Industrial Cybersecurity – ICS Cyber Security Certification (Standard )

Customer Feedback

“I am working in one of the world’s leading EPC company , engaged in the Cement and Mining industry. We purchased the ICS CYBER SECURITY TRAINING & CERTIFICATION e-learning courses. I found this course to be very informative and easy to understand. I and my colleagues completed the course successfully and got the certificates and badges. I personally recommend this course whoever interested to learn about Industrial Control System Cybersecurity.

I wish success for Abhisam team for their great work.”

D. Anbudurai, FLSmidth

ICS Cyber Security Certification

This Industrial Cyber Security Training Certifications course enables you to understand vulnerabilities and threats to industrial control systems, take steps to protect these systems and the plants that they control, from attacks and get certified. This cyber security training course is for Industrial Control Systems such as  DCS,  SCADA,  PLC, PAC, SIS, etc. This online e-learning cybersecurity training course, consists of several modules that covers the basic concepts of Industrial Control Systems, Basic concepts of cyber security, threats, vulnerabilities, attacks, security standards like IEC 62443, security risk assessment for ICS, as well as for the plants that they control, a case study of Stuxnet and an Advanced Module that covers many things such as the Cyber Kill Chain model, the MITRE ATT&CK framework for Industrial Control Systems, Honeypots for industrial control and an exciting assignment in industrial control system defense.

Course Background:

Industrial Control Systems (ICS for short) refer to those Instrumentation, Control Systems and Automation systems that monitor and control industrial plants and processes such as Oil Platforms, Oil and Gas processing facilities, Power Generation plants, Chemical plants, Petrochemical manufacturing plants, textile plants, Electrical Distribution Grids, Ships, Terminal Automation Systems, Steel Plants, Pharmaceutical manufacturing and formulation plants, Food and Beverage industries, Water and Wastewater treatment plants, oil and gas pipelines, pumping stations, solar power plants, nuclear power plants, nuclear fuel reprocessing facilities and many more.

Many of these systems are not actually recognized as “industrial” control systems, but they actually are and they govern a country level critical infrastructure, such as for example the sluice gates of a water dam.

Critical infrastructure also includes electrical grid and power distribution systems. These are generally controlled and monitored by SCADA systems, so SCADA security also becomes important to protect national and continental level critical infrastructure.

Hence ICS security measures also apply in such cases.

An  ICS network and control system can be one of many different types, depending on the  architecture, design, primary functions and technology used. These systems include DCS (Distributed Control Systems), SCADA (Supervisory Control and Data Acquisition Systems), PLC (Programmable Logic Controllers), PAC (Programmable Automation Controller), SIS (Safety Instrumented Systems), ESD (Emergency Shutdown Systems) and more. Many of these industrial control systems were designed and installed in an age, where there were no security issues, hence they were cyber insecure at the design stage itself. These industrial control systems grew in size and complexity and many got interfaced to other enterprise business systems, such as ERP systems like SAP, but continued to remain insecure due to a variety of reasons. These systems are typically architected, designed and installed by Instrument Engineers, Automation Professionals or Instrumentation & Control System engineers, who are proficient in control systems but not necessarily trained in cybersecurity. Today a control system is vulnerable to cyber attacks in many ways and control system engineers need to be well aware of  subjects such as ICS security and SCADA security.

These built in vulnerabilities have to be understood by these engineers and technical professionals and also by company managements to avoid risk to not only their systems themselves, but also to their plants and machinery that is controlled by these systems. This is because an attack on these systems by cyber criminals, state and non state actors, can cause catastrophic consequences such as loss of containment, asset damage and environmental disasters, not to mention possible loss of life.

In the recent past there have been many such attacks on industrial control systems and ICS networks, but they are not widely reported for a variety of reasons. The more infamous among them include Stuxnet, that was used to attack Siemens PCS and TRITON that was used to attack TRICONEX Safety Instrumented Systems.

This Industrial Cyber Security Certification course has been made with a view to make these stakeholders aware and competent to deal with these threats and secure their systems and plants from damage.

ICS Cyber Security Certification

On successful completion of all the course modules, passing the associated exam and successful evaluation of the assignment, you can earn the title of CICP – Certified Industrial Cybersecurity Professional

What does this course contain?

This ICS Cybersecurity Course consists of several modules with text, animations, videos, real life scenarios, ics risk assessment methodology, a real life case study of the Stuxnet attack and a self assessment test. The course has full voice narration that makes learning this complex subject very easy.

Detailed Course Contents

This comprehensive self paced learning course is divided into seven modules, followed by a self assessment test and the certification exam. There is also an additional Advanced Module and an Assignment module, which is optional.

The details are given below:

MODULE 1- Overview of Industrial Automation & Control Systems (DCS/PLC/SCADA/SIS)

• Introduction to Industrial Automation & Control Systems (IACS)
• IACS Application Areas
• Cyber physical systems
• Evolution of IACS
• Pneumatic Controllers
• Single Loop Controller architecture
• Control Rooms
• Control Room & Field
• Analog Electronic Signals
• Traditional Controls
• Point to Point Architecture
• Direct Digital Control (DDC) to Distributed Control Systems (DCS)
• DCS as a group of controllers
• DCS Connection to field devices
• Fieldbuses
• MODBUS
• Programmable Logic Controllers (PLC)
• PLC HMI
• SCADA
• PLC-SCADA
• Safety Instrumented Systems
• SIS Cybersecurity
• Typical IACS Architecture
• Automation Hierarchy

Module 2 Basic Concepts of Cybersecurity

• Cybersecurity Basics
• Cybersecurity Policy
• Authorized Access
• Unauthorized Access
• Brute Force Attacks
• Secure Communication
• Authentication
• Non Repudiation
• Encryption
• Public and Private Keys
• Locking and Unlocking
• Public Key Cryptography-
• Digital Signature
• Defense in Depth
• Privileges
• Role of Malware
• Understanding malware delivery
• Attack Surface
• Threats & Vulnerabilities
• Viruses
• Worms
• Trojans
• Types of Trojans
• Ransomware
• Scareware
• Spyware
• Command & Control
• Firewalls
• Firewall Basic Working
• Classes of Firewalls
• Deep Packet Inspection Firewalls
• Intrusion Detection Systems (IDS)
• Denial of Service
• Distributed Denial of Service (DDoS)
• Telephonic  Denial of Service (TDoS)
• Penetration Testing
• Backdoors
• Backdoor Examples
• Demilitarized Zone
• Privilege Escalation Vulnerbility
• Network Hardening

Module 3- Threats to IACS

• Introduction
• Threats to IACS
• IACS Threat Severity
• Vulnerability Causes
• Increased Connectivity
• Insecure by design
• Use of COTS
• Shodan
• Skill Levels needed
• Lack of awareness
• Predisposing Conditions
• Four Steps to an Attack
• Vectors
• Phishing
• Spear Phishing
• Social Engineering
• Fake Profiles
• Insecure Connections & Firewalls
• Malicious Websites
• Waterholing
• Fake Updates and Pirated Software
• USB Drives
• Devices and Software with Vulnerabilities
• Buffer Overflow
• SQL Injection
• Advanced Persistent Threats (APT)
• Port Scanning
• Cross Site Scripting
• Packet Sniffing
• Zero Day Exploits
• Exploit Markets
• ICS Attack Categories
• ICS Targeted attacks
• Attack Sequence of Events
• Man in the middle attack
• MITM in ICS
• Denial of Service
• Replay attack
• Spoofing
• Blended Attacks

Module 4- ICS Cybersecurity Standards

• Introduction
• ISA99- Purdue Model
• 62443 Standard
• 62443 Organization-1
• IEC 62443 Organization-2
• Zones, Conduits and Security Levels
• Chlorine Loading Example
• Security Level Types
• Security Levels
• Cybersecurity Management System
• ISA Secure Scheme
• ISO 31000
• ISO 27000
• IEC 61508
• IEC 61508 implementations
• IEC 61511
• IEC 61511- More clauses
• SIS Implications

Module 5- Industrial Control Systems Risk Assessment

• Introduction
• Risk Assessment Case Study
• Risk Assessment & Mitigation, Incident Response
• Non Safety Consequences
• Risk Assessment Process
• Security Vulnerability Analysis
• ICS Security Evaluation
• Initial Risk Assessment
• Threat Assessment
• ICS Vulnerabiility Assessment
• Consequence Analysis-1
• Example Calculations
• Tolerable Risk
• Modification-Small Site
• Modification-Medium Site
• Modification-Large Site
• Modification-Remote Site
• Seven Steps to be carried out
• Secondary Risk Assessment
• Periodic Assessment
• Cyberattack Mitigation

Module 6- Industrial Cybersecurity Lifecycle

This module has ten sections about the Industrial Cybersecurity Lifecycle.

These are

1. People, Policies, Procedures and Standards

2. Hazard and Risk Assessment

3. Asset Inventory

4. Training & Competency

5. Secure Architecture, Devices, Configuration, Software

6. Intrusion Detection & Prevention

7. Event Logging and Analysis

8. Incident Response

9. Backup & Restore

10. Patch Management & Testing

Module 7- ICS Cyber attack Case Study

Understand the Stuxnet cyber attack in detail. Evaluate if it could have been prevented by using current ICS standards.

Module 8- Self Assessment Test

Use this self assessment test to judge how well you have understood the subject. Also use it as a mock test to prepare for the exam.

Advanced Module

• Cyber Kill Chain Model
• MITRE ATT&CK framework for Industrial Control System
• Honeypots for Industrial Control System
• Advanced SHODAN techniques and other search methods

Assignment Module

Take part in an assignment with Red Team and Blue Team exercises.

Certification Exam

After completing the modules, you can take the certification exam.

Why you should get this course now?

ICS Cyber security is a new and upcoming skill that many engineers and technical professionals do not have. There is a huge demand for these skills from employers and as we see more cases of attacks on Industrial Control Systems the demand will only grow. To make use of the opportunities that this presents, you must take this course and get certified (on passing the exam you get an electronic certificate and a badge from Abhisam as an Industrial Cybersecurity Professional).

This subject straddles two skill bases, one is in Industrial Control Systems (DCS/PLC/SCADA/SIS design, programming, maintenance) and the other is in Cybersecurity. Many cybersecurity professionals are from an IT background with skills in Business Systems cybersecurity and no awareness or knowledge about Industrial Control Systems cybersecurity.

If you are a professional who is skilled in both areas, then your opportunities will explode dramatically. This ICS Cyber security certification course will help you get noticed and demonstrate your competency to the world.

Please note that though this course does cover information security as one of the important aspects of protecting your control system, it is not an exclusively information security course.

Why you should get this ICS Cyber Security Certification course from Abhisam?

Abhisam is the world leader in online training as well as  traditional classroom type training for technical professionals in industry. We have trained thousands of engineers and technicians all over the world on all continents.

Our learners come from Fortune 500 companies, individuals, government organizations as well as universities.

Below are listed some questions about this course.

Question: Why should I not read books instead?

There are hundreds of cybersecurity books, but very few on Industrial Cyber Security. Those are good references, but you will appreciate that reading books and understanding them is slower than learning via animations, narrations and actual cases that are shown in the course. If you value your time, then you will appreciate that this course is the fastest way to learn this interesting but complex subject. You will also not get certified by reading a book.

Question: Can I not get this information online elsewhere?

Of course you can spend hours of your valuable time, surfing the internet and trying to absorb all the info out there. But you will quickly find that it saps your energy, you spend 100 days of your precious time, trying to find nuggets of useful information from multiple sources and in the end there is no guarantee that the information that you collect is useful, truthful and authentic. By taking Abhisam’s Industrial Cyber Security Certification online training course, you can learn all the important need to know stuff, in a matter of a few days. The structure of the course is carefully designed to help you absorb everything in a gradual and logical manner. Lastly if you take the associated  exam, you get a free certification, which you can never get by merely searching for information or reading books.

Question: We are an organization (company, university, association, etc). Can we use this course to train our employees/students/members?

Of course you can. We have special Enterprise and University pricing. If you need to record employee  or student training activity and wish to get a record of their scores and certificates, then a fee will be applicable. Contact us at sales[at]abhisam.com for details.

Question: Can this course be provided in a SCORM or TinCan format for deployment on our own Learning Management System?

Yes, of course, but there will be a cost associated with this, because we will stream the course directly to your LMS server from our cloud based server. Please contact us at sales@abhisam.com for a quote.

Question: Are there any other versions?

Yes you can take the Industrial Cybersecurity Professional version of the course from here. You get access for 3 years instead of the 1 year access for the Standard version. Plus you get the Understanding 62443-2-4 module, which is included only in the Professional version.