This short guide will explain all aspects of SCADA Security Certification. But first we will understand what is a SCADA.
What is SCADA?
SCADA is short for Supervisory Control and Data Acquisition System. These systems are used in a wide variety of industries from electrical grids (electrical substation SCADA) to pipeline monitoring systems. A typical SCADA consists of remote terminal units (RTUs), and/or PLCs (Programmable Logic Controllers) and/or IED (Intelligent Electronic Devices) which may be connected via various Input/Output signal conditioning cards to sensors, transmitters and actuators that drive final control elements, such as control or on/off valves, dampers and motors.
RTUs help in transmitting signals to and from the control room. There may be a local control room that monitors signals from several RTUs that are geographically close to it. These control rooms are usually manned by one or more operators. These local control rooms may be further connected via various communication links to a Central Control Room that monitors the entire SCADA and is manned by several operators.
Here is a typical architecture of a SCADA. This is only typical, many architectures abound.
Source: SCADA Architecture Image is from NIST.
What is an ICS?
An ICS is short for Industrial Control System. It is similar to a SCADA but an ICS typically is used to control a single plant (or a group of plants) at a single location. An ICS may be a DCS (Distributed COntrol System) or a PLC based system with a graphical HMI. An ICS also has several closed loop controls to monitor and control rapidly changing process parameters. Think of an oil refinery’s distillation units. These are controlled and monitored by one or more ICS.These systems are also known as BPCS (Basic Process Control Systems) as they are used for basic process monitoring and control only.
What is an SIS?
SIS is short for Safety Instrumented Systems. They are used in plants that have handle hazardous materials to keep the plant assets, people and the environmental by taking emergency measures in case the BPCS has a failure or in case there are process upsets.
In totality these systems are also referred to as IACS (Industrial Automation & Control Systems) or as OT (Operational Technology) systems. These are distinct from IT systems (such as ERP or banking or Hotel Reservation systems).
What is SCADA Security?
Many of the existing systems in use are legacy systems. The makers of these systems did not design them to be protected against cyber threats, because when these systems were first built, security was not an issue. With the proliferation of microprocessors everywhere and the availability of internet resources, even mediocre hackers (script kiddies) can carry out SCADA Hacking and attacks. This has made it imperative for asset owners (who own the various plants, pipelines, machinery, et al that is operated by these SCADA and IACS) to implement SCADA Security measures.
What is SCADA Security Certification?
When one thinks of cybersecurity, many people think of IT security professionals, who are the ones who handle these threats on a daily business for IT systems, such as those in banking or stock trading or other MIS. However these IT systems are completely different from OT systems and they require a different set of knowledge and skills. These are provided by training and certification programs from various providers.
Abhisam’s Certified Industrial Cybersecurity Professional (CICP) is a comprehensive program that covers everything that you need to know about not just SCADA security but also related aspects such as an understanding of the various standards & practices used (for example IEC 62443).
It also costs much less as compared to programs from other providers and is the best scada certification that you can get for security.
How to get SCADA Security Certification?
Enroll in the Abhisam CICP course today. Visit the Industrial Cybersecurity training course page to buy and get immediate access to the course.
The course has the following modules that you need to complete, before you can take the certification exam.
1. Introduction to IACS Cybersecurity
2. Overview of Industrial Automation & Control Systems (DCS / PLC / SCADA /SIS).
3. Basic Concepts of Cybersecurity.
4. IACS Threats, Vulnerabilities & Attacks.
5. OT Security Standards & Practices (including IEC 62443).
6. IACS Cyber Risk Assessment & Mitigation.
7. IACS Security Lifecycle (including People, Policies and Procedures, Hazard and Risk Assessment, ICS Asset Inventory, Training & Competency management, Secure architecture devices and software practices, Intrusion Detection & Prevention, Event Logging & Analysis, Incident Response, Backup & Restore, Patch Management & Testing)
8. Case Study- Stuxnet.
9. Demo-Attack on a PLC
10. Advanced Module 1 (Cyber Kill Chain, MITRE ATT&CK for ICS, SHODAN alternatives, Honeypots)
11. Self Assessment Test
12. Advanced Module 2.
This is available with only the Professional version and at present has the following module
a) Understanding IEC 62443-2-4. This is a detailed training module that covers this part of the standard with guidance for compliance. It is useful for IACS vendors and system integrators, as well as Asset Owners.
b) Supply Chain Cybersecurity (Coming soon). This covers all aspects of understanding supply chain cyber security including SBOM (Software Bill of Materials).
Other SCADA security certifications from organizations such as ISA and SANS are available, but the cost is much higher and not everybody can afford them.
Have there been any SCADA Security incidents in the past?
There have been plenty of incidents due to poor SCADA security in the past. The most famous one is the Maroochy wastewater plant incident in Australia. Recent ones include the Ukraine electrical grid attack. Even before the Ukraine conflict, hackers from probably a nation-state, took remote control of Ukraine’s electrical grid by hacking the Electrical SCADA and played havoc by opening and closing circuit breakers randomly. This led to blackouts in several areas and brownouts in others.
Even more recently the Oldsmar,Florida water supply SCADA security incident happened where hackers could remotely control the chemical dosing pump and tried to poison the water by greatly increasing the quantity of chemicals pumped. However, alert operators could shut it down and prevent a disaster.
However many of these incidents are not reported due to fears of litigation by consumers, or being prosecuted by the authorities, or simply not to give ideas to potential attackers on “how to” attack a SCADA.
Taking SCADA security certification training programs will help you protect your system from cyber attacks and prevent disasters that may happen.