Industrial Cyber Security Controls From Iec62443 For Ics/Ot

IEC 62443 Standard, and implementation in the industrial control system (ICS). Technical controls, Levels & assessme.

What you'll learn
Industrial Cybersecurity Details as per 62443
Authentication and Authorization for ICS/OT
IEC 62443 Understanding
Understanding and Application in Industry
Cybersecurity controls for Oil& Gas, Power industry, Manufacturing etc.
Cybersecurity controls related to A&A
Dual factor Authentication
Network Firewalls, Host Firewall
Password Management
Biometric Authentication
Physical Token Authentication
Firewalls : Host & Network
Zones, Conduits and Security Levels
Requirements
Basic Industrial Software Knowledge Like DCS/SCADA/PLC/RTU etc
No programming knowledge required
Basic understanding of ICS/OT environment
No prior experience required
Description
Safeguarding critical infrastructures like Power plants, Oil & Gas industry, Wind power, Manufacturing, Food processing etc., all are now integrated with It technologies and some of them are connected to the internet as well. This convergence of IT and OT is increasing changes of being exposed or increased attack surface. Hence cybersecurity requirement for OT/ICS industry is prime concern now. Most of the industries are now implementing these measures and mitigating risks.ICS systems comprises of SCADA, DCS, PLC and many more proprietary systems and protocols, designing a cybersecurity solution for these system needs understanding of both OT related applications and IT related controls which can fit into these environments.In this course we will learn about 62443 standard and technical controls which can be implemented in the ICS environment. What are the controls and how that can be implemented, what could be probable weakness and what does industry assessment says about those prescribed cybersecurity controls.At the end of course learner will have understanding of the type of cybersecurity controls for authentication and authorization, Network security, in the Industrial environment, like dual factor authentications, smart cards etc. These are based on guidelines hence in the upcoming courses learner will understand the required cybersecurity controls for the critical infrastructure.

Overview

Section 1: IEC 62443 Basic Introduction

Lecture 1 Introduction About IEC

Lecture 2 Security Levels (SL0 to SL5)

Lecture 3 Levels of Control System (Contextual Model (L0-L4)

Lecture 4 Maturity Levels

Lecture 5 Security Level types: Target, Achieved and Capability

Lecture 6 Zone & Conduits

Lecture 7 Foundational requirements

Section 2: Foundational Requirements

Lecture 8 Identification and Authentication

Lecture 9 Use Control

Lecture 10 System Integrity

Lecture 11 Data Confidentiality

Lecture 12 Restricted Data flow

Lecture 13 Timely response to events

Lecture 14 Resource Availability

Section 3: Authentication & Authorization Technologies

Lecture 15 Authentication & Authorization Briefing

Lecture 16 Role Based Access Control

Lecture 17 Password Authentication

Lecture 18 Challenge/response Authentication

Lecture 19 Physical Token Authentication

Lecture 20 Smart Card Authentication

Lecture 21 Biometric Authentication

Lecture 22 Location Based Authentication

Lecture 23 Password Distribution & Management

Lecture 24 Device to Device Authentication

Section 4: Network Protection Technologies

Lecture 25 Network Firewalls

Lecture 26 Host Based Firewalls

Lecture 27 Virtual Local Area Networks (VLAN)

Section 5: Encryption Technologies and Data Validation

Lecture 28 Virtual Private Networks (VPN)

Lecture 29 Symmetric Key Encryption

Lecture 30 Public Key Encryption

Section 6: Management, Audit, Measurement, Monitoring and Detection Tools

Lecture 31 Log Auditing Utilities

Lecture 32 Virus and Malicious Code Detection

Lecture 33 Intrusion Detection Systems

Section 7: Zones, Conduits and Risk Assessments

Lecture 34 How to implement

Lecture 35 Flowchart for Risk Assessment

Lecture 36 ZCR 1: Identification of SuC

Lecture 37 ZCR 2: High Level Risk Assessment

Lecture 38 ZCR 3 : Partition of SuC in zones and conduits

Lecture 39 ZCR 4: Detailed Risk Assessment

Lecture 40 ZCR 5: Document Cybersecurity requirements, assumptions and constraints

Section 8: Cybersecurity Requirements & Techniques-Use Case

Lecture 41 Security Level 1

Lecture 42 Security Level 2

Lecture 43 Security Level 3

Control engineers, integrators, and architects who design or implement OT systems,System administrators, engineers, and other information technology (IT) professionals who administer, patch, or secure OT systems,Security consultants who perform security assessments and penetration testing of OT systems,Cybersecurity managers who are responsible for OT systems,Vendors that are developing products that will be deployed as part of an OT system