Contact Us   |   Your Cart   |   Sign In   |   Join
Cybersecuring DoD Control Systems Workshop (September)
Tell a Friend About This EventTell a Friend
 

This Cybersecuring DoD Control Systems Workshop taught by Michael Chipley of The PMC Group LLC, is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect DoD facilities.

9/11/2015
When: Friday, September 11, 2015
8:00 AM - 5:00 PM EDT
Where: National Institute of Building Sciences
1090 Vermont Avenue, NW
Suite 700
Washington, District of Columbia  20005
United States
Presenter: Michael Chipley, PhD, GICSP, PMP, LEED AP
Contact: Ryan Colker
202-289-7800


Online registration is closed.
« Go to Upcoming Event List  

Over the past several years, the nation’s communities have seen an increasing shift to “smart buildings” that use internet-enabled wireless technology to control building-related systems. Such trends also are being seen in U.S. military facilities. In early 2015, following the release of a Government Accountability Office (GAO) report that called attention to building-related cyber risks, the House Armed Services Committee approved legislative language requiring the U.S. Department of Defense (DoD) to perform a cyber-vulnerability study as part of its fiscal year 2016 defense authorization bill.

To support DoD facility managers and other facilities-related personnel to better prepare against cyber threats, the National Institute of Building Sciences is initiating a new cybersecurity workshop series. The Cybersecuring DoD Control Systems Workshop taught by Michael Chipley of The PMC Group LLC, is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect DoD facilities.

Department of Defense Instruction (DoDI) 8500.01 and DoDI 8510.01 incorporate Platform Information Technology (PIT) and PIT systems into the Risk Management Framework (RMF) process. PIT may consist of both hardware and software that is physically part of, dedicated to or essential in real time to the mission performance of special-purpose systems (i.e., platforms). PIT differs from individual or stand-alone IT products in that it is integral to a specific platform type, as opposed to being used independently or to support a range of capabilities (e.g., major applications, enclaves or PIT systems). A Control System (CS) is a specific type of PIT that consists of combinations of control components (e.g., electrical, mechanical, hydraulic, pneumatic) that act together to achieve an objective (e.g., transport matter or energy, or maintain a secure and comfortable work environment). 

The Cybersecuring DoD Control Systems Workshop will include hands-on classroom exercises and labs to footprint a CS as a hacker would do; use the Cyber Security Evaluation Tool (CSET) to establish a risk baseline and create a System Security Plan; and use the enterprise Mission Assurance Support System (eMASS) to load projects using the new DoDI 8510.01 RMF process. Attendees will gain in-depth experience on using the Committee on National Security Systems Instruction (CNSSI) 1253; National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 R4; NIST SP 800-82 R2; and other key publications and tools to load and manage a project through the six steps of the RMF.

Workshop Overview

Overview of DoDI 8500/8510 RMF and PIT ICS, NIST Standards & Drivers, ICS Protocols

Overview of Shodan, Kali Linux, Samurai STFU, Wireshark, Sophia

Using Shodan to Footprint ICS

Using CSET 6.2: SAL, Network Arch Diagram, Inventory, Templates, Security Controls Evaluation, Reports, Data Aggregation & Trending, System Security Plan

Using eMASS; hands-on demonstration

Using the RMF KS CS PIT website Step-By-Step instructions and Interim Excel files for uploading into eMASS

Wrap Up, Q&A

NOTE

Students will need to bring a laptop with administrative privileges to load software. Course content, tools and lab exercises will be provided on a CD at the beginning of the Workshop.

Community Search
Latest News
Calendar

10/4/2016
Workshop: Your Building Control Systems Have Been Hacked, Now What?

10/6/2016
IECC Proposed Outcome-Based Pathway Webinar

10/12/2016
Workshop: Zeroing in on Schools: Transforming New and Existing K-12 Buildings to Zero Energy

10/18/2016
Introduction to Cybersecuring Building Control Systems Workshop (October 2016)

10/19/2016
Advanced Cybersecuring Building Control Systems Workshop (October 2016)