ISA/IEC 62443 Training for System Integrators of Industrial Automated Control Systems

Empowering you to make educated choices about implementing security based on the ISA/IEC 62443 family of standards  

The use of commercial off-the-shelf (COTS) technologies, the increase in networking, the move to using ethernet and transmission control protocol/internet protocol (TCP/IP), as well as the increased use of web technologies in supervisory control and data acquisition (SCADA) and process control networks has exposed industrial automation and control systems (IACS) to similar vulnerabilities as information systems.    

This course provides a detailed look at how solution and service providers and system integrators can use the ISA/IEC 62443 standards framework to protect critical control systems. It also explores the procedural and technical differences between the security for traditional IT environments and those solutions appropriate for distributed control systems (DCS), programmable logic controllers (PLCs), safety instrumented systems (SIS) or SCADA for plant floor environments.  

The system integrator has a key role in the supply chain and the security of an IACS solution. This course addresses solution providers acting as integrators and ongoing support of industrial automated control systems and how they interact with asset owner/operators as part of the overall supply chain throughout the owner/operator’s lifecycle.   

This three-day training course is heavily focused on the ISA/IEC 62443 standard. The ISA/IEC 62443 series of standards was developed to secure industrial automation and control systems (IACS) throughout their lifecycle. It includes several standards, technical reports (TR) and technical specifications (TS). During an interactive training for system integrators, we will empower you to make educated choices about the implementation of security based on the ISA/IEC 62443 family of standards, considering security issues related to control and automation systems. This training has a core focus on those three IEC 62443 sub-standards most relevant to IACS system integrators: 

• 2-4: Security program requirements for IACS service providers
• 3-2: Security risk assessment for system design
• 3-3: System security requirements and security levels

Training topics 

Training objectives 

Upon successful completion of this training, you will be able to: 

• Determine the right level of security for products and systems.
• Update and maintain the system to the level of security required.
• Gain IT and industrial cybersecurity knowledge in recognizing security problems as required by modern IACS.
• Increase your security awareness by communicating existing threats and current attack vectors.
• Demonstrate that services, systems and products are developed and integrated in accordance with security needs.
• Establish security by design for your systems and products by understanding relevant security methods, security systems and standards.
• Manage supply chain complexity.
• Build trust across your supply network.
• Understand and help to minimize the risk of integrating IT and operational technology (OT) infrastructure.
• Meet customer demands regarding requirements from specific industries.
• Enhance brand protection.
• Control operations in terms of cybersecurity resilience.
• Take care of the product and system security due diligence.
• Demonstrate your security compliance to a wide range of target markets and customers.
• Differentiate products/systems based on security against competitive products/systems.
• Gain a competitive advantage and enhance your market position.
• Make your components’ security transparent and accessible to system integrators and end users.
• Embed security into development processes.
• Instill cybersecurity rigor into your processes.
• Use a tailored, risk-based way of assessing security.
• Demonstrate validation of security to customers.