Description
The course presents the issues of ensuring the cybersecurity of industrial control systems (ICS), exposed to a growing number of cyber threats and vulnerabilities, which can have major consequences in essential sectors for society. The main methodologies, specific terminology and standardized approaches to risk management and the implementation of appropriate technical controls for industrial automation equipment and networks are presented. A comparative analysis is also carried out for the comparative characterization of cyber security for IT/OT systems. Typical Vulnerability Analysis Patterns (CVSS) and Cyber Security Incident Reporting and Information Sharing (MISP) methods are defined. Robust configuration and parameterization methods are discussed using specialized tools for securing industrial equipment. The current international standardization (ISO27001, IEC62443) and regulatory (Cybersecurity Act, NIS2, Cyber Resilience Act) framework is also discussed, along with the associated technical resources to ensure compliance.
Target group: Electricians and engineers with application experience
Prerequisites: Technical engineering background, basic knowledge of computer networks and industrial control systems
Content:
- General concepts, terminology and comparative analysis for IT/OT security
- Specific cybersecurity characteristics and vulnerabilities of ICS equipment and systems
- The Purdue Model and the NIST SP 800-82r3 guide for OT security
- Analysis methodologies for cybersecurity threats. Mitre ATT&CK framework.
- Cybersecurity information management and dissemination platforms: MISP, SIEM
- Applicable international standards: ISO27001 and ISA/IEC62443
- Discussion of the evolving regulatory environment and compliance obligations: Cybersecurity Act, NIS2 Directive, Cyber Resilience Act
Objectives:
During this course the attendees will acquire knowledge and practical abilities related to:
- Passive and active operational network discovery and IT/OT network segSmentation
- Configuration and testing of virtual cybersecurity environments based on Kali Linux and Metasploitable
- Identification and classification of cybersecurity attacks e.g. DDoS, Man-in-the-Middle, unauthorized access, phishing, social engineering
- Cybersecurity information sharing and management platforms configuration and integration into daily workflows
- Configuration and testing of dedicated equipment for cybersecurity in industrial environments e.g. Siemens Scalance S615, Sinema VPN with S7-1200/-1500 series PLCs
Duration: 4 days
Note: Enrollment and participation in this course requires programming knowledge in the field of industrial automation
