Building, Attacking and Defending SCADA Systems

Tom Parker and Jonathan Pollet july 21-22 july 23-24


Ends February 1


Ends June 1


Ends July 20


July 21-24


Supervisory control and data acquisition (SCADA) systems are some of the most poorly understood, yet most critical systems in use in the world today. And while they generally remain unseen, they are responsible for the smooth running of our daily routines – from the moment we turn on a tap in the morning, to turning off the lights at night. This two day course will provide a primer into the world of securing industrial control and automation systems as they relate to the numerous industries where they are most prolific. Day one will provide students with an understanding of SCADA use-cases in a number of environments where control systems are most commonly found. Students will become familiar with SCADA-specific fundamentals required to apply information security doctrine to SCADA applications. Day two will focus on attacking industrial control systems, including how vulnerability research of ICS devices may be conducted and later applied to live systems. Day two will conclude with applying students' newly acquired knowledge to securing SCADA applications, including the ways in which embedded ICS devices may be secured.

Who Should Attend

Who Should Take This Class

Student Requirements

Students must at minimum possess a fundamental understanding of computing and networking technologies, including Switching, Routing, Windows and UNIX based operating systems at an intermediate level. A prior understanding of IP based network protocol fundamentals, including the use of simple packet inspection tools (such as tcpdump and wireshark) is also recommended.

What You Need to Bring

Students should bring a laptop capable of running VMware, with at least 4GB of RAM. Students are recommended to pre-install a functioning version of VMWare Workstation or VMWare Player. The host operating system may be either 32 or 64bit. Students should be familiar with networking fundamentals (switching, routing etc) and have an intermediate grasp of security concepts, including application security, firewalls and intrusion detection. Students are advised that a basic understanding for IP based network protocol design is beneficial.


Tom Parker is the Chief Technical Officer and Vice President of Security Services at FusionX. Tom is recognized throughout the security industry for his research in multiple areas including adversary profiling, industrial control systems security and software vulnerability research & analysis. Tom has published over four books on the topic of information security including Cyber Adversary Characterization - Auditing the Hacker Mind and a contributor to the popular Stealing the Network Series. Tom is a frequent speaker at conferences including a past speaker at Black Hat. Tom often lends his time to guest lecturing at Universities, involvement in community research initiatives, and is often called to provide his expert opinion to mass media organizations, including BBC News, CNN, and online/print outlets such as The Register, Reuters News, Wired and Business Week.

Jonathan Pollet, Founder and Principal Consultant for Red Tiger Security, USA has over 12 years of experience in both Industrial Process Control Systems and Network Security. After graduating from the University of New Orleans with honors and receiving a B.S. degree in Electrical Engineering, he was hired by Chevron and designed and implemented PLC and SCADA systems for onshore and offshore facilities. In 2001 he began to publish several white papers that exposed the need for security for Industrial Control Systems (ICS), and is still active in the research of vulnerabilities within critical infrastructure systems. He has led security teams on over 150 assessments, penetration tests, and red team physical breaches involving SCADA and Industrial Control Systems. He is also the co-developer of the 5-day SCADA Security Advanced training course initially offered in February 2009, and is currently at version 2.4.