SECURE SCADA - Manage the cyber security of an industrial network and prevent IoT intrusions
The target audience for training
- CISO
- IoT/SCADA integrators
- Supervision or industrial maintenance managers
- Technical/industrial managers
- Industrial systems administrators
- Automation technicians
What you will learn
With the digital transformation of industrial infrastructures (Industry 4.0, IoT, automation), OT environments have become prime targets for cyber attackers. The increasing interconnection of industrial systems with IT systems (IT/OT convergence) exposes PLCs, SCADA supervisors, sensors and network equipment to critical risks.
This 3-day operational training course enables automation engineers, integrators, administrators and IoT technicians to understand the specific vulnerabilities of industrial systems, apply good security practices and implement ANSSI recommendations.
Training programme
- Duration: 3 days
DAY 1 - IoT fundamentals & industrial vulnerabilities
Morning:
- Introduction to IoT cybersecurity
- Real risks and examples of industrial attacks (Stuxnet, Colonial Pipeline)
- SCADA vulnerabilities
- Demonstration: attack on a vulnerable supervision system
- Quiz 1: Case study of a real SCADA incident + 10 MCQs
Afternoon:
- Industrial protocols (Modbus, S7, OPC-UA, etc.)
- Defence in depth
- ANSSI recommendations (CSI guides, hygiene guides)
- Quiz 2: Security audit case study + 10 MCQs
DAY 2 - Partitioning, hardening, API security
Morning:
- VLAN, DMZ, secure routing
- ACL, MAC filtering
- Secure OT network architecture
- Quiz 3: Analysis of non-segmented architecture + 10 MCQs
Afternoon:
- Securing PLCs (S7-1500, passwords, display)
- Managing access rights and SCADA sessions
- Simulated intrusion test on an unprotected PLC
- Quiz 4: SCADA misconfiguration + 10 MCQs
DAY 3 - IoT supervision, detection and auditing
Morning:
- SIEM, ELK, logging in industrial systems
- Log analysis, alerts, false positives
- Simplified risk analysis methodology
- Quiz 5: Intrusion detection case study + 10 MCQs
Afternoon:
- Introduction to SCADA pentesting
- Planning, execution and reporting
- Quiz 6: Incident response & action plan + 10 MCQs
Final practical (2h) : Intrusion simulation on a SCADA/IoT network with analysis report
- Identifying faults
- Alert feedback
- Post-attack recommendations
Teaching methods
- Affirmative (DIRE) : Theoretical background on protocols, standards and attacks
- Interrogative (MAKE SAY) : Discussions, case studies, feedback
- Demonstrative (DO) : Demonstrations on PLCs and SCADA simulators
- Active (FAIRE FAIRE) : Practical work on simulated OT network, real configuration, audit
Training objectives
On completion of this course, participants will be able to :
- Identify critical vulnerabilities in a connected industrial system
- Applying good defence in depth practices in an IoT context
- Securing programmable controllers and their interfaces
- Set up appropriate network partitioning (VLAN, MAC filtering, ACL)
- Installing and configuring an incident detection system (SIEM) adapted to the industrial environment
- Carrying out a basic security audit on an IoT network
Training prerequisites
- Basic knowledge of industrial automation (PLC, supervision)
- General knowledge of IP networks and supervision architecture
- Aptitude for technical environments (protocols, topologies)
- Language : French
- Level : Fundamental
- Certification body : ACG CYBERACADEMY
- Certification: No
- Accessibility : Yes
- Duration: 3 days
Important information:
Our courses are not registered with the Répertoire National des Certifications Professionnelles (RNCP), but they do comply with the requirements of the Répertoire Spécifique (RS).