Open to access this content

Open to access this content

Open to access this content

Open to access this content

Open to access this content

Open to access this content

Open to access this content

‎A detailed overview of how ISA/IEC-62443 (formerly ISA 99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between security for traditional IT environments and appropriate solutions for SCADA or plant environments. The course explores the movement towards using open standards such as Ethernet, TCP/IP and web technologies in SCADA and process control networks that have begun to expose these systems to the same cyberattacks that have wreaked so much havoc on global government and businesses. Information systems.‎

‎A detailed overview of how ISA/IEC-62443 (formerly ISA 99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between security for traditional IT environments and appropriate solutions for SCADA or plant environments. The course explores the movement towards using open standards such as Ethernet, TCP/IP and web technologies in SCADA and process control networks that have begun to expose these systems to the same cyberattacks that have wreaked so much havoc on global government and businesses. Information systems.‎

‎A detailed overview of how ISA/IEC-62443 (formerly ISA 99) standards can be used to protect your critical control systems. It also explores the procedural and technical differences between security for traditional IT environments and appropriate solutions for SCADA or plant environments. The course explores the movement towards using open standards such as Ethernet, TCP/IP and web technologies in SCADA and process control networks that have begun to expose these systems to the same cyberattacks that have wreaked so much havoc on global government and businesses. Information systems.‎

‎The first phase in the Industrial Systems Cybersecurity (IACS – defined in ‎‎ISA‎‎/IEC-62443-1-1) lifecycle consists of identifying and documenting industrial assets (IACS) and performing a cybersecurity vulnerability analysis and risk assessment to identify and understand high-risk vulnerabilities that require mitigation. For ‎‎ISA‎‎/IEC-62443-2-1 these assessments must be performed on both existing (Brownfield) and new (Greenfield) applications. Part of the assessment process involves developing a zone and conduit model of the systems under consideration, identifying security level objectives, and documenting cybersecurity requirements into a cybersecurity requirements specification (‎‎CSRS‎‎).‎

‎The first phase in the Industrial Systems Cybersecurity (IACS – defined in ‎‎ISA‎‎/IEC-62443-1-1) lifecycle consists of identifying and documenting industrial assets (IACS) and performing a cybersecurity vulnerability analysis and risk assessment to identify and understand high-risk vulnerabilities that require mitigation. For ‎‎ISA‎‎/IEC-62443-2-1 these assessments must be performed on both existing (Brownfield) and new (Greenfield) applications. Part of the assessment process involves developing a zone and conduit model of the systems under consideration, identifying security level objectives, and documenting cybersecurity requirements into a cybersecurity requirements specification (‎‎CSRS‎‎).‎

‎The second phase in the Industrial Systems Cybersecurity Lifecycle (IACS – defined in ISA/IEC-62443-1-1) focuses on activities associated with the design and implementation of cybersecurity countermeasures. This involves the selection of appropriate countermeasures based on their security-level capability and the nature of the threats and vulnerabilities identified in the assessment phase. This phase also includes conducting cybersecurity tests for the acceptance of the integrated solution, to validate that the countermeasures are implemented correctly and that the industrial system under consideration has reached the required level of security.‎

‎The second phase in the Industrial Systems Cybersecurity Lifecycle (IACS – defined in ISA/IEC-62443-1-1) focuses on activities associated with the design and implementation of cybersecurity countermeasures. This involves the selection of appropriate countermeasures based on their security-level capability and the nature of the threats and vulnerabilities identified in the assessment phase. This phase also includes conducting cybersecurity tests for the acceptance of the integrated solution, to validate that the countermeasures are implemented correctly and that the industrial system under consideration has reached the required level of security.‎

Open to access this content

As the ISA/IEC 62443 series of standards for the security of Industrial Automation and Control Systems (IACS) grow in popularity and usage several certification and assessment programs have been established, for example ISASecure. There is a need for training programs because there is a lack of understanding of 62443 standards in the product supplier community and a shortage of assessors with the requisite knowledge to perform certifications and assessments. This course is intended to train product suppliers in how to design, develop and support IACS products, and assessors in how to certify and assess IACS products and security development lifecycles using the ISA/IEC 62443 series of standards.

Many manufacturing firms have made significant investments in flexible shop-floor execution systems and in sophisticated enterprise planning (ERP) systems. Those investments, however, cannot yield their full potential until each has access to the information and capabilities of the other. The ANSI/ISA95 standard addresses that coordination problem by providing a sound, robust definition of business activities and of the information that must flow between those two realms. This course also teaches the terminology used in Information Technology (IT) departments so that manufacturing and IT personnel can effectively work together on integration projects.