Course #: IC32 | CEUs: 1.4 | Length: 2 days | Hours: 8:00 a.m. – 4:00 p.m. | A certificate of completion indicating the total number of CEUs earned will be provided upon successful course completion.

Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32) provides a detailed look at how the ISA/IEC 62443 standards framework can be used to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments.

With the move to using open standards, such as Ethernet, Transmission Control Protocol/Internet Protocol (TCP/IP), and web technologies, in supervisory control and data acquisition (SCADA) and process control networks (PCN), systems are being exposed to the same cyberattacks facing corporate information systems, protecting control systems is more important than ever.

Certificate Program: This is a preparatory class for the ISA/IEC 62443 Cybersecurity Certificate Program. The course registration includes the fee for one exam.

Who Should Take IC32?

• Control systems engineers and managers
• System integrators
• IT Engineers and managers at industrial facilities
• Plant managers
• Plant safety and risk management

Learning Objectives

• Discuss the principles behind creating an effective long-term program security
• Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
• Define the basics of risk and vulnerability analysis methodologies
• Describe the principles of security policy development
• Explain the concepts of defense in depth and zone/conduit models of security
• Analyze the current trends in industrial security incidents and methods hackers use to attack a system
• Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls and virtual private networks
• Describe how secure software development strategies can make systems inherently more secure
• Explain how systems security is verified

Topics Covered

• Understanding the Current Industrial Security Environment
  • What is electronic security for industrial automation and control systems (IACSs)?
  • How IT and the plant floor are different and how they are the same
• How Cyberattacks Happen
  • Understanding the threat sources
  • Steps to successful cyberattacks
• Creating A Security Program
  • Critical factors for success
• Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009), Security for industrial automation and control systems, Part 2-1: Establishing an industrial automation and control systems security program
• Risk Analysis
  • Business rationale
  • Risk identification
  • Classification
  • Assessment
• Addressing Risk with Security Policy, Organization, and Awareness
  • Cybersecurity management system scope
  • Organizational security
  • Staff training and security awareness
• Addressing Risk with Selected Security Counter Measures
  • Personnel security
  • Physical and environmental security
  • Network segmentation
  • Access control
• Addressing Risk with Implementation Measures
  • Risk management and implementation
  • System development and maintenance
  • Information and document management
• Monitoring and Improving the CSMS
  • Compliance and review
  • Improve and maintain the cyber security management system (CSMS)
• Validating or Verifying the Security of Systems
  • What is being done?
  • Developing secure products and systems

Exercise

PCAP live capture analysis

Resources Included*

• ISA-62443-1-1-2007, Security for Industrial automation and control systems – Part 1-1: Terminology, concepts and models
• ISA-62443-2-1 (99.02.01)-2009, Security for industrial automation and control systems – Part 2-1: Establishing an industrial automation and control systems security program
• ISA-62443-3-3 (99.03.03)-2013, ISA-62443-3-3 (99.03.03)-2013, Security for industrial automation and control systems – Part 3-3: System security requirements and security levels

*PDF format only.

Recommended Prerequisites

• There are no required prerequisites for taking this course; however, it is highly recommended that applicants have at least one to three years of experience in the cybersecurity field with some experience in an industrial setting. IC32 is a 14-hour boot camp-style class, and there is not much time to teach basic commands and cybersecurity.
• ISA courses: TS07, TS12, or the equivalent knowledge/experience would be beneficial.
• Note from the Instructor: One of the challenges I have had in teaching IC32 is students attending without any or limited knowledge of ISA courses TS07, TS12 or cybersecurity general principles.

Recommended Reading

• Cybersecurity Library
• “Industrial Automation and Control System Security Principles,” Second Edition, by Ronald L. Krutz, PhD, PE

Not sure this particular course is for you? Take an IC32 knowledge check designed to evaluate your level of understanding of the course material and show you the types of questions you’ll be able to answer after completing the course.