IC34 EN 2v00 – Design and Implementation of Cybersecurity in New and Existing Industrial Systems.

The second phase in the IACS Cybersecurity Lifecycle (defined in ISA/IEC 62443-1-1) focuses on the activities associated with the design and implementation of IACS cybersecurity countermeasures. This involves the selection of appropriate countermeasures based upon their security level capability and the nature of the threats and vulnerabilities identified in the Assess phase. This phase also includes cybersecurity acceptance testing of the integrated solution, to validate countermeasures are properly implemented and that the IACS has achieved the target security level. This course will provide students with the information and skills to select and implement cybersecurity countermeasures for a new or existing IACS to achieve the target security level assigned to each IACS zone or conduit. Additionally, students will learn how to develop and execute test plans to verify that the cybersecurity of an IACS solution has properly satisfied the objectives in the cybersecurity requirements specification.
· March 8, 2023

‎Version of this course‎: 2.0

The version of this training course has been superseded by the new version 3.0. The material in this version is only available for previous students to study and review purposes only. The lab exercise and final evaluation have been intentionally removed.

You will be able to:

  • Interpret the results of an ICS cybersecurity risk assessment
  • Develop a cybersecurity requirements specification (CRS)
  • Develop a conceptual design based upon information in a well-crafted CRS
  • Explain the security development lifecycle process and deliverables
  • Perform a basic firewall configuration and commissioning
  • Design secure remote access solution
  • Develop system hardening specification
  • Implement a basic network intrusion detection system
  • Develop a Cybersecurity Acceptance test plan (CFAT/CSAT)
  • Perform a basic CFAT or CSAT

You Will Cover:

  • Introduction to the ICS Cybersecurity Lifecycle
    • Assessment phase
    • Implementation phase
    • Maintenance phase
  • Conceptual Design Process
    • Interpreting risk assessment results
    • Cybersecurity requirements specifications
    • Developing a conceptual design
    • Conceptual design specification
  • Detailed Design Process
    • Security Development Lifecycle (SDL)
    • Types of technology
    • Selecting appropriate technology
    • Developing a detailed design
    • Documenting the design/specification
  • Design & Implementation Examples
    • Firewall design example
    • Remote access design example
    • System hardening design example
    • Intrusion detection design example
  • Testing
    • Developing test plans
    • Cybersecurity Factory Acceptance Testing
    • Cybersecurity Site Acceptance Testing

Classroom/Laboratory Exercises:

  • Network and Packet Analysis
  • Firewalls and DMZ
  • Network Device Hardening
  • Define Policies and Procedures
  • Remote Access
  • Using Part 62443-3-3 to validate SL-A

Who Should Attend:

  • Control systems engineers and managers
  • System Integrators
  • IT engineers and managers of industrial facilities
  • Plant managers
  • Plant Safety and Risk Management

Recommended Pre-Requisites:

ISA Courses IC32 and IC33 or equivalent knowledge/experience.

The main objectives of ISA training is to make sure that the audience understands and interprets the requirements of the ISA/IEC-62443 series of standards correctly and what needs to be done.

While the exercises and products used in the lab helps to understand the concepts, it is not within the objectives of ISA to recommend any specific solution or to show how to comply with the multiple requirements.

+20 enrolled
Not Enrolled
This course is currently closed

Course Includes

  • 8 Lessons
  • 1 Quiz
  • Course Certificate
Click to access the login or register cheese