Industrial Automation System Architecture and OT Cybersecurity
Join the Program
Virtual or Classroom
8hr training
Registration deadline: 15 July 2024
Custom Scheduling
Ted Angevaare
INCO3506
Format:
Instructor-led
Join the Program
To register multiple team-members at once, use the link below.
Need a dedicated version of this program for your team? Please contact us.
Course Objective
“To create a skilled workforce of OT-Cybersecurity trained engineers who are able to be proactive in the face of the cyber threats to an industrial plant.”
Private course for team
Custom scheduling
Industry Expert
On-site or virtual
1-year access
to up-to-date course material
PDH Hours qualified course
Read more here
About the course
In-Company
Live sessions
8hr Content
Custom
English
INCO3506
Industrial Automation is evolving and nowadays most companies use commercial off-the-shelf (COTS) computer systems, networks, and cloud applications to optimize production, reduce costs, improve uptime, and improve Process Safety. This is called the IIoT (Industrial Internet of Things) or Industry 4.0, and unfortunately, it also has a huge disadvantage: the OT-Cybersecurity threat from malware, ransomware, and other hacking software.
OT-Cybersecurity engineers are needed to help an organization protect itself against these risks. The skill set of an OT-Cybersecurity engineer overlaps those of Industrial Automation Engineers and IT Engineers. This intensive "bootcamp" 2-day training course gives participants an appreciation of both these disciplines, which are often so different.
The first day of the training course is focused on bridging the knowledge gap between the two engineering disciplines needed for the blended discipline OT-Cybersecurity. Once this foundation is in place, the second day of the training will show the step-by-step approach to be taken for projects to mitigate and control the risks. A detailed example case will be used to show best practices for an OT-Cybersecurity program for an Industrial End-User. Ultimately this course is very intense and will touch upon all aspects that require attention to make an End-User robust against a Cyber Attack!
After the course, you maintain 1-year unlimited access to the course, including any new course material. This allows you to perform modules again should you need to refresh your knowledge.
Questions? Contact us
hello@engineeringtrainer.com
+31 (0)85 058 0051
Monday - Friday, 9am - 6pm CEST
Meet your instructor
Program & Details
Welcome
OSI Model
Parity bit
TCP/IP, UDP, Token Ring
FTP, URL, HTTP, HTML and XML
Ethernet, Hub, Gateway, Router, Switch, USB
DMZ and Firewall
Domain, IPsec, VPN, DNS, NAT
The Internet, The Cloud and Edge Computing
Deep WEB and Dark WEB
Control Theory
Transmitter and Control Valves
Hazardous Area
Ingress Protection
RS-232, RS-485 and Modbus, the industrial serial protocols
HART™
Profibus
Foundation Fieldbus™
Industrial Ethernet (IE)
Other Fieldbuses
OPC
Smart IO
Wireless
Control Systems, PLC, SCADA and DCS
Virtualisation
Safeguarding Systems (SIF)
Safety Risk Assessment
The PFD of a SIF-loop
SIF Certification (SIL)
1oo1, 2oo4, XooY voting transmitters
Oreda (Offshore and Onshore Reliability Data)
Engineering Work Station (EWS)
Central Control Room (CCR)
Flow computers and flow measurements
Water Cut measurement
Tank Gauging
Fire and Gas Detection Systems
Industrial Automation, what makes it so special, robustness and integrity
The difference between OT and IT
Architecture and Purdue Model
O-PAS™ and O-PAF ®
NOA
The pro’s and con’s of O-PAS and NOA
How to design a network
Network separation and segregation
Secure Cell
Zones and Conduits
Workflows as a tool to optimise
Remote Operations
The merging of IT and OT
IIoT and Industry 4.0
IACS Vendors and their services
What’s happening?
Who and why
How big is the threat?
Trends
Latest news on Cyber Security
Most successful ICS attacks in industry
Successful Attacks
What is the biggest threat?
Cybersecurity Metrics
Standards
IEC 62443 series
Legislation, NIS, BRZO, Csw, Wbni, Wgmc and Wdo
Vulnerabilities, and reporting
Types of malware
Hackers and Cyber-criminals
Hardening, Passwords and Default Passwords
Anti-virus software
Security Patching and WSUS
Back-up and Restore
Application White Listing (AWL)
IDS
IPS
SOC, SIEM and Monitoring Tools
OT Help Desk
Cybersecurity Risk Assessment and Gap Analysis
Defense in Depth (DiD)
Defense by Design (DbD) and Power Supply
Encryption and Cryptography
Incident Management
What do you need to know before you start a project?
Nine steps: the ‘prerequisites to success’
Justification of a Security Program
Supporting organisation, budget, knowledge of project members
Planning
The Framework and overview of all project steps
The Cheapest solution: a Secure Cell
Phase 1a - The Inventory and Network drawings of existing network
Phase 1b - Design, prepare and training
Phase 1c - Implement changes to network, OT Anti-Virus clients
Phase 1d - Create Sustainability and Back-ups
Phase 2a - Determination of a ‘Cost & Impact Effective’ Security Program
Phase 2b - Execution of a ‘Cost & Impact Effective’ Security Program
Advance the Risk Assessment with an OT Attack Vector Analysis
Implement the best mitigation actors
Certified hardware and software applications
Secure Protocols vs. open protocols, and double or multiple authentication
Installation of a DataDiode to secure segments of the highest criticality and security
Implementation of administrative requirements and training for personnel
Maintenance Contracts with specialist companies
Continual Improvement (CI) plan and Sustainability plan
A breakdown and justification of the costs associated with OT-Cybersecurity for a large refinery.
A worked example of the security plan for different sized businesses and the associated costs.
Results
After this course, you...
understand the importance of OT-Cybersecurity and the possible impacts of a cyber attack.
have seen the need for a new discipline called OT-Cybersecurity Engineering, a blended team of Process Automation and IT Engineers, to respond to the cyber threat.
know how to work within, or lead, a team of OT-Cybersecurity Engineers, and have a sound understanding of what’s required to make an End User resilient and robust to cyber attacks.
can perform and lead an OT-Cybersecurity project within your organisation, by applying the the checklists and procedures explained in this course.
have seen how an OT-Cybersecurity project can be implemented for an Industrial End User.
have learnt how to comply to new legislation and new International Standards
have an understanding of how to order the OT-Cybersecurity priorities for your organization depending on available budgets, and can quantify the residual risks at each stage.
have the skills to play a proactive and motivation role in the implementation of an OT-Cybersecurity project within your organization.
Who should attend this course
Process Automation Engineers of End-users
IT Engineers and System Architects of End-users
Project Managers of End-users
Cybersecurity Engineers
Research Engineers of End-users
Automation Engineers of Vendors
Prerequisites:
Some basic knowledge about IT and Electrical Engineering is required to be able to follow the classes, but in principle a person with an Engineering degree should be able to follow it successfully.
Level: Beginner
Live sessions
This course consists of instructor-led group sessions, these group sessions can be Virtual or Onsite. During these sessions participants can ask questions to the instructor which are discussed, as well as questions submitted beforehand in the learning portal.
After each live session used slides and exercise documents are made available to participants on the learning portal.
Please note that for privacy reasons no recordings of the live sessions are made or provided.
You receive 1-year unlimited access to the online course material. This allows you to watch content again if this is beneficial for your daily work activities and benefit from any material updates.
The live sessions are scheduled together with the customer and are private for their team only.
Typically the training course would be scheduled as:
Virtual: 8 sessions of 2 hours
Onsite: 2 days of 8 hours
After each live session used slides and exercise documents are made available to participants on the learning portal. Please note that for privacy reasons no recordings of the live sessions are made or provided. You receive 1-year unlimited access to the online course material. This allows you to watch content again if this is beneficial for your daily work activities and benefit from any material updates.
A personal digital certificate will be made available to each participant upon full attendance.
Example Certificate:
FAQ
This course consists of instructor-led live sessions which consist of presentations, demonstrations and discussions of questions. During each live session participants can ask questions to the instructor (through chat or microphone) which will be answered.
Please note that for privacy reasons no recordings of the live sessions are made or provided.
The training material used in the live sessions, for example the slides or exercises, will be available in the EngineeringTrainer portal for a year after the date of the training allowing you to refresh your knowledge or review material if needed.
No, course content is not available for download.
The training material used in the sessions, for example the slides or exercises, will be available in the EngineeringTrainer portal for a year after the date of the training allowing you to refresh your knowledge or review material if needed.
Please note that for privacy reasons no recordings of the live sessions are made or provided.
Yes, interactive Q&A sessions are part of the live sessions in this course and allow you to interact with the instructor and ask questions.
To respect the privacy of the participants the live sessions will not be recorded, and as such the live sessions cannot be played back. Therefore it is important for all participants to block the time slots of the live sessions in their calendars and be present.
No software licenses are provided as part of this course.
Yes, this course qualifies for PDH hours as per the NCEES CPC Guidelines.