ICS Cybersecurity

exida helps mitigate security risks and assists in delivering intrinsically secure products.

ISA/IEC-62443/ISA-99 Based Industrial Control System (ICS) Cybersecurity

Industrial Control System (ICS) Cybersecurity has quickly become a serious issue for professionals in the process and critical infrastructure industries.

An unprecedented number of security vulnerabilities have been exposed in industrial control products and regulatory agencies are demanding compliance to complex and confusing regulations. Very few industries are actually regulated, and of those that are, the regulating agencies are demanding compliance to complex and confusing regulations. Those that are not regulated are dealing with a wide variety of vague and sometimes conflicting standards from multiple sources. 

There are well established strategies and techniques that automation professionals can employ to discover and mitigate security vulnerabilities and improve the inherent security of their products and systems. Learning and adopting these strategies will help companies stay ahead of potential vulnerabilities. 

exida is an ISA/IEC-62443/ISA-99 based industrial control system (ICS) and SCADA system security consulting and certification firm that focuses on the unique requirements of industrial automation and process control systems.

Speaking from Experience

exida staff has over 30 years of experience in industrial automation and control system safety and/or cybersecurity design, implementation and assessment.  exida has experience in assessing and developing cybersecurity solutions in the Transportation, Oil & Gas, Electric Utility, Chemical, Water & Waste Water and other industries that rely heavily on the use of industrial automation and control systems.

At exida, we are familiar with the Department of Homeland Security (DHS), Transportation Security Administration (TSA), National Institute of Standards and Technology (NIST), and the American Public Transportation Association’s (APTA) guidelines, recommended practices, and standards.

exida has also lead and participated in the definition of cybersecurity standards via: ISA 99 committee work – ANSI / ISA / IEC 62443 (formerly ISA 99), APTA recommended practices for passenger rail (Securing Control and Communications Systems in Transit Environments), and ICSJWG sub-group work.

Request a Proposal     7 Steps to ICS Security   

exida is an industrial control system (ICS) and SCADA system security consulting and certification firm that focuses on the unique requirements of industrial automation and process control systems.

Services

exida is involved in each step of the cybersecurity lifecycle from Assessment to Design to Operate & Maintain.  We provide a range of ISA/IEC-62443/ISA-99 based services that is customized to your site’s requirements while following the latest cybersecurity standards and guidelines.  Here is a synopsis of what we offer.

1.  Assess

You wouldn’t begin a journey until you know where you are starting from, where you want to go and how you are going to get there.

Planning the journey to secure your control systems is no different. It starts with understanding the risks that control system security (or insecurity) can have on your business. This is known as a risk assessment and it is used to quantify the threats that pose a danger to your business. exida ranks these risks so you know how to prioritize your security dollars and efforts.

exida can assist you with the following critical steps during the assessment phase:

  1. Assess and evaluate (cybersecurity training and awareness) - see course list below
  2. NIST Cybersecurity Framework gap assessment - NIST Interview, Current vs. Target Tier/Profile Analysis, NIST Framework gap report, Recommended future steps
  3. Cybersecurity Project Scope Definition and Setup - Analyze current profile and recommend steps forward, Analyze and/or create architecture drawing(s), Policy/Procedure  development and/or review
  4. Cybersecurity Vulnerability Assessment (CVA) -  Perform Cybersecurity Vulnerability Assessment, Review and evaluate Architecture Drawing(s), Evaluation of existing countermeasures, Network architecture and traffic assessment, Policy/Procedure Review
  5. High Level Cybersecurity Risk Assessment (HLCRA) - Development of High Level cybersecurity risk assessment procedure, Assist with inventory requirements, Criticality Assignments, Assist with Zone & conduit and Dataflow Information, Train staff on risk assessment procedure, Facilitate and Document Risk Assessment, Initial Security Level (SL) assignments, Threat Modeling
  6. Detailed Level Cybersecurity Risk Assessment (DLCRA) -  Development of Detailed Level cybersecurity risk assessment procedure, Assist with inventory requirements, Train staff on risk assessment procedure, Facilitate and Document Risk Assessment, Documentation of assessment results, Security Level-Target (SL-T) assignment confirmation, Threat Modeling
  7. Process Control Network Defense-in-Depth Review - Zone and Conduit Modeling, Zone and Conduit – Review of corporate reference models, Zone and Conduit - High-level diagrams, Zone and Conduit - Detailed design, Zone and Conduit - design reviews, Barrier device training and commissioning

2.  Design

The design phase starts with a structural assessment of your  security system's architecture and configuration. A detailed study together with full, up-to-date documentation will be reviewed to discover potential cybersecurity vulnerabilities.  Together with exida, the target design is compared in detail with your current network architecture. A road map with technical details and execution time schedule are then finalized.

exida conducts the following during the design phase:

  1. Cybersecurity Requirements Specification (CSRS) - Technical writing - Templates, Development of Requirements, Review of Cybersecurity Requirements Specification
  2. Cybersecurity Design Specification (CSDS) - Consultation, Review, Technology Investigation & Recommendation
  3. Defense-in-Depth Analysis -  Analysis of effectiveness of defense layers, Detection-in-Depth Analysis (analysis of effectiveness of monitoring layers)
  4. User account Administration, Access, and Authorization Philosophy  - Policy/Procedure Review, Policies/Procedures Development, ACL Review, Design Reviews
  5. Cybersecurity Factory Acceptance Test (CFAT) - Cybersecurity Factory Acceptance Test plan development, CFAT execution and reporting
  6. Cybersecurity Site Acceptance Test (CSAT) -  Cybersecurity Site Acceptance Test plan development, CSAT Execution and reporting

3.  Operate & Maintain

Even after your solution is put into place, exida assists you with the processes required to keep your process safe, secure, and reliable.

exida can assist you with the following during the operate & maintain phase:

  1. Cybersecurity Monitoring & Maintenance - Develop logging requirements, Assess monitoring methods, Assess Countermeasures, Assess Security Levels (SL) to requirements
  2. Modifications or Decommissioning of ICS - Impact Analysis Review
  3. Cybersecurity Vulnerability Assessment (CVA)  -  Perform Cybersecurity Vulnerability Assessment, Review and evaluate Architecture Drawing(s), Evaluation of existing countermeasures, Network architecture and traffic assessment, Policy/Procedure Review

Request a Proposal     7 Steps to ICS and SCADA System Security   

Case Study

Regional Wastewater Treatment Facility Secures Network PLCs with Belden-exida Solution and Hands-on Training.

Learn More   

Conduct Efficient Cyber Risk Assessments using CyberPHAxTM

CyberPHAxTM is a PHA based tool that can be used by engineering personnel in project, process safety, information technology, and process control, as well as plant management, and operations personnel.

CyberPHAx guides users through the Cyber Risk Assessment process, effectively focusing the user on the task at hand, identifying types of cyber-attacks, potentially leading to hazardous events and their associated risks.

Learn More About CyberPHAxTM   

"We’re proud to be at the forefront of industrial control system cyber security for our industry and region, and with the training we received, we’re confident in our ability to maintain, troubleshoot and expand our Tofino system in the future,”

plant electronics technician - the city’s Department of Water Resources.

ICS Cybersecurity Courses

We offer a range of ICS Cybersecurity training courses for today's industry professional, from basic to advanced concepts. We also offer customized training options available upon request.

Students benefit from exida's in-depth knowledge and expertise , enabling them to fully understand cybersecurity and implement procedures in their organizations to ensure that they are not vulnerable to cyberattacks.

Advanced Industrial Networking (CS 221)

Ethernet has become the predominant technology as the fieldbus for modern process and control networks. While this technology brings many advantages, it also brings with it many disadvantages. Among them is that Ethernet is a mostly unfamiliar technology for many Process and Control technicians and engineers. This 2-day course expands on the Introduction to Industrial Networking course and the knowledge to dive much deeper into Ethernet Technology. We will cover advanced topics such as VPN, NAT, Redundancy, etc. We will also discuss many more protocols, how they operate, and how they may affect a process and control network. Exercises are included to reinforce knowledge.

More Info    

IEC 62443: 7 Steps to Industrial Control System Cybersecurity (CS 101)

This course provides an introduction to industrial control system (ICS) cyber security and a practical 7 step process for managers and engineers involved in operating, maintaining and integrating ICS/SCADA systems. We have simplified the material from numerous standards and best practice documents, such as ANSI/ISA 99 and NERC CIP, and coupled it with our experience in assessing the security of dozens of industrial control systems to bring you this easy to follow process. Attending this course won’t make you an expert, but it will get your started and on the right path in far less time than it would if you were to start diving in on your own.

More Info    

Industrial Control Systems (ICS) Cybersecurity Lifecycle (CS 102)

This course was designed to show how a cybersecurity program needs to be a continuously evolving and constantly sustained project. Participants in this course will progress through the major phases of the Cybersecurity Lifecycle: Assessment, Implementation, and Maintenance - identifying the necessary inputs and processes to achieve the required outputs for each phase. It is strongly recommended that the student has basic networking knowledge or completes Introduction to Industrial Networking prior to attending this course.

More Info    

Introduction to Industrial Networking (CS 121)

Ethernet has become the predominant technology as the fieldbus for modern process and control networks. While this technology brings many advantages, it also brings with it many disadvantages. Among them is that Ethernet is mostly a unfamiliar technology for many Process and Control technicians and engineers. This 1-day course covers the basics of Ethernet Industrial Control Networks found in most process and control environments. We will cover foundation knowledge of Ethernet networks, communications, discuss different network devices and their functions and use, discuss and review a sampling of Industrial protocols. Labs are included to reinforce the knowledge.

More Info    

Security Development Lifecycle Training

The Security Development Lifecycle training course and workshop was created specifically for developers of industrial control system products with a particular focus on network-enabled embedded control system products such as PLCs, DCSs, SISs, RTUs, VFDs, etc. The objective of this course is to train R&D teams, through a combination of lecture and workshop, on how to properly and effectively integrate software security assurance practices and techniques into their existing software development lifecycle. The training covers all phases of IEC 62443-4-1 (Product Development Lifecycle Requirements) as well as IEC 62443-4-2 (Technical Security Requirements for IACS components), and the ISASecure™ Software Development Security Assurance (SDSA) certification program.

More Info    

© 2000 - 2017 exida.com LLC