Contact Us   |   Your Cart   |   Sign In   |   Join
Introduction to Cybersecuring Building Control Systems Workshop (September)
Tell a Friend About This EventTell a Friend
 

The Introduction to Cybersecuring Building Control Systems Workshop is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect their facilities.

9/23/2015
When: Wednesday, September 23, 2015
8:00 AM - 5:00 PM
Where: National Institute of Building Sciences
1090 Vermont Ave., NW
Suite 700
Washington, District of Columbia  20005
United States
Presenter: Michael Chipley, PhD, GICSP, PMP, LEED AP
Contact: Ryan Colker
202-289-7800


Online registration is closed.
« Go to Upcoming Event List  

The nation’s buildings are increasingly relying on building control systems (otherwise known as operational technology) that are Internet-enabled. These systems provide critical services that allow a building to meet the functional and operational needs of building occupants, but they can also be easy targets for hackers and people with malicious intent. Attackers can exploit these systems to gain unauthorized access to facilities; cause physical destruction of building equipment; be used as an entry point to the traditional informational technology (IT) systems and data; and expose an organization to significant financial obligations to contain and eradicate malware or recover from a cyber event.

The Introduction to Cybersecuring Building Control Systems Workshop is intended for those professionals new to the world of cybersecurity, including facility, engineering, physical security, information assurance and other professionals involved with the design, deployment and operation and cybersecuring of building control systems. It will provide a combination of classroom learning modules to teach control system basics, protocols, how to use the information assurance risk management framework and hands-on laboratory exercises using tools and methods to inventory, diagram, identify, attack, exploit, contain and eradicate a cyber event.

The Workshop is built around key federal guidelines, including:

  • Executive Order 13636—Improving Critical Infrastructure Cybersecurity (Issued February 19, 2013)
  • National Institute of Standards and Technology (NIST) Cybersecurity Risk Management Framework (Issued February 12, 2014)
  • NIST Special Publication (SP) 800-82 Rev. 2 Industrial Control Systems Security Guide Final Public Comment draft (Issued February 2015)
  • U.S. Department of Homeland Security (DHS) Interagency Security Committee "Securing Government Assets through Combined Traditional Security and Information Technology” White Paper (Issued February 2015)

These new requirements will have a transformational impact on the traditional building design, construction, operation and protection of building control systems and will require facility and information assurance professionals to learn building control system cyber skills. (For more information, see the Whole Building Design Guide Cybersecurity Reference page.)

Workshop Overview

Classroom: Overview of Building Control Systems and Protocols

Classroom: Defense in Depth, Enclaves, System Boundaries, Model Operations Center, Test and Development Environment, Continuous Monitoring

Lab: Using the DHS CSET and network mapping tools to create an Inventory, Enclave and Network Diagram, System Security Plan

Classroom: Drivers, Standards, Guides, Publications

Classroom: System Security Plan, Plan of Action and Milestone, CONOPS, Incident Response Report

Lab: Introduction to Google Hacking, Shodan, VMWare, Kali Linux, SamuraiSTFU tools

Classroom: Attacking and Defending, Response and Recovery, Reporting

NOTE

Students will need to bring a laptop with administrative privileges to load software. Course content, tools and lab exercises will be provided on a CD at the beginning of the Workshop.

Community Search
Latest News
Calendar

10/4/2016
Workshop: Your Building Control Systems Have Been Hacked, Now What?

10/6/2016
IECC Proposed Outcome-Based Pathway Webinar

10/12/2016
Workshop: Zeroing in on Schools: Transforming New and Existing K-12 Buildings to Zero Energy

10/18/2016
Introduction to Cybersecuring Building Control Systems Workshop (October 2016)

10/19/2016
Advanced Cybersecuring Building Control Systems Workshop (October 2016)