Course Offerings

Cyber Security in Energy Automation

Course ID: SEF-3001KU1
Overview
Course Outline
Requirements
Intended Audience
More Details

This course will help students implement defense in depth solutions and techniques with hand-experience in real life scenarios. Students will learn how to protect critical energy infrastructure systems, like power grids and industrial control systems, from cyberattacks by applying cybersecurity principles specifically tailored to the unique aspects of energy automation technologies and operations. Students will gain knowledge in describing the principles of secure system design and secure architecture, securing architecture principles in project implementations, explaining firewall concepts and configure firewall rules for RUGGEDCOM routers and Windows operating systems and implementing account management practices, including creating users, assigning roles, and managing rights.

Course Objectives

• Describe the principles of secure system design and secure architecture.
• Apply secure architecture principles in project implementations.
• Explain firewall concepts and configure firewall rules for RUGGEDCOM routers and Windows operating systems
• Implement account management practices, including creating users, assigning roles, and managing rights.

Outline of Instruction

8 Hours
1. Understanding Secure System Principles: Foundation of the secure computing system with emphasis on the importance of security in power system automation. 8
2. Studying Secure Architecture: Comprehensive exploration of secure architecture designs according to IEC62443 certified blueprint, their functioning, and how they contribute to a more secure system.
3. Learning Firewall Concepts: overview of firewall concepts, their operations, and how they act as a barrier between trusted and untrusted networks.
4 . Understanding Firewall Rules for RUGGEDCOM Routers and Windows Operating System: Specific focus on the creation and management of firewall rules to enhance system security.

8 Hours
5 . Account Management: Insight into user account management including creating, managing, and assigning user roles and rights to improve system control. 8
6. Logging and Monitoring: How to log and monitor system activities, and how these processes aid in identifying and addressing security threats.
7. Malware Protection: Exploration of malware protection techniques, including the concept of blacklisting and whitelisting applications to prevent unauthorized access.
8. System Hardening: Training on techniques to reduce system vulnerabilities and exposure to threats by strengthening security policies, configurations, and settings.

11 hours
9. Patch Management: Introduction to the practice of managing updates or patches for software applications, ensuring they are up-to-date and secure. 11
10 . Backup/Restore: Comprehensive understanding of the importance and execution of data backup and restoration processes for maintaining data integrity and availability.
11. Creating network segmentation through VLANs and firewall zones
12. Building firewall rules and policies for Siemens RUGGEDCOM Routers and Windows Operating Systems.
Implementing RADIUS server for centralized account management of IEDs
13. Creating a SYSLOG Server/Client scheme to collect security logs from IEDs
Applying malware protection with Windows Defender, including blacklisting and whitelisting.

8 hours
14. Performing system hardening tasks on operating systems according to industry guidelines (e.g., CIS).and network devices.
Developing backup and restore strategies for data protection.
15. Planning and executing patch management procedures for operating systems and automation components.