IT Security Training According to IEC 62443

Course Description

Many installations for industrial automation and control systems are built from standardized hardware and software components. These open systems facilitate the integration of individual components and enable the interconnection of control systems, installations and office IT even over long distances. Integrated communication accelerates production, provides for a clearer overview and cuts development and production costs.

However, open systems are also “open“to attacks and manipulation. The vulnerability of industrial automation and control systems was revealed by the Stuxnet attack at the latest. Analyses, assessments and tests play a key role in implementing appropriate security controls against these threats. The challenge thereby is to harmonize the requirements of IT security with the specific demands of automation and control systems (including real time, safety) as well as the security for safety principle which needs to be implemented.

Our expert training introduces you to the topic of IT security based on the IEC 62443 family of standards, taking into account issues related to control and automation systems.

Who Will Benefit?

The training particularly targets decision makers and staff in IT and the developers of products for the production sector, process engineering and critical infrastructures.

Course Agenda

• What does information security actually mean?
• Status quo of IEC 62443
• Cryptography
• Overview of IEC 62443
• Concepts of IEC 62443
• IEC 62443-2-1: Asset Owner (Operator)
• IEC 62443-2-4: Service Provider (System Integrator, Maintenance)
• IEC 62443-4-1: Product Supplier (Product Manufacturer)
• Threat Modelling
• Safety & Security

The training offers opportunities to ask questions and to discuss relevant topics. We can also offer tailored in-house training courses at your company to complement or replace our standard training courses.