Scada Security Challenges and Solutions Training

Print Friendly, PDF & Email
Introduction

Scada Security Challenges and Solutions Training Course Description

SCADA and industrial networks operate as vital supporting infrastructure to critical applications and processes. Their secure, safe, continued availability is not negotiable. This short Scada Security Challenges and Solutions Training course identifies challenges and defines solutions, so that the operational integrity of these mission-critical networked services can be confidently assured.

Thus, the objective of this Scada Security Challenges and Solutions Training course is to familiarize SCADA personnel with the security issues they need to be aware of and provide detailed knowledge of security threats and recognized solutions. Further, it provides students with the tools to assess and mitigate security vulnerabilities -- and appreciate the ways in which IT-oriented security measures will help, and understand where unique-to-SCADA approaches are necessary.

Duration: 2-3 days

Scada Security Challenges and Solutions Training Related Courses

Customize It!

• We can adapt this Scada Security Challenges and Solutions Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Scada Security Challenges and Solutions Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Scada Security Challenges and Solutions Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Scada Security Challenges and Solutions Training course in manner understandable to lay audiences.

Audience / Target Group

• Incident responders
• Forensic investigators
• Threat operation analysts
• Incident responders needing to quickly address system security breaches
• Threat operations analysts seeking a better understanding of network based malware and attacks
• Those individuals who want to learn what malicious network activity looks like and how to identify it

Objectives:

After completing this Scada Security Challenges and Solutions Training course, attendees will be able to:

This course is presented as a workshop program with a series of scada security analysis and design activities. Delegates will have opportunity to develop concepts and interact with others in creating strategies to support and maintain state-of-the-art industrial network security. If the hands-on activity is impractical due to lack of computers, students will be guided through an in-class demonstration of the workshop elements, and be left with software to complete the hands-on part of the course on their own time.

Scada Security Challenges and Solutions Training - Course Content:

Introduction

• Security Challenges are Universal
• Increased Vulnerability Due To Open Systems Trend
• Increased Vulnerability From Motivated, Knowledgeable Attackers
• Some Documented SCADA Security Failure Incidents

Open Systems Issues Push The Agenda

• Protocols of the Internet Architecture
• Ethernet and Other IT-derived Networks
• Fieldbus Standards
• IEC Standards
• Ethernet/IP and CIP
• Computer Operating Systems; Windows and Unix/Linux

Points of Vulnerability

• The IT Infrastructure
• Leased Infrastructure; Frame Relay and Other Services
• The Sensor/Fieldbus Networks
• Wireless LAN Systems
• Rogue (Undocumented) Dial and Wireless Links
• Infected/Compromised Portable Equipment
• Network Management Systems

SCADA Network Protocols

• Features Common to Most SCADA Networks
• The MODBUS Protocol and Lack of Security
• Demonstration: MODBUS Dialog
• The DNP3 Protocol and Its Security Limitations
• The Near-Universal Trend to Ethernet-Based Networks
• Network Management Systems

Encryption

• Starting With a Secure Physical Environment
• Traditional Purpose of Assuring Privacy is a Minor Issue
• Traditional Symmetric Key Cryptography
• Public Key Cryptography and RSA
• Protecting Field Networks From Intrusion With Encryption

Firewalls and Perimeter Security

• Firewall Design Objectives
• Survey of Firewall Types
• Network Address Translation
• Creating and Populating a SCADA DMZ
• Field-Level Firewalls in the SCADA Network

Access Control and Authorization: Managing Users

• Limitations of User ID's and Passwords
• Multi-Factor Authentication Methods
• Microsoft's Active Directory Services
• RADIUS, TACACS and Diameter Authentication Services

Intrusion Detection and Prevention

• NIDS Principles and Features
• Deployment Scenarios
• Packet Signature and Traffic Pattern Analysis
• Strategies For Dealing With The Volumes of Data

Wireless Security Issues

• Wireless Technology Offers Compelling Advantages
• Early Misadventures With Wireless Security
• Private Point-to-Point Wireless Services
• Cellular/Mobile Data Networks; Benefits and Risks

Creating and Documenting A Security Solution

• Essential Elements of a Secure Environment
• Promoting User Awareness
• Elements of an Effective Security Policy
• Defining a Model for Internet Access

10 Essential Steps to Improving SCADA Security

• Appendices
• Glossary of Terminology
• Suggestions For Further Reading
• General Index

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0