CSFI-CSCOE- Certified SCADA Cyberspace Operations Engineer

• Concepts of SCADA devices
• SCADA devices work and function
• Security concepts and challenges directly with SCADA devices
• Vulnerability assessments within SCADA environments
• Incident response within a SCADA environment
• Penetration tests on Industrial Control systems
• Vulnerabilities in web applications used in industrial control systems
• Hardware, network, user interface, and server-side vulnerabilities
• Incident response on industrial control systems
• Unique differences between ICS incident response and traditional

Here is some additional information that you will learn about in class:

Pen-testing SCADA Network Protocols

• ICS Systems Overview
• Controllers, Embedded Systems and Protocols
• PLCS, DCS, Hybrid Controllers, PC-Control
• SCADA and ICS Protocols
• Working with Modbus, OPC, and HMIs
• Different Levels of Network Communication Penetration Testing
• Serial Communications (RS-485, RS-232, Modbus RTU)

Pentesting SCADA Field and Floor Devices

• Tests performed against SCADA networks
• External Penetration Testing
• Internal Penetration Testing
• Vulnerability Assessments
• Wireless Audits
• SCADA Vulnerability Assessment Methodology
• SCADA Protocols
• PLC< RTU, DCS, and Embedded Controllers
• SCADA Exploitation
• Analysis of embedded electronics in SCADA field and floor devices
• Discussion of device disassembly

Pentesting SCADA Field and Floor Devices Continued and Intro to SCADA Incident Response

• Introduction to SCADA Incident Response
• SCADA Incident Response Overview
• SCADA Incident Response In-Depth
• Analyzing Data Obtained from Data Dumping and Bus Snooping
• End-to-End Analysis and Reporting

SCADA Active Defense Methodologies

• Introduction to SCAA Active Defense
• Network Segmentation

Labs will include the following areas:

• Lab 1 – Introduction to SamuraiSTFU (Security Testing Framework for Utilities)
• Lab 2 – Pentesting RF Communications Between Master Servers and Field Devices
• Lab 3 – Pentesting TCP/IP Based SCADA Protocols
• Lab 4 – Pentesting Technician Interfaces On SCADA Field and Floor Devices
• Lab 5 – Analyzing Field and Floor Device FirmwareLab 6 – Overview of Pentesting Field and Floor Device Embedded Circuits
• Lab 7 – Dumping Data at Rest On Embedded Circuits
• Lab 8 – Bus Snooping On Embedded Circuits
• Lab 9 – Capture the Flag Event

• Familiarity with basic network topology such as switching, routing, and IP addressing
• Recommended course book: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

This course is part of the following programs or tracks:

• CSFI-CSCOE