Intro to ICS/SCADA
Table of Contents
The Intro to ICS/SCADA program was constructed primarily for the security industry and was meant to equip participants with understanding the world of ICS. Energy companies, telecommunications, transportation, healthcare, and many other such industries are perceived as critical infrastructure for the continual maintenance of the state.
SCADA (Supervisory Control and Data Acquisition) systems are considered the “weak link” in the defense chain, for reasons you will discover throughout the training.
How to make the most of this course?
In order to succeed in the course, the following requirements must be met:
- Participation in all practical laboratories
Self-work at home between lessons;
- Repetition of materials, self-learning, performing tasks, etc …
In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
The participant will also need a good personal computer suitable for running virtual machines, with a broadband Internet connection.
- Incident responders
- Cyber forensics investigators
- Getting familiar with the Industrial Control System world
- Expand ICS knowledge in both methodologies and techniques
- ThinkCyber Level-2 Courses
During this module, participants will get an overview of the ICS/SCADA and learn the basics and structure of Industrial Control Systems.
IT vs. OT
- Types of ICS Systems
o DCS vs. SCADA
- SCADA components
o Human Machine Interface (HMI)
o Supervisory System
o Remote Terminal Units (RTUs)
o Programmable Logic Controller (PLCs)
- ICS security overview
o Basic Security Concepts
o Physical Security
o Digital Security
o ICS Lifecycle Challenges
- ICS Network Architectures
- Known ICS Protocols
o How to Approach Protocols Research
o ICS Protocol Fuzzing
The following labs are part of the actual BT222 course:
- Lab 1 Scanning for ICS
- Lab 2 Modbus
- Lab 3 Registers
- Lab 4 DNP3
- Lab 5 Honeypot
- Lab 6 ICS Simple Attacks
Real cases studies
This course is delivered in the following ways:
- Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
- In situe classroom with proctored labs and scenarios executed in our Cyberium Arena
All sessions are recorded and attendees can replay them during 30 days. All course material is electronically made available to the participant.
Hands-on / Theory MiX
The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.
This course prepares the participant to the following certification:
- CSSA (INFOSEC)
- GICSP (SANS)
As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.
BYOD – Bring Your Own Device
As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:
- Audio and Video
- 8 GB RAM
- 200 GB Disk Space
- Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)
And also a Good Headset with Mic