ICS 2022

This full-day lab course gives participants hands-on experience attacking and hardening a simulated power plant network to learn about common ICS vulnerabilities and defenses. Participants will attack historians, HMIs, and PLCs to cause a power outage in the 3D simulation, and then implement defenses like firewalls and network monitoring to harden it.

Learning Objectives - In this session attendees will learn:

• Deeper understanding of common vulnerabilities in ICS networks and devices                     
• Techniques for testing ICS devices for various vulnerabilities
• Practical experience hardening ICS device configurations and using network defenses

Topics Covered:

• Scanning ICS networks
• Exploiting web vulnerabilities in the DMZ
• Sniffing industrial network traffic
• Password cracking
• PLC and HMI programming
• Using Yara to scan for ICS malware
• Writing host and network firewall rules for ICS
• ICS network intrusion detection
                             

Requirements
Participants must bring their own laptop with either Chrome or Firefox installed. Some Linux experience is helpful but not required.