Cybersecurity Training for Industrial Control Systems
Date: March 26-29, 2013, 8:00 am - 5:00 pm
Location: Houston, Texas
The United States Department of Homeland Security Control Systems Security Program is pleased to offer Cybersecurity for Industrial Control Systems training sessions.
Where
The Woodlands Center
3380 College Park Dr
The Woodlands, TX 77384
Who Should Attend?
This training is provided specifically for personnel responsible for the oversight, design and operation of control systems. This includes operators, engineers,
IT personnel, supervisors and managers.
Course Descriptions:
Tuesday, March 26, 8:00 am – 5:00 pm Introduction to Control Systems Cybersecurity (Course 101):
The purpose of this course is to introduce students to the basics of industrial control systems security. This
includes a comparative analysis of IT and control system architecture, security vulnerabilities, and mitigation
strategies unique to the control system domain.
This course is split into four sessions: (1) Cybersecurity Landscape: Understanding the Risks, (2) Industrial
Control Systems Applications, (3) Current State of Cybersecurity in Industrial Control Systems, and (4) Practical
Applications of Cybersecurity.
Wednesday, March 27, 8:00 am – 5:00 pm
Intermediate Cybersecurity for Industrial Control Systems, Lecture Only (Course 201):
This course provides technical instruction on the protection of industrial control systems using offensive and
defensive methods. Students will understand how cyber attacks could be launched, why they work, and mitigation
strategies to increase the cybersecurity posture of their control system. In addition, this course acts as a
prerequisite for the next course, Intermediate Control System Security-Part 2, which offers hands-on application
of the concepts presented.
This course is split into four sessions: (1) Current Security in ICS, (2) Strategies Used Against ICS, (3) Defending
the ICS, and (4) Preparation and Further Reading for Part 2.
Thursday, March 28 and repeated on Friday, March 29, 8:00 am – 5:00 pm
Intermediate Cybersecurity for Industrial Control Systems, Part 2 with lab/exercises (Course 202):
This 8 hour course is limited to approximately 40 attendees. This hands-on course is structured
to help students understand exactly how attacks against process control systems could be launched and why they work
and to provide mitigation strategies to increase the cyber security posture of their control systems networks.
This course provides a brief review of industrial control systems security. This includes a comparative analysis
of IT and control system architecture, security vulnerabilities, and mitigation strategies unique to the control
system domain. Because this course is hands-on, students will get a deeper understanding of how the various tools
work. Accompanying this course is a sample process control network that demonstrates exploits used for unauthorized
control of the equipment and mitigation solutions. This network is also used during the course for the many hands-on
exercises that will help the students develop control systems cybersecurity skills they can apply when they return to
their jobs.
This course is split into six sessions: (1) Supervisory Control and Data Acquisition (SCADA) and control system
overview, (2) Risk to Industrial Control Systems, (3) Exploit demonstration, (4) Basic Control Security Considerations,
(5) Network: Security, Identification, and Remediation, and (6) Network: Defense, Detection, and Analysis. The goal of
our training today is to give you an understanding of some key issues in cybersecurity related to industrial
control systems. Additionally, it will provide you with hands-on training applying the information learned.
Every student attending this (Intermediate Part 2) course must have a laptop computer that they can configure and
bring to the class. All students in the class should have a fairly good understanding of network details, such as the difference between UDP & TCP, and
MAC & IP addresses, and how firewalls, routers and switches work.
Registration
Please register for this training at: https://secure.inl.gov/cssp0313.
There is no fee to attend these courses.
Questions:
For additional information please email us at cssp_training@dhs.gov
|