Industrial Cyber Security Controls From Iec62443 For Ics/Ot

IEC 62443 Standard, and implementation in the industrial control system (ICS). Technical controls, Levels & assessment.

What you'll learn
Details of IEC 62443 standard
Authentication and Authorization controls
Cybersecurity Controls for ICS/OT
Controls: DFA, Firewalls, VPN, PKI
Controls: Password, Biometric, Token
Zones, Conduits and Security Levels
Foundational requirements
Log management
High/Low level Risk assessment
Industrial use case for SL1-SL3
Requirements
Basic industrial knowledge of DCS/SCADA/PLC
No programming knowledge required
Basic understanding of ICS/OT environment
Prior experience required in ICS
Architecture awareness of OT systems
Description
Safeguarding critical infrastructures like Power plants, Oil & Gas industry, Wind power, Manufacturing, Food processing, etc., all are now integrated with IT technologies and some of them are connected to the internet as well. This convergence of IT and OT is increasing changes of being exposed or increased attack surface. Hence cybersecurity requirement for OT/ICS industry is a prime concern now. Most industries are now implementing these measures and mitigating risks.ICS systems comprise SCADA, DCS, PLC, and many more proprietary systems and protocols, designing a cybersecurity solution for these systems need the understanding of both OT-related applications and IT-related controls which can fit into these environments.In this course, we will learn about 62443 standard and technical controls which can be implemented in the ICS environment. Some controls can be implemented, what could be a probable weakness, and what does industry assessment says about those prescribed cybersecurity controls as per 62443-3-3. This course also covers risk assessment based on 62443-3-2 for high-level and detailed risk assessment. Industry uses case for zoning, segmentation is also explained in the course to make it easier to understand.These are based on guidelines hence in the upcoming courses learner will understand the required cybersecurity controls for critical infrastructure.

Overview

Section 1: IEC 62443 Basic Introduction

Lecture 1 Introduction About Course

Lecture 2 Key IACS Roles

Lecture 3 IEC 62443 Brief Overview

Lecture 4 Security Levels (SL0 to SL5)

Lecture 5 Levels of Control System (Contextual Model (L0-L4)

Lecture 6 Maturity Levels

Lecture 7 Security Level types: Target, Achieved and Capability

Lecture 8 Zone & Conduits

Lecture 9 Foundational requirements

Section 2: Foundational Requirements from 62443-3-3

Lecture 10 FR 1-Identification and Authentication

Lecture 11 FR 2-Use Control

Lecture 12 FR 3-System Integrity

Lecture 13 FR 4-Data Confidentiality

Lecture 14 FR 5-Restricted Data flow

Lecture 15 FR 6-Timely response to events

Lecture 16 FR 7-Resource Availability

Section 3: Foundational Requirements from 62443-4-2

Lecture 17 FR 1 - Identification and Authentication Control

Lecture 18 Detailed Use Case Study for FR1

Lecture 19 FR 2 -Use Control

Lecture 20 Detailed Use Case Study for FR2

Lecture 21 FR 3-System Integrity

Lecture 22 Detailed Use Case Study FR-3

Lecture 23 FR 4-Data Confidentiality

Lecture 24 Detailed Use Case Study FR-4

Lecture 25 FR 5-Restricted Data flow

Lecture 26 Detailed Use Case Study FR-5

Lecture 27 FR 6-Timely response to events

Lecture 28 Detailed Use Case Study FR-6

Lecture 29 FR 7-Resource Availability

Lecture 30 Detailed Use Case Study FR-7

Section 4: Authentication & Authorization Technologies- 62443-3-1

Lecture 31 Authentication & Authorization Briefing

Lecture 32 Role Based Access Control

Lecture 33 Password Authentication

Lecture 34 Challenge/response Authentication

Lecture 35 Physical Token Authentication

Lecture 36 Smart Card Authentication

Lecture 37 Biometric Authentication

Lecture 38 Location Based Authentication

Lecture 39 Password Distribution & Management

Lecture 40 Device to Device Authentication

Section 5: Network Protection Technologies

Lecture 41 Network Firewalls

Lecture 42 Host Based Firewalls

Lecture 43 Virtual Local Area Networks (VLAN)

Section 6: Encryption Technologies and Data Validation

Lecture 44 Virtual Private Networks (VPN)

Lecture 45 Symmetric Key Encryption

Lecture 46 Public Key Encryption

Section 7: Management, Audit, Measurement, Monitoring and Detection Tools

Lecture 47 Log Auditing Utilities

Lecture 48 Virus and Malicious Code Detection

Lecture 49 Intrusion Detection Systems

Section 8: Zones, Conduits and Risk Assessments -62443-3-2

Lecture 50 How to implement

Lecture 51 Flowchart for Risk Assessment

Lecture 52 ZCR 1: Identification of SuC

Lecture 53 ZCR 2: High Level Risk Assessment

Lecture 54 ZCR 3 : Partition of SuC in zones and conduits

Lecture 55 ZCR 4: Detailed Risk Assessment

Lecture 56 ZCR 5: Document Cybersecurity requirements, assumptions and constraints

Section 9: Cybersecurity Requirements & Techniques-Use Case

Lecture 57 Security Level 1

Lecture 58 Security Level 2

Lecture 59 Security Level 3

Lecture 60 Use case for Industrial Firewall

Lecture 61 About availability of 62443 Standards

Control engineers, integrators, and architects who design or implement OT systems,System administrators, engineers, and other information technology (IT) professionals who administer, patch, or secure OT systems,Security consultants who perform security assessments and penetration testing of OT systems,Cybersecurity managers who are responsible for OT systems,Vendors that are developing products that will be deployed as part of an OT system