Day 1 |
Introduction to Industrial Control Systems (ICS) and its security
Background · Terminology · Properties · IT vs OT
Main Components · HMI, SCADA Server · Historian Server · PLC, RTU, IED · Sensors, Actuators · Data Flow
Network Architecture · General Architecture, Main Zones. · Purdue Model · Communication Patterns · Remote Access · Large Scale Topology · Distributed Topology · Ring Topology
Protocols · Data Plane vs. Control Plane · IP vs. Serial · IT vs OT · Protocols Market Share · Overview Data Protocols · Modbus · Common Industrial Protocol · Secure Modbus
Security Issues
Cybersecurity for ICS networks
Security Issues
Major ICS Threats · Why to attack? · Insider Threat · IT Malware · OT Hacking Campaign · Supply Chain
Some Cybersecurity Solutions · Why OT Specific? · Diodes · Firewalls · Intrusion Detection System
Trends in ICS Cybersecurity
|
Day 2 |
Introduction to the basic of MITRE ATT&CK® for ICS and Secure Water Treatment (SWaT) testbed
· Introduction to SWaT on its process, components, network and architecture · Introduction to the basics of ATT&CK® for Industrial Control Systems · Introduction to MITRE ATT&CK for ICS Matrix · Illustration of three attacks and its impact based on MITRE ATT&CK for ICS · Understand and hands-on exercise on vulnerability assessment for IT (ZyCron) and OT (SWaT) using OpenVAS and nmap tools · In-class participation to propose countermeasures to mitigate cyber risks based on detected and design vulnerabilities (participants will be divided into groups for discussion and to present in class) · Two hands-on exercises to understand impacts on water purification based on CIP/ENIP during process disruption caused by cyber breaches
|
Day 1 and 2
|
Cyber risks and security vulnerabilities in ICS
· Cyber risk and trends in the ICS ecosystem · Differences between IT and OT cybersecurity · Common vulnerabilities in ICS · Real-life cyber-attack case studies · Understanding attacker model and its category · Networking and protocols (ARP and its attacks, TCP and its attacks, UDP and its attacks and ICMP and its attacks) · Telltale signs of suspected cyber attacks Training Method Day 1 · Online Training Day 2 · Singapore University Of Technology and Design SUTD · 8 Somapah Rd, Room No.2.705, Building 2 Level 7 (Near Lobby E), · Secure Water Treatment (SWAT Testbed) · Singapore 487372
Trainer: Ivan Lee, Co-founder, Tegasus International |
By clicking on the “I Accept” button beside, you acknowledge that you have read and understood the Personal Data Policy, and consent to the collection, use and disclosure of your personal data by ST Engineering. I Accept