Planowane są dwa warsztaty, które odbędą się przed InfraSEC Forum.

Liczba uczestników na każdych warsztatach jest ograniczona do 20 osób! Decyduje kolejność zgłoszeń. 

W warsztatach nie mogą uczestniczyć przedstawiciele branży ICT oraz firm konsultingowych.

 

 

Warsztaty I, 3-4 lutego: SCADA & ICS Cyber Security Workshops*

Warsztaty II, 4 lutego: Pasywna identyfikacja ataków na infrastrukturę przemysłową w praktyce

*Warsztaty prowadzone w języku angielskim. Organizator nie przwiduje tłumaczenia

SCADA & ICS Cyber Security Workshops

Dates

Two-days workshops, 3-4 February, 8.30 – 17.30

Overview

Reliable and safe operation of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems are considered critical for a broad range of industries supporting the wellbeing on a national level.

The growing convergence of IT and ICS networks, long-time separated domains, calls for a special attention and adoption of ICS-oriented best practices.

That being said, these functionalities can be jeopardised internally by an incentivised individual, or through remote access by a hostile organization; Hence appropriate preventive measures should be taken to mitigate these breaches and minimize possible damages.

Target Audience

The proposed training workshop is aimed to empower the competency of a wide range of position holders in the SCADA/ICS arena. Graduates of this course will master the key terms, technologies, and vector activities related to the computerised control which they operate. The training program is suitable for the following groups:

  • IT personnel who need to know more on SCADA/ICS risks and defence technologies in order to assure better collaboration among these teams
  • SCADA/ICS engineers involved with design, maintenance of critical manufacturing (food, medicine, chemical processes, etc.
  • Operators dealing with control of renewable and other electric power technology plants, sewage plants, desalination and other chemical process plants
  • A broad range of managers interested in upgrading their technical knowledge and to be able to make correct and cost-effective investment decisions
  • Upon completion of this training workshop, graduates should be able to better defend their critical infrastructures and comprehend the mechanism behind it. Also, it will prepare you to apply for certification classes such as CISA and CISSP.

Materials

All students will receive a printed brochure with all the presented slides.

EXTRA

Each participating students will receive a 1/2  hour phone consulting or consulting via email with the trainer.

FACILITATOR

Daniel Ehrenreich

Consultant, Secure Communication and Control Experts (SCCE)

The trainer speaks very clear and easy to understand English language

BEST PRACTICES WORKSHOP

The two days are suitable to a broad range of technical and C-level positions in the OT & IT domains and includes provision of training material and Certificate of Attendance.

The class is suitable for people, coming from or interested in entering typical SCADA industries:

  • Water and sewage
  • Power plant
  • Power distribution
  • Oil and Gas
  • Manufacturing
  • Chemical plants
  • Public safety
  • Transportation
  • Smart Cities
  • Public communication networks

Agenda - Day 1 (Intermediate), 3.02.2020

8.00 - 8.30

Registration

8.30 - 12.30

Part 1: Introduction to ICS Technologies

  • Introduction to ICS (SCADA, OT) architecture
  • Roles of the main computers in ICS Architecture
  • Description of the Triangle and the Purdue ICS models
  • Field Control units PLC, RTU, IED and Remote I/Os
  • Structuring an ICS Cabinet with I/O technologies
  • Complementing Sensors and Field Control Devices
  • ICS Data communications; networks and protocols
  • PLC / RTU Configuration and Programming principles

12.30 - 13.30

Lunch

13.30 - 17.30

Part 2: SCADA/ICS Cyber Security Basics

  • ICS and IT systems differences related to cyber risks
  • Introduction to SCADA system Security Vulnerabilities
  • Cyber risk development through Social Engineering
  • Introduction to IAM, encryption and authentication
  • Defence achieved by PPT: People-Policy-Technology
  • External & Internal attacks: MitM, DOS, DDoS, GPS
  • Defence solutions: Zoning FW, IDS, SIEM, DMZ, UGW
  • Defence achieved by PPT: People-Policy-Technology

17.30 - 17.40

The end of the first day of the workshops

Agenda - Day 2 (Advanced), 4.02.2020

8.30 - 12.30

Part 1 SCADA/ICS Cyber security vulnerabilities

  • Introduction to ICS (SCADA, OT) and HMI Solutions
  • Field Control units PLC, RTU, IED and Remote I/Os
  • Use of IoT and IIoT for ICS Installations
  • Introduction to Authentication and Encryption
  • Introduction to SCADA system Security Vulnerabilities
  • Connection between Safety and Cyber Security
  • ICS and IT systems differences related to cyber risks
  • Experience Sharing: Vulnerability Assessment vs White Hackers
    • Why you need both

13.30 - 17.30

Part 2: ICS Cyber Security Risk and Defence methodologies

  • External & Internal attacks: MitM, DOS, DDoS, GPS
  • Industrial Cyber Kill Chain attack step-by step process
  • Communications and Process Anomaly detection using packet’s inspection
  • Firewalls, IDS, SIEM, DMZ, UGW, Visibility Analysis
  • Best practices to enhance ICS-IIoT Cyber defence
  • Periodic assessment to enhance ICS Cyber security
  • Standalone Vs Multi-Purpose Cyber Security SW:
    • Determining Cost vs Effectiveness
  • Applicable standards: NERC-CIP, IEC 62443, NIST 800-82

17.30 - 17.40

The end of the second day of workshops

Pasywna identyfikacja ataków na infrastrukturę przemysłową w praktyce

Czas trwania

Warsztaty całodniowe w godz. 9.00 – 17.00

Opis

Warsztaty prowadzone będą na realnym środowisku laboratoryjnym odwzorowującym instalację przemysłową.

Prowadzący

Wojciech Kubiak

ICT Security Director, PKP Energetyka

Agenda

8.30 - 9.00

Rejestracja uczestników i poranna kawa

9.00 - 12.30

Część 1: Strategia implementacji rozwiązań klasy IDS (ang. Intrusion Detection System) w sieciach przemysłowych.

12.30 - 13.30

Lunch

13.30 - 16.30

Część 2: Implementacja reguł wykrywania zdarzeń dla wybranych scenariuszy ataków w oparciu o rozwiązanie SCADVANCE

16.30 - 17.00

Zakończenie warsztatów