Building, Attacking and Defending SCADA Systems in the Age of Stuxnet

Tom Parker and Jonathan Pollet

Register Now

USA 2011 Weekend Training Session //July 30-31

*SOLD OUT* USA 2011 Weekday Training Session //August 1-2


Supervisory control and data acquisition (SCADA) systems are some of the most poorly understood, yet most critical systems in use in the world today, and while they generally remain unseen are responsible for the smooth running of our daily routines – from the moment we turn on a tap in the morning, to turning off the lights at night. This two day course will provide a primer, into the world of securing industrial control, and automation systems as they relate to the numerous industries where they are most prolific.

Who Should Attend:

Who Should Take This Class

  • Security Professionals seeking to understand SCADA Security
  • SCADA Engineers charged with designing SCADA architectures
  • Developers / Project Managers working on control system projects
  • IT Systems Administrators for Electric Utilities
  • Any curious minds seeking to learn more about SCADA Security!

Student Requirements

Students must at minimum possess a fundamental understanding of computing and networking technologies, including Switching, Routing, Windows and UNIX based operating systems at an intermediate level. A prior understanding of IP based network protocol fundamentals, including the use of simple packet inspection tools (such as tcpdump and wireshark) is also recommended.

What You Need to Bring

Students should bring a laptop capable of running Windows 7. This can be either 32bit or 64bit. Students should be familiar with networking fundamentals (switching, routing etc) and have an intermediate grasp of security concepts, including application security, firewalls and intrusion detection. Students are advised that a basic understanding for IP based network protocol design is beneficial.

Course Syllabus

Day 1:

Introduction (1 hr)

  • Course Outline review, Ground Rules, Introductions
  • SCADA Systems Overview
  • Classification of Typical System Systems
  • SCADA Components and Functions

SCADA Inputs, Outputs, and Sensor Networks (1 hr)

  • Controllers, Embedded Systems and Protocols

PLCS, DCS, Hybrid Controllers, PC – Controls (45 min)

SCADA Protocols and hands-on operations (1 hr 15 min)

  • Demo #1: Discovering SCADA devices and protocol functions
  • Demo #2: Build and Configure an OPC Server
  • Demo #3: Build a SCADA HMI (1 hr)

SCADA and the Electric Grid (2 hr)

  • Bulk Electric System Primer
  • Energy Generation
  • Transmission & Distribution (EMS & DCS) System Deep-Dive
  • Next-Generation Technologies 'Smart Grid'

SCADA, Gas and Oil (1hr)

  • Refinery & Pipeline Operations Primer
  • SCADA Systems & threats to human life
  • Review of Actual Incidents that have affected SCADA Systems

Day 2

Regulatory Compliance (2 hr)

  • NERC CIP-002-009 Compliance
  • NERC CIP 10 & 11
  • Future of Security Compliance & Electric Utilities

Attacking SCADA Infrastructures (1 hr)

  • Finding & Exploiting Protocol Vulnerabilities
  • Demo #4: Leveraging free protocol analyzers and evaluation tools to overwrite controller memory registers
  • Stuxnet Case Study

Exploiting Configuration Level Weaknesses (1 hr)

  • Most common vulnerabilities discovered in the field
  • Remote Access Exposures
  • Taking over the grid

Defending SCADA Infrastructures (4 hrs – rest of the day)

  • SCADA DMZ Design and Security enhanced architectures (1 hr)
  • Leveraging Secure SCADA Architectures for Additional Security Features (1 hr)
  • SCADA Remote Access Design Considerations (1 hr)
  • Additional Future-Looking Considerations (1 hr)

Securing Protocols

Control System Device Monitoring

Secure Process Control to Corporate Cloud Communications


Tom Parker is the Director of Security Consulting Services at Securicon. Tom is a recognized throughout the security industry for his research in multiple areas including adversary profiling and software vulnerability research & analysis. Tom has published over four books on the topic of information security including "Cyber Adversary Characterization - Auditing the Hacker Mind" and a contributor to the popular "Stealing the Network" Series. Tom is a frequent speaker at conferences including a past speaker at Black Hat. Tom often lends his time to guest lecturing at Universities, involvement in community research initiatives, and is often called to provide his expert opinion to mass media organizations, including BBC News, CNN, and online/print outlets such as The Register, Reuters News, Wired and Business Week.

Jonathan Pollet, Founder and Principal Consultant for Red Tiger Security, USA has over 12 years of experience in both Industrial Process Control Systems and Network Security. After graduating from the University of New Orleans with honors and receiving a B.S. degree in Electrical Engineering, he was hired by Chevron and designed and implemented PLC and SCADA systems for onshore and offshore facilities. In 2001 he began to publish several white papers that exposed the need for security for Industrial Control Systems (ICS), and is still active in the research of vulnerabilities within critical infrastructure systems. He has led security teams on over 150 assessments, penetration tests, and red team physical breaches involving SCADA and Industrial Control Systems. He is also the co-developer of the 5-day SCADA Security Advanced training course initially offered in February 2009, and is currently at version 2.3.

Ends April 30
Ends Jun 15
Ends Jul 29