Length : 8 Weeks
CEU Credits : 2.1
Course Hours : Online Course - Refer to Syllabus
May 18 – July 17
Use code HOUS2020 when registering for $200 off!
A detailed look at how the ISA/IEC 62443 (formerly ISA99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. The course explores the move to using open standards such as Ethernet, TCP/IP, and web technologies in SCADA and process control networks that has begun to expose these systems to the same cyberattacks that have wreaked so much havoc on corporate information systems.
You will be able to:
- Discuss the need an importance for control system security
- Learn about current principles and best practices
- Understand the structure and content of the ISA99/IEC 62443series of documents
- Discuss the principles behind creating an effective long-term program security
- Learn the basics of risk analysis, industrial networking, and network security
- Understand the concepts of defense-in-depth and zones and conduits
- Learn how to apply key risk mitigation techniques such as anti-virus, patch management, firewalls, and virtual private networks
- Learn how secure software development strategies can make systems inherently more secure
- Learn what is being done to validate or verify the security of systems
You will cover:
Each course module has been pre-recorded by your instructor so that you can access on your schedule. Each module is a web/audio session that takes approximately 60 minutes.
Module 1/Week 1: Using the ISA/IEC 62443 Standards to Secure Your Control Systems
Provides a basic introduction to control system cybersecurity and the ISA/IEC 62443 standards. Discussion of trends, regulations, industry standards and best practices, common myths, the ISA99 committee, and the structure of the ISA 62443 standard. Topics include: Self-assessment of your Control Systems Security knowledge, Trends in control system cybersecurity, Potential impacts, Five common myths regarding IACS Security, Regulations and Standards, ISA99 committee work.
Module 2/Week 2: Terminology, Concepts, Models and Metrics
Covers the material in ISA 62443-1-1 (published as ISA-99.00.01:2007) that forms the basis for the ISA 62443 series of standards. Topics include: Difference between IT and IACS, Security Objectives, Defense-in-Depth, Risk Assessment, Policies, Zones & Conduits, Security Levels and the Security Lifecycle Models.
Module 3/Week 3: Industrial Networking Basics L1-L3
Provides a basic introduction to networking with a focus on the application of Ethernet in the industrial environment. Topics include: Types of networks, OSI reference model, Network Devices, Network Protocols, Network Tools built into Operating Systems
Module 4/Week 3: Industrial Networking Basics L4-L7
Builds on the previous module and covers networking with a focus on the upper layers of the OSI reference model, problems with the OSI model, network discovery, and security auditing tools in the industrial environment. Topics include: Encapsulating data, OSI reference model, Network Devices, Network Protocols.
Module 5/Week 4: Network Security Basics 101
Provides a basic introduction to network security. Topics include: Why address security? Security Appliances, Firewalls, Network Segmentation Architectures, Encryption, Monitoring Network Traffic, Secure Protocols and Intrusion Detection.
Module 6/Week 4: Industrial Protocols
Covers, at a high level, the structure and application of common industrial protocols such as MODBUS, PROFIBUS, OPC, and CIP (Ethernet/IP). Topics include: What is a protocol? Multitude of Industrial Protocols, Ports in use
Module 7/Week 5: Establishing an Industrial Automation and Control Systems Security Program
Covers the material in ISA 62443-2-1 (published as ISA-99.02.01:2009) that specifies the elements and requirements of an IACS Cyber Security Management System (CSMS). Topics include: Six top-level activities, Common pitfalls, Risk Analysis, Security Policy, Organization and Awareness, Personnel security, Physical & Environmental Security, Network Segmentation, Access Control, Change Management, Patch and Anti-virus management, Information management, Incident Response and Disaster Recovery Planning, Compliance Monitoring, and Program Maintenance.
Module 8/Week 6: Security Risk Assessment and System Design
Covers Security Level definitions and Foundational Requirements that establish a basis for the requirements in scoping an IACS assessment, establishing zones & conduits, analyzing the security risk for each zone, assigning a security level target to each zone, and verifying the design satisfies the security level target. Topics include: Definitions, Risk Equation, Cyber Risk Reduction Factor, Basic Security analysis tools, Identifications of Zones and Conduits.
Module 9/Week 7: Intro to the IACS Cybersecurity Lifecycle
Short jaunt into the Assess, Develop & Implement, and Maintain phases of the IACS Cybersecurity Lifecycle. These phases are covered more in-depth in ISA’s IC33, IC34, & IC37 courses. Topics include: Cybersecurity Lifecycle diagram, Phases, Continuous processes.
Module 10/Week 7: Security Program Requirements for IACS Service Providers
Creating a secure product out of the box is only a small piece of the security puzzle. Asset Owners, Integrators, and Suppliers all have a role. This module covers how IEC 62443-2-4 specifies requirements IACS service providers can offer to the asset owner during integration and maintenance activities of an Automation Solution. Topics include: IACS Patching, Asset Owner Requirements, Product Supplier/Service Provider Requirements, Malicious Code Protection.
Module 11/Week 8: Developing Secure Products and Systems
Overview of component tier Product Development Requirements and Technical Security Requirements for IACS that are Product supplier centric. Topics include: Component tier standards ISA-62443-4-1 & ISA-62443-4-2, Primary & Secondary goals, ISA 62443 relationships, ISA Security Compliance Institute (ISCI), ISASecure™.
Module 12/Week 8: Evolving Security Standards and Practices
Standards are voluntary documents unless there is a requirement to use them. In this module, we look at the continuously evolving industrial security regulatory landscape. The only constant is change! Topics include: Normative and Informative elements, NIST Cybersecurity Framework, ISA-62443-2-1 requirement to monitor and evaluate applicable legislation relevant to cybersecurity, Standards Development Organizations (SDOs).
Course Resources (included with registration):
- IC32E v2.0 Course Syllabus
- IC32E v2.0 Noteset Volume I with sections on Course Presentation slides from course modules, Instructional Surveys/Answers, and Additional Resources
- IC32E v2.0 Noteset Volume II with the following three publications:
- ANSI/ISA-62443-1-1 (99.00.01)-2007 – Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts & Models
- ANSI/ISA-62443-2-1 (99.02.01)-2009 – Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
- ANSI/ISA-62443-3-3 (99.03.03)-2013 – Security for Industrial Automation and Control Systems Part 3-3: System Security Requirements and Security Levels
- ISA Textbook: Industrial Automation and Control System Security Principles: Protecting the Critical Infrastructure, Second Edition by Ronald L. Krutz
Features of ISA CyberU online course:
Online Pre-recorded Course Modules
Your instructor has pre-recorded each course module so that you can access the course presentations on your schedule. Each module is a web/audio session that takes approximately 20-60 minutes.
Ask the Expert
Interact with your expert instructor via email throughout the course and through scheduled live Q&A sessions. You can expect a reply to your email within 24 hours. This email address is active during the entire course duration.
The Q&A sessions provide an opportunity for you and your classmates to speak one-on-one with the instructor. You will have an opportunity to ask any questions you may have about the course material and interact with your fellow classmates.
You will be invited to subscribe to a course listserv that includes course participants. You can use this listserv to post questions and share experience relevant to the course with other class members.
Course Assignments and Exams
- Take the course pre-test before you begin studying the course material to get a better understanding of areas that you will want to focus on more during the course.
- Homework assignments for all modules will be indicated on the syllabus. The homework assignments are designed to help expand your understanding of the course material.
- Complete the final exam for the course in order to receive Continuing Education Units (CEU) credit. The final exam will be taken and scored online. You must receive at least 80% on the course exam to receive CEU credit and certificate of completion. (Note: this exam is not the ISA/IEC 62443 Cybersecurity Fundamentals Specialist Certificate Exam)