Hands-On Isa/Iec 62443: Securing Industrial Systems

Mastering OT Cyber Security, Risk Management, Threat modeling and ISA/IEC 62443 Series of Standards

What you'll learn

OT (Operational Technology) security - why is it different than IT (Information technology)?

Threat modeling in OT

OT security requirements

Risk management in OT

IEC 62443 standard. Define requirements and processes for implementing and maintaining secure industrial automation and control systems (IACS)

Practical exercise to certify your own process and products against IEC 62443 standard

Requirements

Cyber security Fundamentals: A basic knowledge of cybersecurity principles, terminology, and best practices will provide a solid foundation for diving into the specialized field of industrial automation and control systems security

Description

In the rapidly evolving landscape of industrial technology, safeguarding automation and control systems against cyber threats is paramount. Our comprehensive course, "Hands-On ISA/IEC 62443: Securing Industrial Systems," empowers you with the knowledge and practical skills needed to fortify these critical systems against potential vulnerabilities.Delve into the heart of operational technology cyber security standards with a focus on the widely recognized IEC 62443 framework. This immersive learning experience equips you with a solid understanding of the principles, guidelines, and best practices that drive the protection of industrial automation and control systems (IACS).Our dynamic curriculum balances theoretical insights with hands-on, real-world examples to ensure you grasp the intricacies of securing these complex systems. Through a series of interactive modules, you will explore the key concepts of the IEC 62443 series of standards, uncovering its relevance to the modern industrial landscape.But it doesn't stop at theory. Our course takes you beyond the classroom, guiding you through practical exercises that mirror real-world scenarios. Gain invaluable skills as you navigate the process of certifying Industrial Automation and Control Systems in alignment with the IEC 62443. Walk away with a comprehensive toolkit that empowers you to assess, mitigate, and manage cybersecurity risks within your industrial environment.Whether you're an industrial engineer, cybersecurity specialist, automation technician, or a CISO overseeing strategic decisions, this course is tailored to enrich your expertise. Join us on this transformative journey and emerge with the confidence to safeguard industrial automation and control systems effectively, ensuring the resilience and continuity of critical operations in an increasingly digital world.For the hands-on, in order to make it more attractive to all audiences, we will certify a domotic water valve that we could install in our house. We will understand which is the logic behind the certification process and learn how to secure our product in order to be compliant with the standard.

Overview

Section 1: Introduction

Lecture 1 Content

Lecture 2 Value of the course

Section 2: IEC 62443 Overview

Lecture 3 Session Intro

Lecture 4 OT Security

Lecture 5 ISA/IEC 62443

Lecture 6 Summary of ISA/IEC 62443 Series Standards

Lecture 7 Fundamental concepts

Lecture 8 Understanding the ISA/IEC 62443 series

Lecture 9 Risk Management

Lecture 10 Foundational Requirements

Lecture 11 Security levels

Lecture 12 Maturity levels

Lecture 13 Certifications

Lecture 14 Quick summary

Section 3: Prerequisites for preparing the certification

Lecture 15 Session Intro

Lecture 16 Jira

Lecture 17 Create and configure the Jira project - Lab

Lecture 18 Notion

Lecture 19 Create and configure the Notion project - Lab

Lecture 20 Docker Containers and Trivy

Lecture 21 Run Trivy - Lab

Lecture 22 Threat modeling

Lecture 23 Risk assessment. IEC 62443-3-2

Lecture 24 Security requirements. IEC 62443-3-3 & IEC 62443-4-2

Lecture 25 Quick summary

Section 4: IEC 62443-4-1 Process development

Lecture 26 Session Intro

Lecture 27 ISA/IEC 62443-4-1 Overview

Lecture 28 Management needs

Lecture 29 Security Management

Lecture 30 Security Management - Lab

Lecture 31 Specifying Security Requirements

Lecture 32 Specifying Security Requirements - Lab

Lecture 33 Secure Product Design

Lecture 34 Secure Product Design - Lab

Lecture 35 Secure Implementation

Lecture 36 Secure Implementation - Lab

Lecture 37 Security Verification and Validation Testing

Lecture 38 Security Verification and Validation Testing - Lab

Lecture 39 Managing Security Issues

Lecture 40 Managing Security Issues - Lab

Lecture 41 Releasing Security Updates

Lecture 42 Releasing Security Updates - Lab

Lecture 43 Providing Security User Documentation

Lecture 44 Providing Security User Documentation - Lab

Lecture 45 Quick summary

Section 5: IEC 62443-4-2 - Practical case

Lecture 46 Real Case - System Overview

Lecture 47 Security Management - Lab

Lecture 48 Threat Modeling - Lab

Lecture 49 JIRA Requirements Bulk - Lab

Lecture 50 Security Requirements (Common components) - Lab

Lecture 51 Security Requirements (Raspberry component) - Lab

Lecture 52 Security Requirements (HA Docker component) - Lab

Lecture 53 Security Requirements (Water Valve component) - Lab

Lecture 54 Security Requirements - Deliverable - Lab

Lecture 55 Secure Product Design - Lab

Lecture 56 Secure Implementation - Lab

Lecture 57 Security Verification and Validation Testing - Lab

Lecture 58 Managing Security Issues - Lab

Lecture 59 Releasing Security Updates - Lab

Lecture 60 Providing Security User Documentation - Lab

Lecture 61 Security Management 2 - Lab & Quick Summary

Section 6: Recap

Lecture 62 Recap

Industrial engineers,Cybersecurity professionals,Automation and control system technicians,Top management executives who oversee the cybersecurity strategy of their organization,Anyone interested in learning how to secure Industrial Automation and Control Systems using the IEC 62443 standard