Course 1450: Advanced SCADA (Level II)

This course provides advanced SCADA technical overview of the emerging trends, advanced applications, operations, management and security.

Upon completing this course, students will be able to:

• Explain the basic SCADA operations
• Explore Advanced SCADA Systems
• Review telecommunications services related to SCADA
• SCADA Network Operations and Management
• Describe SCADA security architecture
• Describe the security issues with a SCADA system
• Design a SCADA Security Policy
• Look at access control to field devices with Microsoft Active Directory
• Review interception and analyzing Modbus/TCP network traffic with a sniffer
• Understand unauthorized commands to field device
• Setup and configure a Modbus/TCP firewall
• Review SCADA security policies
• Understand Firewall architecture, DMZ, and rulebases
• Review SCADA protocol security issues
• Understand Securing field communications
• Explore user authentication technologies and integration with SCADA applications
• Review access control principles and implementation
• Look at active Directory integration with SCADA applications
• Explore how to Detect cyber attacks on SCADA systems
• Explore vulnerability scanning
• Review security patch management
• Review anti-virus protection and management
• Review SCADA security standards

Introduction to SCADA Operations and Security

• Industrial Computing Applications and SCADA Systems
• Telecommunications Services 
• Types of SCADA Networks
• SCADA Network Operations and Management
• Communications Media and Signals
• SCADA  Reliability, Redundancy and Safety
• Planning and Managing SCADA Projects
• SCADA Technical Operations'
• SCADA Project Management
•  SCADA Characteristics, Threats and Vulnerabilities
• Comparing SCADA and IT Systems
• Threats
• Potential SCADA Vulnerabilities
• Policy and Procedure Vulnerabilities
• Platform Vulnerabilities
• Network Vulnerabilities
• Risk Factors
• Standardized Protocols and Technologies
• Increased Connectivity
• Insecure and Rogue Connections
• Public Information
• Possible Incident Scenarios
• Sources of Incidents
• Documented Incidents

• Business Case for Security
• Potential Consequences
• Key Components of the Business Case
• Resources for Building Business Case
• Presenting the Business Case to Leadership
• Developing a Comprehensive Security Program

• Firewalls
• Logically Separated Control Network
• Network Segregation
• Dual-Homed Computer/Dual Network Interface Cards (NIC)
• Firewall between Corporate Network and Control Network
• Firewall and Router between Corporate Network and Control Network
• Firewall with DMZ between Corporate Network and Control Network
• Paired Firewalls between Corporate Network and Control Network
• Network Segregation Summary
• Recommended Defense-in-Depth Architecture
• General Firewall Policies for SCADA
• Recommended Firewall Rules for Specific Services
• Domain Name System (DNS)
• Hypertext Transfer Protocol (HTTP)
• FTP and Trivial File Transfer Protocol (TFTP)
• Telnet
• Simple Mail Transfer Protocol (SMTP)
• Simple Network Management Protocol (SNMP)
• Distributed Component Object Model (DCOM)
• SCADA and Industrial Protocols
• Network Address Translation (NAT )
• Specific SCADA Firewall Issues
• Data Historians
• Remote Support Access
• Multicast Traffic
• Single Points of Failure
• Redundancy and Fault Tolerance
• Preventing Man-in-the-Middle Attacks

• Management Controls
• Risk Assessment
• Planning
• System and Services Acquisition
• Certification, Accreditation, and Security Assessments
• Operational Controls
• Personnel Security
• Physical and Environmental Protection
• Contingency Planning
• Configuration Management
• Maintenance
• System and Information Integrity
• Media Protection
• Incident Response
• Awareness and Training
• Identification and Authentication
• Access Control
• Audit and Accountability
• System and Communications Protection
• Programmable Logic Controllers (PLC)
• Industrial Sectors and Their Interdependencies

Wireless Security

• Overview of Current Wireless Technologies
• 802.11, 802.15 and 802.16 Technologies
• Overview of Wireless Security
• WEP
• TKIP and the WPA/WPA2
• IEEE 802.11i
• Authentication, Encryption, and Integrity Methods
• Cellular/Mobile Interworking