Industrial Control Systems Cybersecurity (301) Training
Date: October 7 - 11, 2013
Location: Control Systems Analysis Center, 765 Lindsay Boulevard, Idaho Falls, Idaho
The United States Department of Homeland Security ICS-CERT (Industrial Control Systems Cyber Emergency Response Team)
Program is pleased to sponsor the ICS Cybersecurity (301) Workshop specifically targeted for the
This event will provide hands-on instruction in discovering who and what is on the network, identifying vulnerabilities,
learning how those vulnerabilities may be exploited, and learning defensive and mitigation strategies for ICS. The week
includes a Red Team / Blue Team exercise that takes place within an actual control systems environment. This workshop
provides the opportunity to network and collaborate with other colleagues involved in operating and protecting control
Who Should Attend?
Members of the industrial control systems community associated with IT and process control network operations and security,
operations or management of critical infrastructure (CI) assets and facilities as well as those who provide CI components and
The class size is limited to approximately 40 people. Please note that priority will be given to international
critical infrastructure asset owners, operators, and vendors. Every student attending this course
should bring a laptop computer with
a DVD drive. The laptop must be able to boot an operating system from a DVD. Register at
Structure and Agenda
This event consists of industrial control systems cybersecurity instruction and a Red Team / Blue Team exercise.
- Day 1 - Welcome, overview of the DHS Control Systems Security Program, a brief review of cybersecurity for
Industrial Control Systems, a demonstration showing how a control system can be attacked from the internet, and
hands-on classroom instruction on Network Discovery techniques and practices.
- Day 2 - A continuation of the hands-on classroom instruction on Network Discovery, the use of Metasploit,
and then separating into Red and Blue Teams.
- Day 3 - Hands-on classroom instruction on Network Exploitation, Network Defense techniques and practices,
followed by Red and Blue Team strategy meetings.
- Day 4 - A 10-hour exercise where participants are either attacking (Red Team) or defending (Blue Team)
the control system environment. The Blue Team is tasked with providing the cyber defense for a corporate
environment, while maintaining operations of a batch mixing plant, and an electrical distribution SCADA system.
- Day 5 - Red Team / Blue Team exercise lessons learned and class room roundtable discussion.
Cost to Attend
There is no cost to attend the workshop; however, travel expenses to and from and accommodations at Idaho Falls are the responsibility of each participant.
This workshop will require attendees to climb a flight of stairs to reach the second floor of the Control Systems
Analysis Center where the classroom activities and portions of the Red Team / Blue Team exercise are provided. The
facility does not have an elevator or escalator.
For additional information and/or questions send an email to: CSSP_Training@hq.dhs.gov.