ICS Cybersecurity Foundation for Operator

Full FeeS$1500 per pax (excluding GST)

Course Duration

Enrol in this Course

Who is the Course for

OT Operators

What You’ll Learn

Course Outline

Day 1


Introduction to Industrial Control Systems (ICS) and its security



·       Terminology

·       Properties

·       IT vs OT


Main Components

·       HMI, SCADA Server

·       Historian Server

·       PLC, RTU, IED

·       Sensors, Actuators

·       Data Flow


Network Architecture

·       General Architecture, Main Zones.

·       Purdue Model

·       Communication Patterns

·       Remote Access

·       Large Scale Topology

·       Distributed Topology

·       Ring Topology



·       Data Plane vs. Control Plane

·       IP vs. Serial

·       IT vs OT

·       Protocols Market Share

·       Overview Data Protocols

·       Modbus

·       Common Industrial Protocol

·       Secure Modbus


Security Issues


Cybersecurity for ICS networks


Security Issues


Major ICS Threats

·       Why to attack?

·       Insider Threat

·       IT Malware

·       OT Hacking Campaign

·       Supply Chain


Some Cybersecurity Solutions

·       Why OT Specific?

·       Diodes

·       Firewalls

·       Intrusion Detection System


Trends in ICS Cybersecurity



Day 2

Introduction to the basic of MITRE ATT&CK® for ICS and Secure Water Treatment (SWaT) testbed


·       Introduction to SWaT on its process, components, network and architecture

·       Introduction to the basics of ATT&CK® for Industrial Control Systems

·       Introduction to MITRE ATT&CK for ICS Matrix

·       Illustration of three attacks and its impact based on MITRE ATT&CK for ICS

·       Understand and hands-on exercise on vulnerability assessment for IT (ZyCron) and OT (SWaT) using OpenVAS and nmap tools

·       In-class participation to propose countermeasures to mitigate cyber risks based on detected and design vulnerabilities (participants will be divided into groups for discussion and to present in class)

·       Two hands-on exercises to understand impacts on water purification based on CIP/ENIP during process disruption caused by cyber breaches


Day 1 and 2


Cyber risks and security vulnerabilities in ICS


·       Cyber risk and trends in the ICS ecosystem

·       Differences between IT and OT cybersecurity

·       Common vulnerabilities in ICS

·       Real-life cyber-attack case studies

·       Understanding attacker model and its category

·       Networking and protocols (ARP and its attacks, TCP and its attacks, UDP and its attacks and ICMP and its attacks)

·       Telltale signs of suspected cyber attacks

Training Method

Day 1 

·     Online Training

Day 2 

·     Singapore University Of Technology and Design SUTD

·     8 Somapah Rd, Room No.2.705, Building 2 Level 7 (Near Lobby E),

·     Secure Water Treatment (SWAT Testbed)

·     Singapore 487372


Trainer: Ivan Lee, Co-founder, Tegasus International

Want to get the latest updates?

By clicking on the “I Accept” button beside, you acknowledge that you have read and understood the Personal Data Policy, and consent to the collection, use and disclosure of your personal data by ST Engineering. I Accept