Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

SCADA Security

( Duration: 2 Days )

The SCADA Security training course covers all aspects of Industrial Control System (ICS) security for Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and Other control system configurations such as skid-mounted Programmable Logic Controllers (PLC). This course also discusses SCADA Characteristics, Security Threats and Vulnerabilities, Threats, Potential SCADA Vulnerabilities, Policy and Procedure, and Platform Vulnerabilities and Network Vulnerabilities.

SCADA Risk Factors such as Standardized Protocols and Technologies, Connectivity, Insecure and Rogue Connections, SCADA Public Information, SCADA Possible Incident Scenarios and Sources of Incidents are also discussed. Attacking critical infrastructure control systems such as SCADA requires planning, passive monitoring, intelligence gathering, active attacks and the use of alternative access methods.

By attending SCADA Security workshop, delegates will learn to:

  • Explain the basic SCADA operations
  • Explore Advanced SCADA Systems
  • Review telecommunications services related to SCADA
  • SCADA Network Operations and Management
  • Describe SCADA security architecture
  • Describe the security issues with a SCADA system
  • Design a SCADA Security Policy
  • Look at access control to field devices with Microsoft Active Directory
  • Review interception and analyzing Modbus/TCP network traffic with a sniffer
  • Understand unauthorized commands to field device
  • Setup and configure a Modbus/TCP firewall
  • Review SCADA security policies
  • Understand Firewall architecture, DMZ, and rulebases
  • Review SCADA protocol security issues
  • Understand Securing field communications
  • Explore user authentication technologies and integration with SCADA applications
  • Review access control principles and implementation
  • Look at active Directory integration with SCADA applications
  • Explore how to Detect cyber attacks on SCADA systems
  • Explore vulnerability scanning
  • Review security patch management
  • Review anti-virus protection and management
  • Review SCADA security standards

The SCADA Security class is suitable for anyone who needs to understand and deal effectively with advanced SCADA issues:

  • SCADA Systems Personnel
  • Engineers and Operations
  • Process Engineers and Managers
  • Operations and Maintenance Managers, Engineers and Technicians
  • Hardware and Instrument Specialists
  • Business System Analysts Who Support SCADA Interfaces
  • System and Application Programmers
  • Project Managers
  • Telecommunications and Wireless Support Personnel
  • Control engineers, integrators and architects when designing and implementing secure SCADA and/or ICS
  • System administrators, engineers and other IT professionals when administering, patching, securing SCADA and/or ICS
  • Security consultants when performing security assessments of SCADA and/or ICS

COURSE AGENDA

1

Introduction To SCADA Operations And Security

  • Industrial Computing Applications and SCADA Systems
  • Telecommunications Services
  • Types of SCADA Networks
  • SCADA Network Operations and Management
  • Communications Media and Signals
  • SCADA Reliability, Redundancy and Safety
  • Planning and Managing SCADA Projects
  • SCADA Technical Operations’
  • SCADA Project Management
  • SCADA Characteristics, Threats and Vulnerabilities
  • Comparing SCADA and IT Systems
  • Threats
2

Introduction To SCADA Vulnerabilities

  • Potential SCADA Vulnerabilities
  • Policy and Procedure Vulnerabilities
  • Platform Vulnerabilities
  • Network Vulnerabilities
  • Risk Factors
  • Standardized Protocols and Technologies
  • Increased Connectivity
  • Insecure and Rogue Connections
  • Public Information
  • Possible Incident Scenarios
  • Sources of Incidents
  • Documented Incidents
3

SCADA Security Program Development And Deployment

  • Business Case for Security
  • Potential Consequences
  • Key Components of the Business Case
  • Resources for Building Business Case
  • Presenting the Business Case to Leadership
  • Developing a Comprehensive Security Program
  • SCADA Security Network Architecture
  • Firewalls
  • Logically Separated Control Network
  • Network Segregation
  • Dual-Homed Computer/Dual Network Interface Cards (NIC)
  • Firewall between Corporate Network and Control Network
  • Firewall and Router between Corporate Network and Control Network
  • Firewall with DMZ between Corporate Network and Control Network
  • Paired Firewalls between Corporate Network and Control Network
  • Network Segregation Summary
4

Recommended Defense-in-Depth Architecture

  • General Firewall Policies for SCADA
  • Recommended Firewall Rules for Specific Services
  • Domain Name System (DNS)
  • Hypertext Transfer Protocol (HTTP)
  • FTP and Trivial File Transfer Protocol
  • Telnet
  • Simple Mail Transfer Protocol (SMTP)
  • Simple Network Management Protocol (SNMP)
  • Distributed Component Object Model (DCOM)
  • SCADA and Industrial Protocols
  • Network Address Translation (NAT)
  • Specific SCADA Firewall Issues
  • Data Historians
  • Remote Support Access
  • Multicast Traffic
  • Single Points of Failure
  • Redundancy and Fault Tolerance
  • Preventing Man-in-the-Middle Attacks
5

SCADA Security Controls

  • Management Controls
  • Risk Assessment
  • Planning
  • System and Services Acquisition
  • Certification, Accreditation, and Security Assessments
  • Operational Controls
  • Personnel Security
  • Physical and Environmental Protection
  • Contingency Planning
  • Configuration Management
  • Maintenance
  • System and Information Integrity
  • Media Protection
  • Incident Response
  • Awareness and training
  • Identification and Authentication
  • Access Control
  • Audit and Accountability
  • System and Communications Protection
  • Programmable Logic Controllers (PLC)
  • Industrial Sectors and Their Interdependencies
6

Wireless Security Applied To SCADA

  • Overview of Current Wireless Technologies
  • 802.11, 802.15 and 802.16 Technologies
  • Overview of Wireless Security
  • WEP
  • TKIP and the WPA/WPA2
  • IEEE 802.11i
  • Authentication, Encryption, and Integrity Methods
  • Cellular/Mobile Interworking
  • LTE application in SCADA

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X