics, Threats and Vulnerabilities
  • Comparing SCADA and IT Systems
  • Threats

 Introduction to SCADA Vulnerabilities

  • Potential SCADA Vulnerabilities
  • Policy and Procedure Vulnerabilities
  • Platform Vulnerabilities
  • Network Vulnerabilities
  • Risk Factors
  • Standardized Protocols and Technologies
  • Increased Connectivity
  • Insecure and Rogue Connections
  • Public Information
  • Possible Incident Scenarios
  • Sources of Incidents
  • Documented Incidents

SCADA Security Program Development and Deployment

  • Business Case for Security
  • Potential Consequences
  • Key Components of the Business Case
  • Resources for Building Business Case
  • Presenting the Business Case to Leadership
  • Developing a Comprehensive Security Program
  • SCADA Security Network Architecture
  • Firewalls
  • Logically Separated Control Network
  • Network Segregation
  • Dual-Homed Computer/Dual Network Interface Cards (NIC)
  • Firewall between Corporate Network and Control Network
  • Firewall and Router between Corporate Network and Control Network
  • Firewall with DMZ between Corporate Network and Control Network
  • Paired Firewalls between Corporate Network and Control Network
  • Network Segregation Summary

Recommended Defense-in-Depth Architecture

  • General Firewall Policies for SCADA
  • Recommended Firewall Rules for Specific Services
  • Domain Name System (DNS)
  • Hypertext Transfer Protocol (HTTP)
  • FTP and Trivial File Transfer Protocol (TFTP)
  • Telnet
  • Simple Mail Transfer Protocol (SMTP)
  • Simple Network Management Protocol (SNMP)
  • Distributed Component Object Model (DCOM)
  • SCADA and Industrial Protocols
  • Network Address Translation (NAT )
  • Specific SCADA Firewall Issues
  • Data Historians
  • Remote Support Access
  • Multicast Traffic
  • Single Points of Failure
  • Redundancy and Fault Tolerance
  • Preventing Man-in-the-Middle Attacks

SCADA Security Controls

  • Management Controls
  • Risk Assessment
  • Planning
  • System and Services Acquisition
  • Certification, Accreditation, and Security Assessments
  • Operational Controls
  • Personnel Security
  • Physical and Environmental Protection
  • Contingency Planning
  • Configuration Management
  • Maintenance
  • System and Information Integrity
  • Media Protection
  • Incident Response
  • Awareness and Training
  • Identification and Authentication
  • Access Control
  • Audit and Accountability
  • System and Communications Protection
  • Programmable Logic Controllers (PLC)
  • Industrial Sectors and Their Interdependencies

Wireless Security Applied to SCADA

  • Overview of Current Wireless Technologies
  • 802.11, 802.15 and 802.16 Technologies
  • Overview of Wireless Security
  • WEP
  • TKIP and the WPA/WPA2
  • IEEE 802.11i
  • Authentication, Encryption, and Integrity Methods
  • Cellular/Mobile Interworking
  • LTE application in SCADA

Your Name*

Company*

Position*

Your Email*

Phone*

Address*

Number of Participants *

Time Frame*

Subject*

Your Message*