IC32E – Using the ISA/IEC 62443 Standard to Secure Your Control Systems (May 2020 Online)

///IC32E – Using the ISA/IEC 62443 Standard to Secure Your Control Systems (May 2020 Online)
Loading Events

IC32E – Using the ISA/IEC 62443 Standard to Secure Your Control Systems (May 2020 Online)

May 18, 2020 - July 17, 2020

 

Length : 8 Weeks

CEU Credits : 2.1

Course Hours : Online Course - Refer to Syllabus

Dates:

May 18 – July 17

Use code HOUS2020 when registering for $200 off!

Description

A detailed look at how the ISA/IEC 62443 (formerly ISA99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. The course explores the move to using open standards such as Ethernet, TCP/IP, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems.

You will be able to:

  • Discuss the need an importance for control system security
  • Learn about current principles and best practices
  • Understand the structure and content of the ISA99/IEC 62443series of documents
  • Discuss the principles behind creating an effective long-term program security
  • Learn the basics of risk analysis, industrial networking, and network security
  • Understand the concepts of defense-in-depth and zones and conduits
  • Learn how to apply key risk mitigation techniques such as anti-virus, patch management, firewalls, and virtual private networks
  • Learn how secure software development strategies can make systems inherently more secure
  • Learn what is being done to validate or verify the security of systems

 

You will cover:

Each course module has been pre-recorded by your instructor so that you can access on your schedule. Each module is a web/audio session that takes approximately 60 minutes.

Module 1/Week 1: Using the ISA/IEC 62443 Standards to Secure Your Control Systems

Provides a basic introduction to control system cybersecurity and the ISA/IEC 62443 standards. Discussion of trends, regulations, industry standards and best practices, common myths, the ISA99 committee, and the structure of the ISA 62443 standard. Topics include: Self-assessment of your Control Systems Security knowledge, Trends in control system cybersecurity, Potential impacts, Five common myths regarding IACS Security, Regulations and Standards, ISA99 committee work.

Module 2/Week 2: Terminology, Concepts, Models and Metrics

Covers the material in ISA 62443-1-1 (published as ISA-99.00.01:2007) that forms the basis for the ISA 62443 series of standards. Topics include: Difference between IT and IACS, Security Objectives, Defense-in-Depth, Risk Assessment, Policies, Zones & Conduits, Security Levels and the Security Lifecycle Models.

Module 3/Week 3: Industrial Networking Basics L1-L3

Provides a basic introduction to networking with a focus on the application of Ethernet in the industrial environment. Topics include: Types of networks, OSI reference model, Network Devices, Network Protocols, Network Tools built into Operating Systems

Module 4/Week 3: Industrial Networking Basics L4-L7

Builds on the previous module and covers networking with a focus on the upper layers of the OSI reference model, problems with the OSI model, network discovery, and security auditing tools in the industrial environment. Topics include: Encapsulating data, OSI reference model, Network Devices, Network Protocols.

Module 5/Week 4: Network Security Basics 101

Provides a basic introduction to network security. Topics include: Why address security? Security Appliances, Firewalls, Network Segmentation Architectures, Encryption, Monitoring Network Traffic, Secure Protocols and Intrusion Detection.

Module 6/Week 4: Industrial Protocols

Covers, at a high level, the structure and application of common industrial protocols such as MODBUS, PROFIBUS, OPC, and CIP (Ethernet/IP). Topics include: What is a protocol? Multitude of Industrial Protocols, Ports in use

Module 7/Week 5: Establishing an Industrial Automation and Control Systems Security Program

Covers the material in ISA 62443-2-1 (published as ISA-99.02.01:2009) that specifies the elements and requirements of an IACS Cyber Security Management System (CSMS). Topics include: Six top-level activities, Common pitfalls, Risk Analysis, Security Policy, Organization and Awareness, Personnel security, Physical & Environmental Security, Network Segmentation, Access Control, Change Management, Patch and Anti-virus management, Information management, Incident Response and Disaster Recovery Planning, Compliance Monitoring, and Program Maintenance.

Module 8/Week 6: Security Risk Assessment and System Design

Covers Security Level definitions and Foundational Requirements that establish a basis for the requirements in scoping an IACS assessment, establishing zones & conduits, analyzing the security risk for each zone, assigning a security level target to each zone, and verifying the design satisfies the security level target. Topics include: Definitions, Risk Equation, Cyber Risk Reduction Factor, Basic Security analysis tools, Identifications of Zones and Conduits.

Module 9/Week 7: Intro to the IACS Cybersecurity Lifecycle

Short jaunt into the Assess, Develop & Implement, and Maintain phases of the IACS Cybersecurity Lifecycle. These phases are covered more in-depth in ISA’s IC33, IC34, & IC37 courses. Topics include: Cybersecurity Lifecycle diagram, Phases, Continuous processes.

Module 10/Week 7: Security Program Requirements for IACS Service Providers

Creating a secure product out of the box is only a small piece of the security puzzle. Asset Owners, Integrators, and Suppliers all have a role. This module covers how IEC 62443-2-4 specifies requirements IACS service providers can offer to the asset owner during integration and maintenance activities of an Automation Solution. Topics include: IACS Patching, Asset Owner Requirements, Product Supplier/Service Provider Requirements, Malicious Code Protection.

Module 11/Week 8: Developing Secure Products and Systems

Overview of component tier Product Development Requirements and Technical Security Requirements for IACS that are Product supplier centric. Topics include: Component tier standards ISA-62443-4-1 & ISA-62443-4-2, Primary & Secondary goals, ISA 62443 relationships, ISA Security Compliance Institute (ISCI), ISASecure™.

Module 12/Week 8: Evolving Security Standards and Practices

Standards are voluntary documents unless there is a requirement to use them. In this module, we look at the continuously evolving industrial security regulatory landscape. The only constant is change! Topics include: Normative and Informative elements, NIST Cybersecurity Framework, ISA-62443-2-1 requirement to monitor and evaluate applicable legislation relevant to cybersecurity, Standards Development Organizations (SDOs).

Course Resources (included with registration):

Features of ISA CyberU online course:

Online Pre-recorded Course Modules

Your instructor has pre-recorded each course module so that you can access the course presentations on your schedule. Each module is a web/audio session that takes approximately 20-60 minutes.

Ask the Expert

Interact with your expert instructor via email throughout the course and through scheduled live Q&A sessions. You can expect a reply to your email within 24 hours. This email address is active during the entire course duration.

The Q&A sessions provide an opportunity for you and your classmates to speak one-on-one with the instructor. You will have an opportunity to ask any questions you may have about the course material and interact with your fellow classmates.

Class Discussions

You will be invited to subscribe to a course listserv that includes course participants. You can use this listserv to post questions and share experience relevant to the course with other class members.

Course Assignments and Exams

  • Take the course pre-test before you begin studying the course material to get a better understanding of areas that you will want to focus on more during the course.
  • Homework assignments for all modules will be indicated on the syllabus. The homework assignments are designed to help expand your understanding of the course material.
  • Complete the final exam for the course in order to receive Continuing Education Units (CEU) credit. The final exam will be taken and scored online. You must receive at least 80% on the course exam to receive CEU credit and certificate of completion. (Note: this exam is not the ISA/IEC 62443 Cybersecurity Fundamentals Specialist Certificate Exam)

To Register : https://www.isa.org/events-conferences/events-calendar/event-details/?productId=67080456

Register

Organizer

Magda Moreno

Phone

N/A

Email

magda.moreno.v@outlook.com

Venue

AE Solutions

10375 Richmond Avenue, Suite 800 Houston, TX 77042 United States,

Houston , TX - 77042

United States. + Google Map