DCS; Industrial control system
Product
Article
NameDescriptionContent
English 简体中文
NEW CENTER
Current Location:
Home >> journalism >> Adding ‘Industrial’ to Cybersecurity Education

Adding ‘Industrial’ to Cybersecurity Education

From:automation | Author:H | Time :2024-11-28 | 70 Browse: | Share:
Adding ‘Industrial’ to Cybersecurity Education
Adding ‘Industrial’ to Cybersecurity Education

As organizations mature their operational technology (OT) security approach, they tend to move from a focus on technology to a focus on building a program to, finally, building a workforce that can run the program and operate the technology. This natural progression has been described as the “Industrial Cybersecurity Awakening Model” (Figure 1).

It can take four years—and sometimes much longer—to reach Stage 5 of the model where organizations intentionally develop an OT security team. The International Society of Automation Global Cybersecurity Alliance (ISA GCA) supported a three-year research project to create a consensus-based OT security body of knowledge and has released a 125-page document and other resources. “Curricular Guidance: Industrial Cybersecurity Knowledge” describes the stages of the model and helps ensure OT security leaders can work with education and training providers that follow a consensus-based OT security body of knowledge.

Figure 1: Developing an OT security team can take four years or longer for organizations.
 
In the recent past, ransomware has been a significant driver in the awakening. Those who have been in touch with their local industries know that automotive manufacturers, salad processors and paper makers have suffered ransom demands that shut down process lines and resulted in a relatively rapid leap from Stage 1 to Stage 3. The aftermath of a breach generally leaves one or two individuals (often the electrical engineering professionals who have now been asked to pick up cybersecurity) asking for the resources required to move the “OT side of the house” to stage 4.

Management of some organizations has contented themselves with the belief that a technology investment alone will get the job done. Stage 3 is as far as they are willing to go. But other organizations, especially those with far-flung operations, are advancing to Stages 4 and 5.

At stage four, the IEC 62443 series of standards provides powerful concepts such as the industrial automation and control system (IACS) lifecycle, the IACS principle roles, system types and maturity levels that are key to building a good OT security program. IEC 62443-2-1 recognizes the need for cybersecurity training by including the following requirements:


  • Development of a cybersecurity training program

  • Providing cybersecurity procedure and facility training

  • Providing cybersecurity training for support personnel

  • Validating the cybersecurity training program

  • Revising the cybersecurity training over time

  • Maintaining employee cybersecurity training records (64443-2-1 Req. 4.3.2.4.1-4.3.2.6.4).

When organizations begin to grapple with these training requirements, they begin to recognize serious impediments, such as:

  • Lack of a widely recognized OT security body of knowledge

  • Lack of consensus-based OT security work roles

  • Lack of validated OT security competencies per work role

  • Lack of role-specific OT security training

  • No discussion of OT security competencies required of non-security personnel.


The role of workforce development

OT security leaders attempting to tackle this issue find a complex and often foreign world of workforce development literature and guidance.

Plethoric government agencies and professional training providers offer workforce development models. Within these models, definitions of key terms often conflict, and some terms have changed official definitions within the models over just a few years. It can be overwhelming to sort through.

With these challenges in mind, a working group composed of qualified representatives from industry, government and academia embarked on a three-year research project to review existing OT security workforce development guidance, and where lacking, establish a consensus-based foundation.

In 2019, the Idaho National Laboratory (INL) and Idaho State University (ISU) convened 15 qualified industrial cybersecurity professionals in ISU’s Simplot Decision Support Center, where they engaged in the bias-eliminating nominal group technique to identify five archetype industrial cybersecurity job roles, and initial knowledge categories not normally covered in traditional cybersecurity education.

The results of this effort were published in November 2021 as “Building an Industrial Cybersecurity Workforce: A Manager’s Guide” which included job descriptions, key tasks and hiring advice. Recognizing that despite its strengths, this document did not constitute a consensus-based body of knowledge for an emerging cybersecurity specialization, the INL, ISA Global Cybersecurity Alliance (ISAGCA), and ISU decided to validate, critique and expand the document by involving a broader group of qualified experts.

In Spring 2022, the ISACGA administered a survey to professionals with interest or experience in industrial cybersecurity. The survey included up to 363 input items and received inputs from 170 qualified respondents. The survey questions, responses, analysis and decisions are available for public review, examination and additional analysis on the ISAGCA website. While this is an impressive level of transparency for a curricular guidance effort, the most exciting part is the guidance itself.

The 125-page document is an essential reference for students, instructors, administrators and industrial cybersecurity practitioners. It is organized around the analogy of a building with three components represented in Figure 2: an environment, a foundation and a superstructure.
 

Figure 2: The 125-page ISAGCA document is organized around the analogy of a building.
 
The Industrial Operations Environment describes the contexts (business, geopolitical, professional and industry) within which industrial control systems and industrial cybersecurity exist. The Industrial Control Systems Foundation describes the elements (instrumentation and control, process equipment, industrial networking and communication, and process safety and reliability) that compose an industrial control system. The Industrial Cybersecurity Superstructure describes the elements (guidance and regulation, common weaknesses, events and incidents, and defensive techniques) that most immediately and intuitively pertain to assuring an industrial control system.

Each component is organized into categories, topics and subtopics to reach a level of reasonable granularity—up to six levels deep. While some topic names are identical to those found in traditional cybersecurity contexts, the study describes the unique or special considerations of those topics for industrial and OT environments.
OT security leaders attempting to achieve Stage 5 can now work with education and training providers that rely on a consensus-based OT security body of knowledge.



Resources

The International Society of Automation Global Cybersecurity Alliance (ISA GCA) supports the author’s research and provides these related resources:

  • Whitepaper: “Curricular Guidance: Industrial Cybersecurity Knowledge,”

  • Webinar: “Curricular guidance to develop a new generation of industrial cybersecurity professionals”

  • PowerPoint Presentation

  • The ISAGCA website contains survey questions, responses, analysis and more.

 
Training a cyber-infused generation of automation professionals

What would you say if someone asked how to best move towards a secure digital future for critical infrastructure and industrial automation?

In late July 2016, I was contacted by my master’s thesis supervisor (Dr. Corey Schou) from Idaho State University (ISU) where I had graduated 10 years earlier. He asked whether I would be interested in teaching a course in ISU’s new Industrial Cybersecurity Program.

As I had spent the first decade of my professional life in industrial cybersecurity, I thought this sounded intriguing. I cleared what I thought would be a one-night-a-week teaching commitment with my employer (FireEye/Mandiant) where I had just been appointed as director of the industrial control systems security virtual business unit and started preparing course content for “Risk Management in Cyber-Physical Systems.”
I was unfamiliar with ISU’s Energy Systems Education and Training Center (ESTEC) where the program was housed. So, when I walked into the ESTEC building and saw the fantastic hands-on educational equipment including programmable logic controllers, variable frequency drives, transmitters, pumps, valves, motors, conveyors and pipes, and talked with the experienced instructors, I realized how special this opportunity could be.

ESTEC is a department-level center featuring five distinct engineering technology programs: electrical, instrumentation, mechanical, nuclear operations and industrial cybersecurity. It features 40,000 sq. ft. of educational laboratory and classroom space spread across four buildings on ISU’s main campus in Pocatello, Idaho.

ESTEC was founded in 2007 with the primary objective of expanding ISU’s existing industrial automation program to meet the growing demand for qualified technical professionals at the Idaho National Laboratory. Hundreds of ESTEC graduates work across the country in places like Simplot, Phillips 66, Chevron, Alyeska Pipeline, Columbia Electric Distributors and many other industrial firms.

When I started teaching, I thought to myself, “Wow, the Idaho State Board of Education has approved the country’s first industrial cybersecurity degree program. ESTEC is already a leader in preparing professionals to go into critical infrastructure environments. We need to teach cybersecurity to these students. This is exactly what the country needs. It’s exactly what the world needs.”

I believed it so firmly that I quit my high-paying job at FireEye to become ESTEC’s Industrial Cybersecurity Program Coordinator. My responsibility was to build the program from the ground up.

Over the next seven years, I authored courses, made curriculum proposals, visited high schools to recruit students, submitted and won grants, graded assignments and exams, and hired faculty. I helped place graduates at national-level employers such as the INL, Accenture, Savannah River, National Renewable Energy Laboratory and HDR Engineering, among others.

One of the accomplishments I am most pleased with is that the Industrial Cybersecurity Program at ISU is stackable. “Stackable” means that students can come into the program directly from high school and earn an Associate of Applied Science degree within two years, or they can come into the program from a variety of engineering or operational technology (OT) degrees—including electrical, instrumentation, mechanical and nuclear operations, as well as on-site diesel power and information technology (IT) systems. Students have completed the program from each of these entry points.

One key to this stackability is that the industrial cybersecurity courses are offered as upper division credit (300 and 400 level), meaning they can provide a pathway to a bachelor's degree. After completing industrial cybersecurity courses, students are pointed to a handful of management-oriented upper-division courses including technical writing, project management, supply chain management and organizational behavior. Once students satisfy their general education requirements, they earn a Bachelor of Applied Science in Cyber-Physical Systems.

ISU has taken program development very seriously. In 2022, the Industrial Cybersecurity Program was recognized as a National Security Agency-designated cybersecurity program of study; and, in 2024, the program achieved ABET accreditation. So, how we are going to move towards a more secure digital future in critical infrastructure and industrial automation? I’d say we have to start with the people—the future workforce.
The Industrial Cybersecurity Program at ISU is an outstanding model for how to do this. Through interdisciplinary stackable pathways, we are developing a new generation of automation professionals capable of seamlessly moving between IT, OT and cybersecurity domains.

This feature originally appeared in AUTOMATION 2024: 1st Annual OT Cybersecurity Trends Report.


  • Honeywell 30735863-502 - SWITCH
  • Honeywell TK-CCR014 - REDUNDANT NET INTERFACE NEW ORIGINAL FREE EXPEDITED SHIPPING/
  • Honeywell 51403165-400 - new 51403165400/
  • Honeywell318-049-001 quot100 Batteries(Japan Liion2Ah14.8Wh)INTERMEC/ PR2,PR3 P/N
  • Honeywell FC-PSU-UNI2450U - Power Supply
  • Honeywell 965-0676-010 - WARNING COMPUTER SV
  • Honeywell 51403519-160 - Module
  • Honeywell 107843 - HOUSING CARBON FILE P/N NE COND # 11438 (4)
  • Honeywell VR434VA5009-1000 - Brand new in box Condensing boiler valve DHL fast shipping
  • Honeywell SPXCDALMFX - plc new FREE EXPEDITED SHIPPING/
  • Honeywell BCM-PWS - BCM-ETH BCM-MS/TP BCM-MS/TP Network controller setFedEx or DHL
  • Honeywell YSTR12D-22/C/-2J0DFA/BE/400/T/-CM.HO.TG.SB.SM,ZS,F1,LP,/FX/,1C-BT - UNMP
  • Honeywell IWS-1603-HW - 90-250VAC 1.0A UNMP
  • Honeywell 51304386-150 - MEASUREX Factory Packed
  • Honeywell CC-IP0101 - Profibus Gateway Module
  • Honeywell CC-PFB401 - / CCPFB401 (NEW IN BOX)
  • Honeywell 50071726 - St 800 Series Pressure Transmitter Remote Diaphragm 11-42VDC
  • Honeywell 621-2150 - / 6212150 (NEW NO BOX)
  • Honeywell 80360206-001 - USED YAMATAKE CLI BOARD
  • Honeywell BMDX001A-001 - ACCURAY / BOARD BMDX001A001
  • Honeywell XCL8010A - New CPU Controller.
  • Honeywell PGM-7320 - 1PCS NEW Rae Systems MiniRAE 3000 Portable VOC Monitor#XR
  • Honeywell BK-G40 - U65 *FULL INSTALLATION* Gas Meter 3?± Inlet/Outlet Spool NEW UNUSED
  • Honeywell DM106-0-B-00-0-R-1-00000-000-E0 - DPR100 250V NSNP
  • Honeywell KFD840 - PRIMARY FLIGHT DISPLAY CORE PN: 066-01206-0104
  • Honeywell 51401914-100 - 51400996-100
  • Honeywell TK-PRS021 - Module Via FEDEX/DHL
  • Honeywell C7012A1145 - 1PC New UV Flame Detector Expedited Shipping
  • Honeywell OV210 - Baxter Bakery Oven Igition Control. For DRO. 00-616973 NEW
  • Honeywell 51304431-125 - 1PC New /51304431125 1 year warranty#XR
  • Honeywell QPP-0002 - Quad Processor Module / 5 Vdc / Massima 1.2A/24Vdc/max.25mA
  • Honeywell QPP-0002 - Quad Processor Module / 5Vdc / Max. 1.2A/24Vdc/max.25mA
  • Honeywell 8C-PCNT02 - 514543363-275 module
  • Honeywell DPCB21010002 - Tata Printed Circuit Board
  • Honeywell DPCB21010002 - Tata Printed Circuit Board Rev: 0
  • Honeywell 001649-M5T028 - Tata Printed Circuit Board Rev: 0
  • Honeywell YSTD924-(J2A)-00000-FF,W3,TP,TG,SS - NSFS
  • Honeywell XF523-A - / XF523A (NEW IN BOX)
  • Honeywell TK-PRS021 - NEW IN STOCK ship by UPS
  • Honeywell 2MLR-AC22 - " 2mlr-dbsf,2mlf-ad4s,2mlf-dc4s,2mlr-ac22 Rack"
  • Honeywell 9436610 - MEASUREX NSMP
  • Honeywell RT10A-L0N-18C12S0E - RT10A.WLAN.IN.6803.CAM.STD.GMS
  • Honeywell 51305896-200 - P:C1 Rev D Nim Modem - FAST SHIP BY Fedex
  • Honeywell TK-FTEB01 - PCL module Brand New Fast Shipping By DHL
  • Honeywell 8694500 - Measurex Control Processor Module
  • Honeywell DR4500 - Truline and DR4300 Circular Chart Recorder
  • Honeywell EC-7850-A-1122 - / EC7850A1122 (NEW IN BOX)
  • Honeywell XNX-UTAI-RNNNN - NEW Universal transmitter DHL Fast delivery
  • Honeywell SPXCDALMFX - plc new One Year Warranty #
  • Honeywell TC-RPFM01 - C200 system card brand new Fast Shipping
  • Honeywell 51196655-100 - NSMP
  • Honeywell XCL8010A - / XCL8010A (USED TESTED CLEANED)
  • Honeywell 51198801-100 - NEW CPU INTERFACE BOARD UPGRADE KIT UPIU 51306154-100
  • Honeywell 84795 - Sputtering Target 5N Al5Cu 7830x11640x13050
  • Honeywell W7704A-1004 - / W7704A1004 (USED TESTED CLEANED)
  • Honeywell RA890G1229 - FOR FSG UV Protectorelay /PL3
  • Honeywell KFS-599B - 071-01576-0101 UHF Communication Control with Mods (28V)
  • Honeywell WPC2000 - WINTRISS 9683001 WINTRISS CLUTCH/BRAKE CONTROL *NO KEYS*
  • Honeywell C7012E1112 - 1PC C7012E 1112 Burner Detector New In Box Expedited Ship #
  • Honeywell 8C-TCNTA1 - C300 system card brand new Fast Shipping
  • Honeywell ANT67A - TCAS Antenna 071-01548-0100 w/ October 2023 Repaired 8130
  • Honeywell CC-PDIS01 - PLC Module Brand New Fast Shipping FedEx or DHL
  • Honeywell R7247C1001 - 2-4SECS NSMP
  • Honeywell ALI-80A - Collins Encoding Altimeter - P/N 622-3975-011 - Tested 8130 -Serviceable
  • Honeywell 001650-M5T028 - Tata Relay Circuit Board
  • Honeywell 51196886-100 - PC BOARDS (126201 - NEW)
  • Honeywell J-HAM10 - NSNP
  • Honeywell TC-IXL062 - 1PCS module New fedex or DHL
  • Honeywell 114M4910-6 - PISTON ASSY PN NS COND 12037
  • Honeywell C7076 - 191002B Sensor Amplifier 220/240v
  • Honeywell 510STR12D21A-B77P - NSNP
  • Honeywell 51304511-200 - Module Nim Modem Via FEDEX/DHL
  • Honeywell IC-600 - Integrated Communication Unit RCZ851E 7510700-806 Removed Working
  • Honeywell TC-IAH161 - 1PC NEW REDUNDANT NET INTERFACE one year warranty#XR
  • Honeywell 2001-100-150-126-280-20-100000 - REMAN
  • Honeywell QPP-0001 - FSC QUAD PROCESSOR PACK QPP MODULE CC V1.4
  • Honeywell 30734558-001 - / 30734558001 (USED TESTED CLEANED)
  • Honeywell STD830-E1HS4AS-1-A-ADB-11C-B-21A0-00-0000 - 4500PSI NSNP
  • Honeywell 900C75-0560 - NEW HC900 Controller module FedEx DHL Fast delivery
  • Honeywell BL870 - Bezel 7014331-921 w/ October 2018 Repaired 8130
  • Honeywell STG77L-E1G000-1-A-CDC-11S-A-20A0-00-0000 - NSMP
  • Honeywell FF-SB14E12K-S2 - / FFSB14E12KS2 (USED TESTED CLEANED)
  • Honeywell 51198685-100 - "Rev. A, 140519-2-LF Power Supply Module 10A 100-240 VAC"
  • Honeywell 942-M96-M - plc new FREE EXPEDITED SHIPPING
  • Honeywell TK-IAH161 - 1PC New ANALOG INPUT TKIAH161 Expedited Shipping
  • Honeywell C7061F2001 - 1PC UV Flame Detector New In Box #
  • Honeywell 0190-20139/D - ONE Sputtering Coating Disc 4N5TI NEW
  • Honeywell 82408667-001 - NEW MEMORY BOARD ROM/RAM 82408667001
  • Honeywell C7012A1194 - NEW IN STOCK ship by UPS
  • Honeywell TK-FTEB01 - NEW IN BOX FTE BRIDGE Brand New Fast Shipping FedEx or DHL
  • Honeywell RA890G1344 - 1pc NEW Combustion Controller DHL or FedEX
  • Honeywell DH-AP-1/ - Miller 3 Workers per System 4-3/4 Ft Overall H Post Anchor
  • Honeywell TCOAV081 - NEW IN BOX ANALOG OUTPUT EXPEDITED SHIPPING
  • Honeywell W7704D1016 - Control Unit
  • Honeywell 9437710 - USED PIDP MEASUREX / 09437710-RP MODULE REV D STOCK 1603
  • Honeywell 51403165-400 - Brand new industrial computer Fast FedEx or DHL
  • Honeywell DC3200-EE-000R-240-00000-E0-0 - New DHL FastShip
  • Honeywell 51305348-100 - / 51305348100 (USED TESTED CLEANED)
  • Honeywell CC-PAIX01 - 1PCS Brand New Expedited Shipping
  • Honeywell 51305890-175 - REV B NEW
  • Honeywell XCL8010A - NEW IN STOCK ship by UPS
  • Honeywell D18-UU0000-D00000-0000-2-0000-00-E - CHART RECORDER CHART RECORDER
  • Honeywell TC-IAH161 - ANALOG INPUT NEW 1PCS
  • Honeywell 10020/1/2 - / 1002012 (NEW IN BOX)
  • Honeywell DC3200-EE-000R-240-00000-E0-0 - Digital Controller UPS Express New Zy
  • Honeywell 2MLR-CPUH/F - 1PC NEW EXPRESS P3097E YL/
  • Honeywell 9437710 - USED PIDP MEASUREX MODULE REV D STOCK 1608
  • Honeywell CC-PAIX02 - Fast Shipping
  • Honeywell DPR500 - Brand New Fast Shipping By DHL
  • Honeywell 10004/I/F - / 10004IF (USED TESTED CLEANED)
  • Honeywell C7012E1112 - 1PCS New in box UV Flame Detector
  • Honeywell HPTZ-361W - Brand New Expedited Shipping
  • Honeywell 10006/2/1 - / 1000621 (NEW NO BOX)
  • Honeywell SC-PCMX01 - 1PC NEW RTU2020 51307195-175 SHIP EXPRESS #P2254E YL
  • Honeywell X-NPMS(H) - 1PC Network Paging Console Fire Equipment Brand New Via DHL
  • Honeywell C7012E1112 - 1Pcs new Explosion-proof flame detector
  • Honeywell 0190-20139/D - 4N5TI Sputtering Coating Disc
  • Honeywell RM7840E1016 - SER. 3 REV. 4141 120VAC 15SEC NSMP
  • Honeywell C7012E1120 - Brand new Fast shipping via DHL
  • Honeywell MU-PSIM11 - 1PCS card Brand New Expedited Shipping
  • Honeywell DPR500 - Brand New Fast Shipping FedEx or DHL
  • Honeywell 2108B2101N - Gas Detector OPTIMA PLUS-UL-HC
  • Honeywell 51403578-100 - Rev F Operator Keyboard 1x Ship By DHL/FEDEX/UPS
  • Honeywell 51403165-400 - ONE industrial computer
  • Honeywell FF-SB12E/R02E-S2/3 - Securitram Pair FF-SB12E02E-S2/3 + FF-SB12R02E-S2/3
  • Honeywell STR12D-21A-1B0AFAAA21BP-1C,DE,MB+XXXX - NSMP
  • Honeywell STR17G-11A-1K0AFCAA21A0-A1,CC,HC,MB,NE,TG,W2,3H+XXXX - NSMP
  • Honeywell TK-FTEB01 - "FTE connection module , 51309512-175 Fast Shipping"