SCADA and industrial
networks operate
as vital supporting
infrastructure
to critical applications
and processes.
Their secure,
safe, continued
availability is
not negotiable.
This short course
identifies challenges
and defines solutions,
so that the operational
integrity of these
mission-critical
networked services
can be confidently
assured.
Thus, the objective
of this course
is to familiarize
SCADA personnel
with the security
issues they need
to be aware of
and provide detailed
knowledge of security
threats and recognized
solutions. Further,
it provides students
with the tools
to assess and
mitigate security
vulnerabilities
-- and appreciate
the ways in which
IT-oriented security
measures will
help, and understand
where unique-to-SCADA
approaches are
necessary.
The course is
suitable for SCADA
professionals
(managers, planners,
support personnel),
instrumentation
personnel, IT-
professionals
and SCADA vendors/designers.
Very little is
assumed about
existing security
knowledge, but
delegates should
have a working
understanding
of SCADA and industrial
networking technologies.
For beginners,
we recommend our
SCADA
and Industrial
Networks; Fundamentals,
Principles and
Emerging Trends
course prior to
this course.
Each delegate
receives a permanent,
comprehensive
workbook that
is much more than
a set of lecture
notes.
These workbook
manuals include:
- A thorough,
descriptive
text format,
designed to
be a highly
readable, valuable
reference on
the job.
- A text-book
style Subject
Index and a
comprehensive
Table of Contents,
consistent with
enabling effective
reference access
to content details.
- A thorough,
highly readable
subject-specific
glossary that
provides detailed
descriptive
treatment of
key items of
terminology.
This course is
presented as a
workshop program
with a series
of scada security
analysis and design
activities. Delegates
will have opportunity
to develop concepts
and interact with
others in creating
strategies to
support and maintain
state-of-the-art
industrial network
security. If the
hands-on activity
is impractical
due to lack of
computers, students
will be guided
through an in-class
demonstration
of the workshop
elements, and
be left with software
to complete the
hands-on part
of the course
on their own time.
(i) Introduction
Security Challenges
are Universal
Increased Vulnerability
Due To Open Systems
Trend
Increased Vulnerability
From Motivated,
Knowledgeable
Attackers
Some Documented
SCADA Security
Failure Incidents
(ii) Open
Systems Issues
Push The Agenda
Protocols of the
Internet Architecture
Ethernet and Other
IT-derived Networks
Fieldbus Standards
IEC Standards
Ethernet/IP and
CIP
Computer Operating
Systems; Windows
and Unix/Linux
(iii)
Points of Vulnerability
The IT Infrastructure
Leased Infrastructure;
Frame Relay and
Other Services
The Sensor/Fieldbus
Networks
Wireless LAN Systems
Rogue (Undocumented)
Dial and Wireless
Links
Infected/Compromised
Portable Equipment
Network Management
Systems
(iv)
SCADA Network
Protocols
Features Common
to Most SCADA
Networks
The MODBUS Protocol
and Lack of Security
Demonstration:
MODBUS Dialog
The DNP3 Protocol
and Its Security
Limitations
The Near-Universal
Trend to Ethernet-Based
Networks
Network Management
Systems
(v) Encryption
Starting With
a Secure Physical
Environment
Traditional Purpose
of Assuring Privacy
is a Minor Issue
Traditional Symmetric
Key Cryptography
Public Key Cryptography
and RSA
Protecting Field
Networks From
Intrusion With
Encryption
(vi) Firewalls
and Perimeter
Security
Firewall Design
Objectives
Survey of Firewall
Types
Network Address
Translation
Creating and Populating
a SCADA DMZ
Field-Level Firewalls
in the SCADA Network
(vii)
Access Control
and Authorization:
Managing Users
Limitations of
User ID's and
Passwords
Multi-Factor Authentication
Methods
Microsoft's Active
Directory Services
RADIUS, TACACS
and Diameter Authentication
Services
(viii)
Intrusion Detection
and Prevention
NIDS Principles
and Features
Deployment Scenarios
Packet Signature
and Traffic Pattern
Analysis
Strategies For
Dealing With The
Volumes of Data
(ix) Wireless
Security Issues
Wireless
Technology Offers
Compelling Advantages
Early Misadventures
With Wireless
Security
TKIP and the WPA/IEEE
802.11i Supplemental
Standard
Private Point-to-Point
Wireless Services
Cellular/Mobile
Data Networks;
Benefits and Risks
(x) Creating
and Documenting
A Security Solution
Essential Elements
of a Secure Environment
Promoting User
Awareness
Elements of an
Effective Security
Policy
Defining a Model
for Internet Access
10 Essential Steps
to Improving SCADA
Security
Appendices
Glossary
of Terminology
Suggestions For
Further Reading
General
Index
Click
here to return
to our catalog
page
|