Technical Training

Courses Details

We will never stop improving

Cyber Security of Industrial Control System

Course Description
The use of interconnected microprocessors in industrial systems has grown exponentially over the past decade. Deployed for process control in Programmable Logic Controllers (PLC) and Distributed Control Systems (DCS) for many years, they have now moved into Intelligent Electronic Devices (IED) in applications such as substations, Motor Control Centers (MCC), and heat trace systems. The concern is that their connecting networks have grown as well, usually without much attention to the security ramifications. Intrusions, intentional and unintentional, can cause safety, environmental, production and quality problems. The need for protecting Industrial Control Systems has grown significantly over the last few years. The combination of open systems; an increase in joint ventures; alliance partners and outsourced services; growth in intelligent manufacturing equipment; increased connectivity to other equipment/software; enhanced external connectivity; along with rapidly increasing incidents of network intrusion, more intelligent hackers, and malicious software, all lead to increased threats and probability of attack. As these threats and vulnerabilities increase, so does the need for protection of Industrial and Control Systems. This intensive training course introduces several categories of electronic security technologies and discusses specific types of applications within each category, the vulnerabilities addressed by each type, suggestions for deployment, and known strengths and weaknesses, as well as some forms of mitigation for the mentioned risks. The training course provides participants with practical methods for evaluation and assessment of many current types of electronic security technologies and tools that apply to the Industrial Control Systems environment, including development, implementation, operations, maintenance, engineering and other user services. It provides guidance to manufacturers, vendors, and security practitioners at end-user companies on the technological options for securing these systems against electronic (cyber) attack.
The Training Course Will Highlight ?
Training Objective

By the end of the training, participants will be able to:

  • Apply and gain a comprehensive knowledge on security of industrial control systems including SCADA, DCS & PLC and recognize their characteristics, threats and vulnerabilities
  • Identify different ISA security standards and determine industrial control system security program development and deployment
  • Emphasize network architecture in industrial control system and list down the recommended firewall rules for specific services
  • Determine the various industrial control system security controls including management, operational & technical controls and identify the SCADA vulnerabilities & attacks
  • Employ SCADA security methods, mechanisms & techniques and explain SCADA security standards and reference documents
  • Acquire knowledge on SCADA security management implementation issues & guidelines and determine the unique characteristics & requirements of SCADA systems
  • Analyze the selected ISA technical papers of security issues including the physical protection of critical infrastructures & key assets, critical infrastructure protection, network security in the wireless age, etc.

Target Audience

This course is intended for a broad audience that includes asset owners from process, power and other critical infrastructures, control systems engineers, IT engineers, IT professionals, instrumentations engineers, instrumental & control staff, information and security officers and vendors, as well as security experts from government, industry associations and academia.

Training Methods

This interactive training course includes the following training methodologies as a percentage of the total tuition hours:-

  • 40% Lectures, Concepts, Role Play
  • 60% Workshops & Work Presentations, Techniques, Based on Case Studies & Practical   Exercises, Software & General Discussions
  • Pre and Post Test

Daily Agenda

DAY ONE:

  • Pre-Test
  • Introduction

Overview of Industrial Control Systems

  • Overview of SCADA, DCS and PLCs
  • Industrial Control System Operation
  • Key Industrial Control System Components
  • SCADA Systems
  • Distributed Control Systems
  • Programmable Logic Controllers
  • Industrial Sectors and Their Interdependencies

Industrial Control System Characteristics, Threats & Vulnerabilities

  • Comparing Industrial Control System and IT Systems
  • Threats
  • Potential Industrial Control System Vulnerabilities
  • Possible Incident Scenarios
  • Sources of Incidents
  • Documented Incidents

Recap

DAY TWO:

IT & OT

  • Main characteristic of IT systems
  • Main characteristic of OT systems
  • Main difference between IT and OT systems
  • Integration between IT and OT

Network Architecture

  • Firewalls
  • Logically Separated Control Network
  • Network Segregation
  • Recommended Defense-in-Depth Architecture
  • General Firewall Policies for Industrial Control System
  • Recommended Firewall Rules for Specific Services
  • Specific Industrial Control System Firewall Issues
  • Single Points of Failure
  • Redundancy and Fault Tolerance Preventing Man-in-the-Middle Attacks

Recap

DAY THREE:

Industrial Control System Security Controls

  • Management Controls
  • Operational Controls
  • Technical Controls

SCADA Vulnerabilities & Attacks

  • The Myth of SCADA Invulnerability
  • SCADA Risk Components
  • SCADA Threats and Attack Routes
  • SCADA Secured design

Recap

DAY FOUR:

SCADA Security Methods &Techniques

  • SCADA Security Mechanisms
  • SCADA Intrusion Detection Systems
  • Security Awareness

Industrial control systems Risk management and assessment

  • Risk management
  • Risk management process
  • Audit and assessment
  • Special consideration for doing and ICS risk assessment

Practical Sessions

  • Real-life case studies and exercises

DAY FIVE:

  • SCADA Security Management Implementation Issues & Guidelines
  • Management Impressions of SCADA Security
  • SCADA Culture
  • Unique Characteristics and Requirements of SCADA Systems
  • Guidance for Management in SCADA Security Investment

ISO 27001 standard

  • What is ISO 27001?
  • Why ISO 27001?
  • IT and Information
  • Information Security Management System ISMS
  • ISO 27001 a must have standard
  • ISO 27001 Certification process
  • ISO 27001 implementation challenges
  • The consultancy process
  • Course Conclusion
  • Post-Test and Evaluation
Accreditation

BTS Attendance certificate(s) will be issued to each participant who completed the course.

Quick Enquiry

Request Info

Download Brochure Request In house Proposal

Course Rounds : (5 -Days)


Code Date Venue Fees Register
IE146-01 13-04-2025 Dubai USD 5450
IE146-02 28-07-2025 Istanbul USD 5950
IE146-03 09-11-2025 Dubai USD 5450
Prices doesn't include VAT

UpComing Date

Details
  • Start date 13-04-2025
  • End date 17-04-2025

Venue
  • Country UAE
  • Venue Dubai

Technical Training

Related Courses

We will never stop improving

Technical Training

Get Your Best Offer

We will never stop improving

Quality Policy

 Providing services with a high quality that are satisfying the requirements
 Appling the specifications and legalizations to ensure the quality of service.
 Best utilization of resources for continually improving the business activities.

Technical Team

BTS keen to selects highly technical instructors based on professional field experience

Strengths and capabilities

Since BTS was established, it considered a training partner for world class oil & gas institution

Search For Available Course

Get in Touch

We Would Love To Hear From You!

We will never stop improving

Abu Dhabi, UAE

1st floor, Incubator Buildingو Masdar City, Abu Dhabi, UAE

00971-2-6446633

Sun to Fri 09:00 AM to 06:00 PM

info@btsconsultant.com

Contact Us anytime!

a