ISA Breaks New Ground In Providing Experiential Industrial Cybersecurity Training Based On ISA/IEC 62443 And Within Its IACS Security Lifecycle Training Program

ISA’s new Cyber Trainers simulate real-world cyberattack and cyber-defense capabilities

By replicating the real-world operation of industrial automation and control systems (IACS) through its new cyber-learning environment—including simulating actual cyberattack and cyber-defense capabilities—the International Society of Automation (ISA) marks a significant advancement in industrial cybersecurity training.

At the heart of ISA’s new cyber-learning environment are specialized new ISA IACS Cybersecurity Trainers (Cyber Trainers), each designed and equipped with genuine, full-function industrial automation system hardware and software configured to perform like the IACS and networks in a real operating water plant or other critical infrastructure.

“Because our new Cyber Trainers deliver our students with a real-world-type of experience, they’re able to test their abilities in identifying typical plant cybersecurity vulnerabilities and practice how to best implement cybersecurity defenses,” says Patrick Gouhin, ISA Executive Director and CEO. “Giving students the ability to learn through trial and error, without putting actual live production equipment and operations at risk, is essential because a real cyberattack can irreparably damage industrial control systems, hardware and networks—which can lead to plant explosions and shutdowns.”

ISA’s Cyber Trainers, cyber-learning environment and cybersecurity courses are all designed to comply with and educate students on the internationally adopted ISA/IEC 62443 industrial cybersecurity standards. ISA/IEC 62443—recognized as the world’s only consensus-based series of IACS security standards—enables operators of critical infrastructure to achieve and maintain IACS security improvements through a lifecycle that integrates design, implementation, monitoring, and continuous improvement.

“Not only do students get to train in a learning environment that simulates the actual processes and communications protocols used in industrial operational technology, they gain hands-on, working knowledge of the ISA/IEC 62443 standards and how they protect industrial control systems and networks,” Gouhin points out. “This is a significant advancement in industrial cybersecurity training that, until now, was not possible.”

ISA, a global leader in industrial cybersecurity standards, training, certificate programs and educational resources, unveiled its new cyber-learning environment in late January to support advanced ISA cybersecurity training provided to a major entity within the US Department of Defense.

A closer look at ISA’s Cyber Trainers
The system architecture behind the Cyber Trainer’s simulated operations plant environment begins at the interface point between the plant’s networks and the corporate networks, and creates a realistic IACS network that offers numerous opportunities for both cyberattack and cyber defense.

The hardware, software and application configuration of each Cyber Trainer supports control samples used in three industrial application scenarios involving: a natural gas substation, potable water and electric power distribution. Each scenario has a Basic Process Control System PLC (BPCS PLC) configuration, a Safety Instrumented System PLC (SIS PLC) configuration, Human Machine Interface (HMI) graphics, and a process simulation configuration.

The Cyber Trainers, with its incorporated industrial scenarios, are designed to offer a robust learning experience for both simulated cyber “attackers” and “defenders” as outlined in Blue Team Playbook and Red Team Playbook. The portability of the Cyber Trainers makes them suitable for any classroom setting: both at ISA training facilities or at customer sites.

ISA’s IACS Security Lifecycle Training Program
ISA’s Cyber Trainers are designed to be used in two advanced ISA cybersecurity courses that are part of ISA’s IACS Security Lifecycle Training Program:

• IACS Cybersecurity Design & Implementation (IC34)
• IACS Cybersecurity Operations & Maintenance (IC37)

Among the essential topics covered in these courses are:

• IACS security design
• Evaluation of implemented countermeasures
• IACS device hardening
• Network device hardening
• Security robustness testing
• IACS event detection tracking and log monitoring
• Network packet analysis and backup/recovery

The two courses also examine in detail the procedural and technical differences between the security for traditional IT environments and solutions appropriate for the operational technology (OT) environments of critical infrastructure.

The ISA/IEC 62443 series of IACS security standards
Without proven security standards designed to protect IACS, industrial cyberattack can impair and disable safe operations of critical infrastructure and other industrial facilities—putting national and economic security as well as lives, personal safety and the environment at risk.

ISA/IEC 62443 standards—developed by leading international cybersecurity experts from industry, government and academia—are designed to improve the safety and integrity of systems and components used for industrial automation and control, and provide the means to detect cyber intrusion and mitigate its damage.

As a flexible framework for addressing IACS security weaknesses across all key industry sectors, the ISA/IEC 62443 series are integral components of the US government’s current and future plans to combat industrial cyberattack.

ISA has been developing industry standards for more than 67 years, with 150 different standards in its portfolio, representing the expertise of more than 4,000 industry experts worldwide. Industry standards help automation professionals streamline processes and improve industry safety, efficiency, and profitability.

About ISA
The International Society of Automation is a nonprofit professional association that sets the standard for those who apply engineering and technology to improve the management, safety, and cybersecurity of modern automation and control systems used across industry and critical infrastructure. Founded in 1945, ISA develops widely used global standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its 40,000 members and 400,000 customers around the world. For more information, visit www.isa.org.

ISA owns Automation.com, a leading online publisher of automation-related content, and is the founding sponsor of The Automation Federation (www.automationfederation.org), an association of non-profit organizations serving as “The Voice of Automation.” Through a wholly owned subsidiary, ISA bridges the gap between standards and their implementation with the ISA Security Compliance Institute (www.isasecure.org) and the ISA Wireless Compliance Institute (www.isa100wci.org).