Industrial Automation System Architecture and OT Cybersecurity
Industrial Automation System Architecture and OT Cybersecurity
About the course
Industrial Automation is evolving and nowadays most companies use commercial off-the-shelf (COTS) computer systems, networks, and cloud applications to optimize production, reduce costs, improve uptime, and improve Process Safety. This is called the IIoT (Industrial Internet of Things) or Industry 4.0, and unfortunately, it also has a huge disadvantage: the OT-Cybersecurity threat from malware, ransomware, and other hacking software.
OT-Cybersecurity engineers are needed to help an organization protect itself against these risks. The skill set of an OT-Cybersecurity engineer overlaps those of Industrial Automation Engineers and IT Engineers. This intensive "bootcamp" 2-day training course gives participants an appreciation of both these disciplines, which are often so different.
The first day of the training course is focused on bridging the knowledge gap between the two engineering disciplines needed for the blended discipline OT-Cybersecurity. Once this foundation is in place, the second day of the training will show the step-by-step approach to be taken for projects to mitigate and control the risks. A detailed example case will be used to show best practices for an OT-Cybersecurity program for an Industrial End-User. Ultimately this course is very intense and will touch upon all aspects that require attention to make an End-User robust against a Cyber Attack!
Learning Outcomes
After this course, you...• understand the importance of OT-Cybersecurity and the possible impacts of a cyber attack,
• have seen the need for a new discipline called OT-Cybersecurity Engineering, a blended team of Process Automation and IT Engineers, to respond to the cyber threat,
• know how to work within, or lead, a team of OT-Cybersecurity Engineers, and have a sound understanding of what’s required to make an End User resilient and robust to cyber attacks,
• can perform and lead an OT-Cybersecurity project within your organisation, by applying the checklists and procedures explained in this course,
• have seen how an OT-Cybersecurity project can be implemented for an Industrial End User,
• have learnt how to comply to new legislation and new International Standards,
• have an understanding of how to order the OT-Cybersecurity priorities for your organization depending on available budgets, and can quantify the residual risks at each stage,
• have the skills to play a proactive and motivation role in the implementation of an OT-Cybersecurity project within your organization.
Who should attend this course
• Process Automation Engineers of End-users• IT Engineers and System Architects of End-users
• Project Managers of End-users
• Cybersecurity Engineers
• Research Engineers of End-users
• Automation Engineers of Vendors
Prerequisites
Some basic knowledge about IT and Electrical Engineering is required to be able to follow the classes, but in principle a person with an Engineering degree should be able to follow it successfully.Program & Details
-
General IT Knowledge
Live
1. Welcome
2. OSI Model
3. Parity bit
4. TCP/IP, UDP, Token Ring
5. FTP, URL, HTTP, HTML and XML
6. Ethernet, Hub, Gateway, Router, Switch, USB
7. DMZ and Firewall
8. Domain, IPsec, VPN, DNS, NAT
9. The Internet, The Cloud and Edge Computing
10. Deep WEB and Dark WEB -
General Industrial Automation knowledge
Live
1. Control Theory
2. Transmitter and Control Valves
3. Hazardous Area
4. Ingress Protection
5. RS-232, RS-485 and Modbus, the industrial serial protocols
6. HART™
7. Profibus
8. Foundation Fieldbus™
9. Industrial Ethernet (IE)
10. Other Fieldbuses
11. OPC
12. Smart IO
13. Wireless
14. Control Systems, PLC, SCADA and DCS
15. Virtualisation
16. Safeguarding Systems (SIF)
17. Safety Risk Assessment
18. The PFD of a SIF-loop
19. SIF Certification (SIL)
20. 1oo1, 2oo4, XooY voting transmitters
21. Oreda (Offshore and Onshore Reliability Data)
22. Engineering Work Station (EWS)
23. Central Control Room (CCR)
24. Flow computers and flow measurements
25. Water Cut measurement
26. Tank Gauging
27. Fire and Gas Detection Systems -
Industrial Architecture
Live
1. Industrial Automation, what makes it so special, robustness and integrity
2. The difference between OT and IT
3. Architecture and Purdue Model
4. O-PAS™ and O-PAF ®
5. NOA
6. The pro’s and con’s of O-PAS and NOA
7. How to design a network
8. Network separation and segregation
9. Secure Cell
10. Zones and Conduits
11. Workflows as a tool to optimise
12. Remote Operations
13. The merging of IT and OT
14. IIoT and Industry 4. 0
15. IACS Vendors and their services -
Cybersecurity, what is the threat?
Live
1. What’s happening?
2. Who and why
3. How big is the threat?
4. Trends
5. Latest news on Cyber Security
6. Most successful ICS attacks in industry
7. Successful Attacks
8. What is the biggest threat?
9. Cybersecurity Metrics
10. Standards
11. IEC 62443 series
12. Legislation, NIS, BRZO, Csw, Wbni, Wgmc and Wdo -
General Cybersecurity knowledge
Live
1. Vulnerabilities, and reporting
2. Types of malware
3. Hackers and Cyber-criminals
4. Hardening, Passwords and Default Passwords
5. Anti-virus software
6. Security Patching and WSUS
7. Back-up and Restore
8. Application White Listing (AWL)
9. IDS
10. IPS
11. SOC, SIEM and Monitoring Tools
12. OT Help Desk
13. Cybersecurity Risk Assessment and Gap Analysis
14. Defense in Depth (DiD)
15. Defense by Design (DbD) and Power Supply
16. Encryption and Cryptography
17. Incident Management -
Before you start an OT-Cybersecurity project
Live
1. What do you need to know before you start a project?
2. Nine steps: the ‘prerequisites to success’
3. Justification of a Security Program
4. Supporting organisation, budget, knowledge of project members
5. Planning -
The phases in an OT-Cybersecurity project
Live
1. The Framework and overview of all project steps
2. The Cheapest solution: a Secure Cell
3. Phase 1a - The Inventory and Network drawings of existing network
4. Phase 1b - Design, prepare and training
5. Phase 1c - Implement changes to network, OT Anti-Virus clients
6. Phase 1d - Create Sustainability and Back-ups
7. Phase 2a - Determination of a ‘Cost & Impact Effective’ Security Program
8. Phase 2b - Execution of a ‘Cost & Impact Effective’ Security Program -
Implement ‘the maximum possible’
Live
1. Advance the Risk Assessment with an OT Attack Vector Analysis
2. Implement the best mitigation actors
3. Certified hardware and software applications
4. Secure Protocols vs. open protocols, and double or multiple authentication
5. Installation of a DataDiode to secure segments of the highest criticality and security
6. Implementation of administrative requirements and training for personnel
7. Maintenance Contracts with specialist companies
8. Continual Improvement (CI) plan and Sustainability plan -
Typical costs of a Security Program for a large refinery?
Live
1. A breakdown and justification of the costs associated with OT-Cybersecurity for a large refinery.
-
Example of Security Plan and estimated cost
Live
1. A worked example of the security plan for different sized businesses and the associated costs.
Certification

Contact us to Learn More

Why choose EngineeringTrainer
-
Unlimited Team-wide Access
-
Advance Technical Competences
-
Courses by Industry Authorities
Since using EngineeringTrainer our internal mentorship has a much more matured character.
Logan Chapman - COO at Chapman Consulting Inc.