Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)

Separate registration fee applies. To register, select this course on the event registration form.

• Onsite/in-person delivery
• Course Dates: 19-20 June 2026, 08:00-16:00
• CEU Credits: 1.4
• A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire two-day course
  

Description

This course provides a detailed look at how the ISA/IEC 62443 standards framework can be used to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for SCADA or plant floor environments. 

With the move to using open standards, such as Ethernet, Transmission Control Protocol/Internet Protocol (TCP/IP), and web technologies, in supervisory control and data acquisition (SCADA) and process control networks (PCN), systems are being exposed to the same cyberattacks facing corporate information systems, protecting control systems is more important than ever.

Certificate Program

This is a preparatory class for the ISA/IEC 62443 Cybersecurity Certificate Program. The course registration includes the fee for one exam.

Learning Objectives

• Discuss the principles behind creating an effective long-term program security
• Interpret the ISA/IEC 62443 industrial security framework and apply them to your operation
• Define the basics of risk and vulnerability analysis methodologies
• Describe the principles of security policy development
• Explain the concepts of defense in depth and zone/conduit models of security
• Analyze the current trends in industrial security incidents and methods hackers use to attack a system
• Define the principles behind the key risk mitigation techniques, including anti-virus and patch management, firewalls and virtual private networks
  

Topics Covered

• Understanding the Current Industrial Security Environment: What is Electronic Security for Industrial Automation and Control Systems? | How IT and the Plant Floor are Different and How They are the Same
• How Cyberattacks Happen: Understanding the Threat Sources | The Steps to Successful Cyberattacks
• Creating A Security Program: Critical Factors for Success/Understanding the ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009)- Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
• Risk Analysis: Business Rationale | Risk Identification, Classification and Assessment 
• Addressing Risk with Security Policy, Organization, and Awareness: Cyber Security Management System Scope | Organizational Security | Staff Training and Security Awareness
• Addressing Risk with Selected Security Counter Measures: Personnel Security | Physical and Environmental Security | Network Segmentation | Access Control
• Addressing Risk with Implementation Measures: Risk Management and Implementation | System Development and Maintenance | Information and Document Management
• Monitoring and Improving the CSMS: Compliance and Review | Improve and Maintain the CSMS
• Validating or Verifying the Security of Systems: What is being done? | Developing Secure Products and Systems
  

Classroom/Laboratory Demo 

• PCAP Live Capture Analysis

Includes ISA Standards

• ANSI/ISA-62443-1-1 (ANSI/ISA-99.00.01-2007), Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts & Models
• ANSI/ISA-62443-2-1 (ANSI/ISA-99.02.01-2009), Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program
• ANSI/ISA-62443-3-3, Security for industrial automation and control systems: System security requirements and security levels

Marco (Marc) brings decades of expertise in process automation, safety systems and industrial control networks with an extensive focus on securing the energy, oil and gas, maritime, offshore and chemical sectors. A seasoned ISA leader, cybersecurity advocate, InfraGard Houston President, and USCG AMSC Cyber Chair for the Gulf of Mexico. He is highly active in the International Society of Automation and is a longtime member and newly elected to the Executive Board. He is an ISA Fellow and a certified cyber instructor for ISA (62443).

IACS Cybersecurity Design & Implementation (IC34)

Separate registration fee applies. To register, select this course on the event registration form.

• Onsite/in-person delivery
• Course Dates: 19-21 June 2026, 08:00-16:00
• CEU Credits: 2.1
• A certificate of completion indicating the total number of CEUs earned will be provided upon successful completion of the entire three-day course

Description

Industrial Automation Control System (IACS) Cybersecurity Design & Implementation (IC34) focuses on the activities associated with the design and implementation of IACS cybersecurity countermeasures. This includes the selection of appropriate countermeasures based upon their security level capability and the nature of the threats and vulnerabilities identified in the assess phase. The access phase includes cybersecurity acceptance testing of the integrated solution to validate that countermeasures are properly implemented and the IACS has achieved the target security level.

Students will learn the information and skills to select and implement cybersecurity countermeasures for a new or existing IACS in order to achieve the target security level assigned to each IACS zone or conduit. Additionally, students will learn how to develop and execute test plans to verify the cybersecurity of an IACS solution has properly satisfied the objectives in the cybersecurity requirements specification.  

Certificate Program

IC34 is third course in the ISA/IEC 62443 Cybersecurity Certificate Program. The course registration includes the exam fee. Pass the exam to earn the ISA/IEC 62443 Cybersecurity Design Specialist Certificate designation.

Required Prerequisites 

Successful completion of Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32) and passing the ISA/IEC 62443 Cybersecurity Fundamentals Specialist certificate exam are mandatory prerequisites for this course.

Who Should Take IC34?

• Control systems engineers and managers
• System integrators
• IT engineers and managers in industrial facilities
• Plant managers
• Plant safety and risk management personnel
  

Learning Objectives

• Interpret the results of an industrial control system (ICS) cybersecurity risk assessment
• Develop a cybersecurity requirements specification (CRS)
• Develop a conceptual design based upon information in a well-crafted CRS
• Explain the security development lifecycle (SLD) process and deliverables
• Perform a basic firewall configuration and commissioning
• Design a secure remote access solution
• Develop system hardening specification
• Implement a basic network intrusion detection system (IDS)
• Develop a cybersecurity acceptance test plan
  • Cybersecurity factory acceptance test (CFAT)
  • Cybersecurity site acceptance test (CSAT)
• Perform a basic CFAT or CSAT
  

Topics Covered

• Introduction to the ICS Cybersecurity Lifecycle
  • Assessment phase
  • Implementation phase
  • Maintenance phase
• Conceptual Design Process
  • Interpreting risk assessment results
  • Cybersecurity requirements specifications
  • Developing a conceptual design
  • Conceptual design specification
• Detailed Design Process
  • SDL
  • Types of technology
  • Selecting appropriate technology
  • Developing a detailed design
  • Documenting the design/specification
• Design & Implementation Examples
  • Firewall design example
  • Remote access design example
  • System hardening design example
  • Intrusion detection design example
• Testing
  • Developing test plans
  • CFAT
  • CSAT

Exercises

• Building the board
• Firewalls
• Defining USB policy and procedure
• Network device hardening
• Remote access
• Using 62443 3-3 to validate achieved security level (SL-A)

Recommended Prerequisites

ISA course Assessing the Cybersecurity of New or Existing IACS Systems (IC33) or equivalent knowledge/experience.

Recommended Resources

• ISA-62443-1-1-2007, Security for Industrial Automation and Control Systems – Part 1-1: Terminology, Concepts and Models (Standard)
• ANSI/ISA-62443-2-1-2024, Security for Industrial Automation and Control Systems – Part 2-1: Security Program Requirements for IACS Asset Owners ​(Standard)
• ANSI/ISA-62443-3‑2-2020, Security for Industrial Automation and Control Systems – Part 3‑2: Security Risk Assessment for System Design ​(Standard)
• ANSI/ISA-62443-3-3 (99.03.03)-2013, Security for Industrial Automation and Control Systems – Part 3-3: System Security Requirements and Security Levels ​(Standard)
• ISA Cybersecurity Library (Publication)
  

Steve, PE, CAP, GISP, CMCP, has over 35 years of experience in the automation industry. He has developed embedded software and hardware for military applications and created products for industrial automation and control systems. Currently, much of his work focuses on assessing the cybersecurity readiness of organizations in critical infrastructure. 

In addition to being the former 2021 ISA President, Steve holds multiple certifications and professional engineering licenses. These include being a licensed Professional Engineer (PE), an ISA Certified Automation Professional (CAP), a UK-registered Chartered Engineer (CEng), a Fellow of the International Society of Automation (ISA), a Fellow of the Institution of Engineering & Technology, a European-registered Engineer (EUR Ing), a Global Industrial Cyber Security Professional (GICSP) and a Certified Mission Critical Professional (CMCP).

Laptop is required for this course.