Practical workshop: Implementation of OT security analysis according to IEC 62443 (Presented in english)
This workshop will answer the following practical question: "How can a network security analysis be carried out in OT (Operational Technology) using the IEC 62443 series of cybersecurity standards?"
The training serves as an introduction to the practical implementation of a security analysis. Operators of OT (Operational Technology) process plants learn how to develop a security analysis process in accordance with the requirements of IEC 62443. The cybersecurity requirements of IEC 62443 are relevant for all industrial sectors (industrial automation, building automation, process technology, transport/infrastructure, energy generation). This affects all roles of an Industrial Automation and Control System (IACS) life cycle (operator, manufacturer, service provider, maintenance and others).
For participation in this practical workshop, basic knowledge of IEC 62443 is advantageous but not mandatory. E.g. by attending the seminars "Industrial Cybersecurity - Fundamentals IEC 62443" and/or TÜV Rheinland CySec Training Program - Fundamentals of Cyber Security (Industrial Security according to IEC 62443).
Goals
Introduction to the practical implementation of the IEC 62443 series of standards
Please bring your own laptop to the workshop. If you do not have your own laptop, please contact Toni Widmer.
Target group
Beginners as well as specialists from the fields of operating technology (OT) and IT.
Content
- Repetition: Requirements of IEC 62443
- Information gathering Network topology, inventory and organizational structures
- Identification of technical, organizational and physical vulnerabilities. Checklists, questionnaires, ...
- Network scans, anomaly detection
- Carrying out a risk analysis
- Penetration test and system hardening
- Taking measures and concepts
Kontakt
