Is SCADA good or bad to learn

Certified SCADA Security Engineer (CSSE)

The IT Security Act obliges operators of critical infrastructures to secure their systems with IT. The staff is often overwhelmed. Those who are familiar with IT security do not know the industrial systems and their special features. Those who know the systems are usually not IT specialists.

SCADA engineers and IT administrators each have to learn from the other. This is exactly what we created our courses for. In 5 days will be in the course Certified SCADA Security Engineer all the necessary facts are presented and discussed and you will be on the ISICS certification Certified SCADA Security Engineer (CSSE) prepared. In addition to the theoretical basics, practical exercises are also carried out that specifically show how and what to do. The participants themselves carry out, for example, attacks on systems, design a firewall scenario, assess a device vulnerability or assess (tool-controlled) an entire production network. Among other things, virtual machines are used for this.

Attack on the MODBUS protocol

SQL injection attack on an HMI web login

But we also have real hardware that can be attacked (see pictures below).

Attack on a Siemens plant

Attack on a VPN (Beckhoff)

Attack on an HMI (WindowsXP)

Attack on the IEC 60870-5-104 protocol

The course is aimed at SCADA engineers who also need to know how to secure their systems, and IT security administrators who need to know the differences between their office IT and a SCADA network. However, it is also aimed at those who are responsible for the IT security of an organization in their function. Our lecturers are proven experts who know the problems and their solutions.

The course ends with the CSSE exam.

Certified SCADA Security Engineer (CSSE)

Brief summary of the content (courses in German or English):

  1. introduction
    1. Development of SCADA systems
  2. Overview of industrial control systems
  3. ICS protocols
  4. Threats and vulnerabilities of industrial controls
  5. Attacks on SCADA
    1. Presentation of typical attack techniques
    2. Useful examples
  6. Security technology for ICS
    1. Firewall
    2. IDS
    3. Authentication server
    4. Security Information and Event Management (SIEM)
    5. Save the field level
    6. Securing remote access
  7. Security measures for ICS backup
    1. Defense-in-depth
  8. Anti-malware and patch management
  9. SCADA security standards and best practices
    1. Standards
    2. 21 typical steps
    3. IT security law
      • Industry-specific standards
  10. Pentests and IT forensics for ICS
  11. Introduction: Development and implementation of a CERT in the ICS environment
    1. Practice: using the Cyber ​​Security Evaluation Tools to determine the current security status of an ICS

Practical tasks

During the course, you will perform the following tasks, among others:

  • Attack on the Modbus protocol
  • Attack on the IEC 60870-5-104 protocol
  • Finding PLC systems via Shodan
  • Attack on a PLC
  • Brute force attack on PLC-VPN
  • Attack on a PLC web server
  • Attack on a SCADA workstation
  • Attack on an HMI via the website
  • Scanning with nmap
  • Man-in-the-middle attack on SCADA communication
  • Creation of a firewall set of rules for SCADA
  • Evaluation of ICS vulnerabilities with CVSS
  • Assessment of the security status of a small ICS with CSET.

To get the certificate CSSE The course must be completed with an online test (approx. 100 questions / 180 minutes).

Test preparation and testing take place on the last day of the course.

What's in it for you?

After the seminar, the participants will be able to recognize and correct the security problems of SCADA systems. They know the relevant procedures to further develop IT security and the basics that are necessary for ICS information security management. Whether you are a SCADA engineer or an IT employee, you know and understand each other's problems.

Current prices and the next dates can be found here.

You can find references to our events here.

Get in touch with us and find out more about our offers. We're here to help.