Security Training ▸ ICS/SCADA

ICS/SCADA Training

Get your hands on real devices that are used in the industrial settings

#ICS/OTvulnerabilities

#PLC&HMI

#RF

#BadUSB

#BadDNS

What is ICS/SCADA Training?

As internet and automation is adapted in the industrial world, ICS/SCADA systems are mandatory nowadays. Daily-used automation systems such as elevator, automated doors and big facilities such as nuclear powerplants and dams are all vulnerable to hacking, and it may result in economical loss.

As if Iran experienced Stuxnet incident, which Uranium facility was attacked, industrial systems and automated machines are open to the hackers. In this course, you can simulate various hacking scenarios on the testbed and may understand how hackers attack the industrial systems. By doing so, you will be able to secure your own ICS/SCADA system!

Who should take this course?

OT Engineers

OT Engineers

Automated Facility<br> Security Manager

Automated Facility
Security Manager

ICS/SCADA system<br>managers

ICS/SCADA system
managers

Network Managers

Network Managers

Security Professionals

Security Professionals

IT Technicians

IT Technicians

Why ICS/SCADA Training?

Security Threats on ICS/SCADA facilities
 

Increasing importance of safety and security design for industrial facilities

Understanding vulnerabilities of ICS/OT Systems

Tracking hackers and unauthorized user’s attack paths

Preventing automated machines from getting hacked

Strengthening IT & OT Security in facilities
 

Curriculum

Day 1

[ICS/SCADA Overview]

1. OT/ICS Security Trends
– Introducing Various cyber attacks and attack paths

2. Intro. To ICS/SCADA
– Looking into ICS/SCADA in Cyber Security perspective

3. Comparing with IT Security
– New technologies, new threats

01

[The ICS/OT Reconnaissance]

1. Introduction
– OSINT Approach

2. Case Studies

3. OSINT Methodologies for ICS/OT

02

1. Finding attack paths using OSINT tools (e.g. Censys & Shodan)
2. OSINT Monitoring with DarkTracer

Lab

[IEC 62443 Standards]

1. Introducing International Standards for OT cybersecurity
– Understanding OT cybersecurity standardization
– Case studies

2. Overview of IEC 62443 Standards
– Components of IEC 62443 and its application to the real world

3. Details of IEC 62443 3-3 Standards
– Understanding Intentions, Requirement and Expectations of IEC 62443

03

[Advanced Attacks on ICS Vulnerabilities] - Part 1

1. Fuzzing & Exploit Overview
– Vulnerabilities of current systems and software
– Understanding fuzzing and exploits
– Real life Scenarios and Attack Cases Studies

04
Day2

[PLC/HMI Programming - Basic] - Part 1

1. Overview of PLC Simulation
– Intro. to PLC
– Intro. to HMI

2. PLC/HMI Attack Scenarios
– Understanding normal behavior of PLC/HMI operation
– Understanding the causes of accidents of the automation device

3. Ladder Logic Programming
– intro. To Runway control system scenario

01

1. PLC/HMI Configuration
2. PLC Ladder Logic Programming

Lab

[PLC/HMI Programming - Basic] - Part 2

1. Runway HMI Configuration
– Understanding the components of Runway control system HMI

02

1. PLC/HMI Simulation
2. Connecting HMI Simulation and PLC

Lab

[PLC/HMI Programming - Basic] – Part 3

1. Runway HMI Configuration
– Understanding the components of Runway control system HMI

2. Attacking the program to resimulate the accident
– Understanding attacker’s intention and cause of the accident

03

1. Ladder Logic Programming
2. Downloading HMI Screen
3. Runway Operation and attack

Lab

[PLC/HMI Programming - Advanced] – Part 1

1. Overview of ICS Protocols
– Understanding how PLC works (Advanced)
– Application to ICS Network

2. ICS Network – Basics

3. PLC ↔️ HMI Packet Analysis
– How to capture Packet
– Understanding how Packet communication works (Advanced)

04

[PLC/HMI Programming - Advanced] – Part 2

1. Analyzing ICS Protocols
– Introducing various ICS Protocols

2. Modulation Attacks on ICS Protocols
– The vulnerabilities of ICS Protocols
– ICS Protocols Attack Methodology

3. Malware Injection
– Understanding attack scenarios
– Different types of tools for Malware Injection

05

1. Analyzing S7 Comm Plus packet and attacking vulnerabilities
2. Tempering ICS Protocols

Lab
Day3

[Air Gap Bypass Techniques] – Part 1

1. Airgap Bypassing Overview
– Intro. To Closed Network
– Understanding Airgap Bypassing of IoT Devices

2. Intro. to Bad USB
– Vulnerabilities, attack path, attack methodology, Real-life cases

01

1. Creating Bad USB
2. Attacking the target device using Bad USB

Lab

[Air Gap Bypass Techniques] – Part 2

1. Intro, to Bad DNS
– Understanding how DNS works
– DNS Tunneling

2. Bad DNS attack scenarios
– Bad DNS attack and defense

02

[Radio Frequency Attack] - Part 1

1. RF Attack Overview
– Case Studies
– Preparation for RF attack

2. Tools for RF Attack
– Introducing various tools for RF attack

03

[Radio Frequency Attack] - Part 2

1. RF Signal Detection, Regeneration, Tampering, Resending
– Radio Frequency Wireless Signal
– Capturing and analyzing the wireless signal from the remote controller

2. Attacks on Model Cranes
– Various scenarios

04

1. Capturing wireless signals using HackRF
2. Replay Attack
3. Jamming Signals
4. Analyzing the signal

Lab

Tools

Simulations, TestBed, Hardware
RA-T Runway, RA-T Crane, RA-T SFPCS, RA-T SmartCity, HackRF, P4wnP1, Teensy 

Programs and Software
VMWare Workstation, Siemens TIA Portal, Shodan, Censys, DarkTracer, Python, WireShark

Prerequisites

Basic knowledge on cyber security

Linux OS & Kali Linux

Python Basics

Network Vulnerability Analysis

Instructors

CEO
Louis Hur

CEO

허영일

Louis Hur | CEO

Main Training Area

OSINT Intro.

Head of RedAlert Lab
Ocean Moon

Head of RedAlert Lab

문해은

Ocean Moon | Head of RedAlert Lab

Main Training Area

ICS/SCADA Advanced

Researcher
JunYong Park

Researcher

박준용

JunYong Park | Researcher

Main Training Area

ISA/IEC 62443 Standard

Chief Researcher
SunHo Lee

Chief Researcher

이선호

SunHo Lee | Chief Researcher

Researcher
SungHun Do

Researcher

도성훈

SungHun Do | Researcher

Main Training Area

PLC/HMI Basics & Programming

Researcher
DongHyun Kim

Researcher

김동현

DongHyun Kim | Researcher

Researcher
Rana Jose

Researcher

Rana Jose profile

Rana Jose | Researcher

Main Training Area

ICS Security Standards/Frameworks

Airgap Bypassing

CEO
Louis Hur

CEO

허영일

Louis Hur | CEO

Main Training Area

OSINT Intro.

Head of RedAlert Lab
Ocean Moon

Head of RedAlert Lab

문해은

Ocean Moon | Head of RedAlert Lab

Main Training Area

ICS/SCADA Advanced

Researcher
JunYong Park

Researcher

박준용

JunYong Park | Researcher

Main Training Area

ISA/IEC 62443 Standard

Researcher
SungHun Do

Researcher

도성훈

SungHun Do | Researcher

Main Training Area

PLC/HMI Basics & Programming

Chief Researcher
SunHo Lee

Chief Researcher

이선호

SunHo Lee | Chief Researcher

Researcher
DongHyun Kim

Researcher

김동현

DongHyun Kim | Researcher

Researcher
Rana Jose

Researcher

Rana Jose profile

Rana Jose | Researcher

Main Training Area

ICS Security Standards/Frameworks

Airgap Bypassing

Training Kit

Airport Runway Simulations

Airport Runway Simulations

RA-T RUNWAY V1.0

Runway simulation is equipped with Siemens PLC and HMI units. The operation of runway guidance lights is inserted into the units via Siemens Tia Portal program.

See More
Crane

Crane

RA-T Crane

This model of industrial crane operates with radio frequency, which can demonstrate related mock attack and incident situation.

See More
SmartCity

SmartCity

RA-T SmartCity

Railway system, power plants, airport runways, digital billboards and such infrastructures with different systems and protocols are installed in the Smart City diorama.

See More
SFPCS

SFPCS

RA-T SFPCS

Spent Fuel Pool Cooling System, a.k.a SFPCS, visualizes the neutralization incident of cooling system in a nuclear power plant.

See More

Reviews

Videos

Notice

NSHC provides following items for your convenience.

1) Laptop
We provide laptop with software that you will need for hands-on training.

2) Textbook
All the learning materials will be provided in form of a textbook.

3) Training fee
Lunches and snacks are included in your training fee.
Transportation, accommodation, and dinner are excluded.

4) Certificate of Completion
We give the certificate of completion to those who finish the training.

Location

  • 18th ICS/SCADA Training (Singapore)

<Park Avenue Rochester> 31 Rochester Dr, Singapore 138637

  • 19th ICS/SCADA Training (Republic of Korea)

<SKY31> 300, Olympic-ro, Songpa-gu, Seoul, Republic of Korea

Registration and Payment

There are two ways to pay the training fee: PayPal or bank transfer

You may select preferred payment method when submitting the registration form.
We will assist you after your registration form is received.

If you have any question regarding the payment, please contact us at training@nshc.net.

Refund Policy

You may receive a full refund without a penalty if you make cancellation a week prior to the training.
Or, you will be charged for 10% cancellation fee.

  • Cancellation made until [8 days] before the training : fully refundable

  • Cancellation made within [7 days ~ the day of training]: 10% cancellation fee is charged.

  • Refund policy may be changed without a notice.

Security Training ▸ ICS/SCADA

ICS/SCADA Training

#ICS/OTvulnerabilities

#PLC&HMI

#RF

#BadUSB

#BadDNS

$4,500(SGD)

VAT incl.

$3,300(USD)

VAT incl.
18th (Closed)
  • Date
    Oct 19 ~ Oct 21
  • Time
    09:30 ~ 18:00
  • Location
    Park Avenue Rochester, Singapore
  • Deadline
    Oct 3, 2022
  • Capacity
    12
19th (Confirmed)
  • Date
    Dec 13 ~ Dec 15
  • Time
    09:30 ~ 18:00
  • Location
    Lotte Tower, Seoul
  • Deadline
    Dec 6, 2022
  • Capacity
    12
Register

ICS/SCADA Training Registration Form

1= Beginner, 5 = Professional

Register

ICS/SCADA Training Registration Form

1= Beginner, 5 = Professional