About this course

Course type Premium
Course code QAICSSI
Duration 1 Day

This one day introductory course provides valuable insight into the weaknesses and vulnerabilities within common Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) environments. We will discuss infamous and more recent critical infrastructure cyber-attack case studies and the vital lessons learnt. Identify systems that are discoverable and understand suitable countermeasures, threats and ICS technical controls.

Audience

This course is aimed at operational / engineering teams, IT staff and security practitioners working in public and private sectors who are looking to gain and insight and awareness of the security vulnerability exposure and defensive countermeasures for industrial control systems.

Prerequisites

There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet.

Delegates will learn how to

  • Control systems – closed loop systems
  • ICS logic systems – relay, ladder, programmable systems
  • ICS security
  • Control system vulnerabilities and weaknesses
  • ICS technical security controls
  • Discoverable systems - countermeasures
  • Governance and standards

Outline

Module 1 – Introduction to ICS and SCADA

Introduce concepts and function of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA)

  • Control systems
    • Closed loop systems
  • ICS
    • Relay logic
    • Programmable logic controllers
    • PLC Programming
    • Sequential function charts
    • Ladder logic
    • ICS Network protocols
  • SCADA
  • ICS Security

Module 2 – Introduction to Industrial Control Systems Security

  • When control systems go wrong
  • Critical national infrastructure (CNI)
    • Centre for the protection of national infrastructure (CPNI)
  • Vulnerable systems
  • Case study – STUXNET, Black Energy
  • Not all ICS systems are designed with security in mind
  • ICS common vulnerabilities
  • Visible & discoverable ICS systems
  • Risk management
  • Defence in depth modified Purdue Model
  • Typical ICS technical security controls
  • Governance regulations
  • Security standards

Premium Course

1 Day

Duration

This course is authored by QA

Delivery Method

Delivery method

Classroom / Attend from Anywhere

Receive classroom training at one of our nationwide training centres, or attend remotely via web access from anywhere.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.