There are a number of very good general ICS security courses available, such as Red Tiger, SCADAhacker, UtiliSec or the INL courses. We thought we would try a course aimed at a specific type of control system with the hope of providing more tailored, understandable and actionable information for the Power Generation community.
The result is a one-day course: Cyber Security for Power Generation taught by Michael Toecker on May 17th. It is being held very close to Ohare airport in Chicago and immediately after the nearby Electric Power Expo. Hopefully some attendees of the Expo will find it convenient to extend their stay for one more day of training. The cost of the one day course is $495.
I’ve been after Michael Toecker to create and teach a cyber security training course specifically for Power Generation engineers ever since he helped identify the true impact of a Bently Nevada vibration monitoring direct connection from the corporate network. Sure the connection did not have access to the DCS, and it was used for monitoring only, but in this installation it could change a trip setpoint.
Mike has experience assessing and securing most of the DCS used in power generation today, such as ABB, Emerson, Foxboro, GE, and Toshiba, as well as the balance of plant systems. His approach is to describe a model power plant and then discuss the vulnerabilities, potential impacts and security controls in the context of that model power plant.
This course could be your best training option if you are part of a team responsible for securing Power Generation.
Image from S4x13