Applied ICS Security
Training Lab
Your Trainer : David Formby, Ph.D
David has extensive experience characterizing power substation network traffic, discovering vulnerabilities in power grid and control system devices, and developing techniques to address these vulnerabilities.
David’s technical experience also includes expertise in universal software radio peripherals (USRPs) garnered while working at MIT Lincoln Labs and database management systems garnered while working with the Department of Energy Savannah River Site.
David participated in the NSF I-Corps program as the Entrepreneurial Lead and has been recognized in multiple pitch competitions and showcases.
About This Training
This full-day lab course gives participants hands-on experience attacking and hardening a simulated power plant network to learn about common ICS vulnerabilities and defenses. Participants will attack historians, HMIs, and PLCs to cause a power outage in the 3D simulation, and then implement defenses like firewalls and network monitoring to harden it.
In this session attendees will learn:
• Deeper understanding of common vulnerabilities in ICS networks and devices
• Techniques for testing ICS devices for various vulnerabilities
• Practical experience hardening ICS device configurations and using network defenses
Topics Covered:
• Scanning ICS networks
• Exploiting web vulnerabilities in the DMZ
• Sniffing industrial network traffic
• Password cracking
• PLC and HMI programming
• Using Yara to scan for ICS malware
• Writing host and network firewall rules for ICS
• ICS network intrusion detection
Requirements
Participants must bring their own laptop with either Chrome or Firefox installed. Some Linux experience is helpful but not required.