The most trusted source for computer security training, certification and research.

select a course
Las Vegas, NV - September 28 - 30, 2006
Global Information Assurance Certification

It was, overall, the most in-depth training on securing Windows I've attended!
-Matt Hurst, Madison City Schools

SPECIAL

Introductory SCADA Security: Session 1

Thursday, September 28, 2006 : 8am - 12 noon


Who should attend:

Control system managers, IT managers responsible for control system networks, control system support staff and control system operators.

Agenda

  • Control System Network Communications Overview
  • Common Vulnerabilities of Control Systems
    • Inadequate Policies and Procedures
    • Poorly Designed Control System Networks
    • Misconfigured or Unpatched Operating Systems and Imbedded Devices
    • Inappropriate use of Wireless Communication
    • Inadequate Authentication of Control System Communications
    • Inadequate Identification and Control of Access to Control System
    • Lack of Detection and Logging of Intrusion
    • Dual Use of Control System Networks
    • Lack of Security Checking of Control System Software/Applications
    • Lack of Change Management/Change Control Procedures and Agreements
  • Potential Mitigation Strategies based on Multiple Levels of Implementation
  • Cyber Attack Demonstration Video

What previous attendees say about this course:

  • "This material will be very applicable to many of my day-to-day activities."
  • "Material will be utilized when I return to my job."
  • "Very understandable for industry insiders."
  • "Excellent, provided good insight to the issues and made me aware how much more I need to know."

It offers a strategic & practical approach to auditing which is not only informative, but inspiring... truly enabling.
-Steve Yuhas, TESSCO Technologies

Author Statement

My name is Gary Finco and I am one of the control system security researchers at the Department of Energy's Idaho National Laboratory working in the SCADA Test Bed. The SS1 course has received great reviews from system control and security managers and staff who have attended it at several user group meetings and industry conferences. I look forward to presenting it at the Process Control and SCADA Security Summit in Las Vegas. Structured to help students not only understand exactly how attacks against control systems could be launched and why they work, this course also provides mitigation strategies to increase the cyber security posture of your control system network.
- Gary Finco