Version of this course‎: 1.1
This course (for internal exclusive use of WisePlant only) is intended for product suppliers who want to build products conforming to 62443 standards and meet ISASecure certification requirements. It is also intended for conformance/certification assessors of software development process, and system/component products who need to understand the ISASecure certification programs and the ISA/IEC 62443 standards on which it is based. This training will fulfill some aspects of accreditation requirements for certification bodies around personnel qualifications.
IACS conformance/certification assessors can be either independent or employed by a certification and assessment body, and include:
- IT cybersecurity auditors transitioning to IACS cybersecurity certifications and assessments
- IACS engineers transitioning to IACS cybersecurity certifications and assessments
IACS product supplier roles can include:
- Product managers
- Process development engineers and internal auditors
- System and component product architects
- Product development engineers (hardware, software)
The course will focus on the knowledge necessary to assess the security development lifecycle of a Product Supplier and the IACS products that are developed and maintained using this development process.
You will cover:
The course consists of the following main topics and subtopics:
- IACS fundamentals
- Overview of the ISA/IEC 62443 Series
- Key concepts in the ISA/IEC 62443 Series
- Part 2-3 Patch management in the IACS environment
- Part 3-2 Security risk assessment for system design
- Part 3-3 IACS system security requirements and security levels
- Part 4-1 IACS product security development lifecycle requirements
- Part 4-2 Technical security requirements for IACS components
- ISASecure product certification
Lab and Classroom Exercises
- Security Development Lifecycle assessment exercise
- Control System product assessment exercise
- Pre- and post-student surveys
Course Prerequisites
Knowledge
- Knowledge of computers, software development, and networking technologies
- Basic knowledge of software development and delivery process
- Knowledge of cybersecurity in organizational or technical product domain
Experience
- IT Auditor experience or certification (e.g., CISA), or
- IACS design and implementation experience, or
- IACS product supplier experience
The main objectives of ISA training is to make sure that the audience understands and interprets the requirements of the ISA/IEC-62443 series of standards correctly and what needs to be done.
While the exercises and products used in the lab helps to understand the concepts, it is not within the objectives of ISA to recommend any specific solution or to show how to comply with the multiple requirements.
+1
enrolled
Course Includes
- 3 Lessons
- 7 Topics
