The second phase in the Industrial Systems Cybersecurity Lifecycle (IACS – defined in ISA/IEC-62443-1-1) focuses on activities associated with the design and implementation of cybersecurity countermeasures. This involves the selection of appropriate countermeasures based on their security-level capability and the nature of the threats and vulnerabilities identified in the assessment phase.
This phase also includes conducting cybersecurity tests for the acceptance of the integrated solution, to validate that the countermeasures are implemented correctly and that the industrial system under consideration has reached the required level of security.
The IC34 course will provide students with the information and skills to select and apply counter-cybersecurity measures for new or existing industrial systems (IACS) to achieve the level of security required and assigned to each zone and conduit. In addition, participants will learn how to develop and execute test plans to verify that the cybersecurity of the integrated solution has adequately met the objectives of the cybersecurity requirements specification.
Main objective of the course
Once the results of the evaluation of industrial cybernetic risks have been obtained, users must use them as requirements for the redesign of existing systems or the design of new systems. The results of the risk assessment are converted into design requirements. Each control system and each industrial plant is unique, and therefore there will not be a single way to meet these requirements. Before introducing changes in the control systems, these must be duly reviewed and approved.
Once the existing systems redesign activity is complete, all changes must be incorporated into the system, plant, and organization appropriately, without jeopardizing the current operation of the plant. Similarly, when working with new systems, the engineering, and construction processes must ensure that ultimately all design requirements are satisfactorily met. To achieve these goals without errors, proper and consistent engineering processes are necessary.
Finally, verification and validation mechanisms must be executed to verify that all changes and design requirements, resulting from the risk assessment, are finally achieved. If not, the risks will be unmitigated and even defects in the system can have even greater consequences. Factory acceptance tests (FAT) and plant acceptance tests (SAT) to verify that the systems comply with the cybersecurity requirements will be essential to have the certainty and peace of mind that the risks have been mitigated.
Para la audiencia de habla hispana (y portuguesa) el material de estudio se dispone en idioma inglés. La evaluación de certificación profesional se encuentra disponible únicamente en idioma inglés, al igual que la serie de normas ISA/IEC-62443. La traducción de las normas no está aprobada ni autorizada por el Comité ISA99.
With the 2134 course, you will be in a position to
- Interpret the results of an ICS cybersecurity risk assessment
- Develop a Cybersecurity Requirements Specification (CSRS)
- Develop an information-based conceptual design in a well-crafted CSRS
- Explain the security development lifecycle process and outcomes
- Perform a basic firewall configuration and commissioning
- Design secure remote access solution
- Develop specifications, system hardening
- Implement a core intrusion detection system network
- Develop a Cybersecurity Acceptance Test Plan (CFAT/CSAT)
- Perform a basic CFAT or CSAT
The following topics will be covered
- Introduction to the ICS Cybersecurity Lifecycle
- Evaluation phase
- Implementation phase
- Maintenance phase
- Conceptual design of processes
- Interpretation of risk assessment results
- Cybersecurity Requirements Specifications
- The development of a conceptual design
- Conceptual Design Specification
- Detailed design process
- Security Development Lifecycle (SDL)
- Types of technology
- Selecting the appropriate technology
- Developing a detailed design
- Document the design/specification
- Design and implementation of examples
- Example Firewall Design
- Remote Access Design Example
- Hardening design example system
- Intrusion detection design example
- Tests
- The development of test plans
- Factory acceptance tests cybersecurity
- On-site acceptance testing cybersecurity
Practical exercises to be done in class
- Develop a physical security and cybersecurity plan
- Configure an Edge Firewall
- Configure an ICS Firewall
- Install and use SNORT!
- Configure Windows Local Objects Group Policy
- Install MS Security Compliance Manager (SCM)
- ICS Device Hardening Behavior
- Network hardening behavior
- Use a domain controller
- Set up a VPN connection
- Security Configuration Audit
- Perform system robustness test
Requirements
- Have completed and passed the IC32 Course.
To take the certification exam 3 “ISA/IEC-62443 Cybersecurity Design Specialist” the participant must have passed the certification exam 2 “ISA/IEC-62443 Cybersecurity Risk Assessment Specialist”.
Deliverables
Participants will receive in the class (face-to-face) at home (virtual) access to the following materials. Optional printed material may be provided at an additional cost.
- Access to course material for two years.
- ISA/IEC-62443 standards used in the course.
- Educational campus to download complementary information and software.
- Laboratory workshops.
- Eligibility to obtain the official certificate. (Requires 100% assistance).
Certification N° 3 “ISA/IEC-62443 Cybersecurity Design Specialist”
- CRE Credits: 2,1
- CEU Credits: 2.1 (Awarded by ISA)
- The Exam to obtain the professional certification is taken separately, with a maximum period of up to 6 months of completion of the course. Presently, the exam is taken only in English Language.
- UPDATED: The SCANTRON professional certification exam is included in the price for a single opportunity. You can add as many opportunities as you need within 6 months of finishing the course, paying the additional Fee of USD 150,- for each new opportunity.
Recognitions
All participants who meet the course requirements and who successfully pass the final exam with a good grade will be awarded a Digital Badge. The digital badge certifies that the participant has attended the 2134 training course and has taken the final evaluation test with a good grade, verifying that said participant has assimilated the new knowledge reasonably.
Professional certificate of international recognition
All participants, who have successfully completed 100% of the objectives of the IC34 course, will be able to take the IC34 CyberSecurity Design Specialist international validity certification exam in the authorized dependencies. Students who have successfully completed the course will have multiple opportunities over a maximum period of 6 months to take the exam and thus obtain their professional certification. The professional certification exam is of the multiple choice type and is developed only in English. Therefore, participants are required to have good command of the written technical English language.
The main objectives of ISA training is to make sure that the audience understands and interprets the requirements of the ISA/IEC-62443 series of standards correctly and what needs to be done.
While the exercises and products used in the lab helps to understand the concepts, it is not within the objectives of ISA to recommend any specific solution or to show how to comply with the multiple requirements.