ICS/SCADA Security and Penetration Testing

ICS/SCADA is the most important system that widely use in many Critical National Information Infrastructure including power plants, factories, transportations, national defence & security, food & agriculture all over the world. However, the SCADA system is not well secured and has lots of vulnerabilities on the network structure, protocol, and product.

These systems control critical components of industrial automation networks. If there’s a problem with it, the essential services (such as water and power) could shut down the services for thousands or millions of people.

Therefore, it makes SCADA system to exposed to more bigger risk than normal IT infrastructure. These risks can be connected to cyber warfare and cyber terror that cause huge accident to an organization or even a country.

This ICS/SCADA security training covers from the basic contents of SCADA system, real cases of SCADA system and various techniques to scan, hack and penetrate into it. It also teaches participants how to manage incident response and how to find the zero day vulnerabilities against the SCADA system.

During the training, participants will be provided with Cyber-War game system. It’s a cyber drill simulation for ICS/SCADA system as a demonstration. The participant will be able to evaluated their skill and knowledge with the system. It also shows real time competitions status of cyber-war with live scoreboard.

At the end of the training, participants will have better understanding and skills to assess and securing their ICS/SCADA system.

Course Outline

Module 1: ICS Introduction

Module 2: ICS/SCADA Architecture and Components

Module 3: ICS/SCADA Case Study

Module 4: Scanning for HMIs and PLCs, then lead to Web Hacking

Module 5: SCADA Vulnerabilities (1-Day)

Module 6: Network Protocols for SCADA

Module 7: SCADA Network Analysis

Module 8: Penetration Testing on Power Plants and Transportation System (0-day)

Module 9: SCADA Vulnerabilities (0-Day)

Module 10: Incident Response for SCADA System

Course Details

Venue: Condition Zebra Professional Learning Centre

Duration: 5 days

Time: 9.00am – 5.00pm

Prerequisite Knowledge and Requirements

• Understanding of network and basic knowledge of TCP/IP
• Participants can be anyone involved in securing a SCADA system, such as SCADA supervisors, analysts, system administrators and SCADA vendors
• Desire to learn the method to secure cyber critical infrastructure

Training Materials Provided

• Trainer slides
• Equipment (including PLC – LS master K120S, bluetooth kit – Parani SD1000U, and etc.)
• Tools and samples

Learning Outcomes

• Understand how the ICS/SCADA field is exposed to cyber threat
• How to diagnose which point has potential weakness and how to harden it
• How to response when attacker breaches into the network or system
• How to protect their facility from further cyber attack

Who Should Attend

• ICS/SCADA Related Engineers, Administrators or Managers
• Cyber-Security Researchers or Consultants Who Have an Interest in ICS/SCADA

Edward, Seungjun Lee

 Seungjun worked as a freelancer for penetration test over 4 years and software engineering over 5 years. His main job is training organization or government agency like Cyber Police, National Security Agency, and Ministry of Defense. He is interested in Artificial Intelligence research and development of game. He has a lot of experience in various government agency as well as pen testing and training.

Youngsun Kim (Ellie))

Ellie graduated from the Seoul Women’s University in Information Security and Computer Science.

She possesses a certification in Engineering Information Processing from HRD Korea and has been involved in various training. Some of them include ICS/SCADA Security Training in Seoul, Honk Kong Police, Singapore and Malaysia among other places.

Ellie was also involved in numerous Projects research such as: Voice Recognition Development, Couple of Vulnerability Assessment Project, Web Vulnerability Research, Security Research on ICS/SCADA System and she also published a book on Pentest.

Ready to get started?

Get in touch, or sign up now!