Module/Workshop

Introduction to Industrial Control Systems

7 Lessons

This is the first module in the Cyber-Physical Industry course; however, it can be taught as a standalone module.  The purpose of this module is to introduce students to concepts associated with system assets and system operations in industrial control systems. The material is approached from the perspective of quality management, which aims to discover and describe all processes, participants, and interactions to ensure that an industrial system meets its strategic and operational goals. This module provides a high-level introduction to the industrial environment to prepare students for more in-depth work in industrial networks, ICS protocols, and PLC programming.

Learning Objectives
  • Explain the relationship between quality (systems), innovation, and cybersecurity
  • Explain the relationship between production systems, industrial control systems, and critical infrastructure
  • Describe the high-level architecture for a production system, differentiating between information technology (IT) and operations technology (OT), and the levels and degrees of automation
  • List the core functions and components of control systems
  • Explain how control systems evolved from ancient times to today, emphasizing key enabling innovations and turning points on the way to “Industry 4.0”
  • Identify the components of an ICS and their interrelationships, including RTU, PLC, PAC, SCADA/DCS, SIS, and HMI – including new and emerging technologies for HMIs
  • Describe the execution logic of a PLC by inspecting a ladder logic diagram
  • Compare and contrast control systems in discrete manufacturing and process industries
Faculty Instructions

This module has been designed with configurability in mind. Optional homeworks and additional assessment opportunities are outlined in each lesson plan, but can be incorporated or completely left out at the discretion of the instructor (with no adverse effect).

This module also contains one exam with 8 short-answer questions.

Files
Introduction to Industrial Control Systems Module Description
Module 1 Exam
Module 1 Exam Answer Key

Log In
to download materials

* NICE Cybersecurity Workforce Framework KSAs Addressed
  • K0053: Knowledge of measures or indicators of system performance and availability.
  • K0120: Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise
  • K0146: Knowledge of the organization's core business/mission processes.
  • K0154: Knowledge of supply chain risk management standards, processes, and practices.
  • K0164: Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
  • K0198: Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
  • K0309: Knowledge of emerging technologies that have potential for exploitation by adversaries.
  • K0335: Knowledge of current and emerging cyber technologies.
  • K0437: Knowledge of general SCADA system components.
  • K0511: Knowledge of organizational hierarchy and cyber decision making processes.
  • K0612: Knowledge of what constitutes a “threat” to a network.
  • S0038: Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system
  • S0085: Skill in conducting audits or reviews of technical systems.
  • S0109: Skill in identifying hidden patterns or relationships.
  • S0228: Skill in identifying critical target elements, to include critical target elements for the cyber domain.
  • S0278: Skill in tailoring analysis to the necessary levels (e.g., classification and organizational).
  • A0009: Ability to apply supply chain risk management standards
  • A0034: Ability to develop, update, and/or maintain standard operating procedures (SOPs).
  • A0035: Ability to dissect a problem and examine the interrelationships between data that may appear unrelated.
  • A0045: Ability to evaluate/ensure the trustworthiness of the supplier and/or product.
  • A0085: Ability to exercise judgment when policies are not well-defined.
  • A0107: Ability to think like threat actors.
  • A0108: Ability to understand objectives and effects.
* NSA/DHS Center of Excellence (CAE) KUs Addressed
  • Industrial Control Systems

* Most courseware content maps to NIST NICE Cybersecurity Workforce Framework (NCWF) Knowledge, Skills, and Abilities (KSAs) and/or NSA/DHS CAE Knowledge Units (KUs). For more information on KSAs and KUs, please visit:

KSAs: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf

KUs: https://www.iad.gov/NIETP/documents/Requirements/CAE-CD_Knowledge_Units.pdf