This is a summary of a very interesting paper for a proposed framework for ICS Cybersecurity remote training: https://www.sciencedirect.com/science/article/pii/S2405896322015427, especially with the move towards remote training with the COVID-19 pandemic still around the corner.
This summary is divided into 4 sections; An introduction, description of the proposed platform, Education experience and results from the proposed framework and eventually a conclusion.
Cybersecurity is a key subject for digital transformation where institutional, industrial, and educational sectors should be involved in a coordinated way. Currently, there is a lack of workforce with essential competences to apply secure solutions in an industrial environment. For that reason, to address this increasing demand, universities promote ICS courses and related programs. In this work, a platform for remote training in cybersecurity is proposed using cabinets that include specific elements for automation and control as well as additional resources for administration and communication tasks. The platform was used to conduct two training courses and the feedback was mostly positive.
The IoT ULE-Schneider Electric Technological Classroom is being used for delivering the training. This classroom is composed of 10 control cabinets whose design follows a prototype developed by the researchers of the SUPPRESS research group. It comprises 4 subsystems: Field, Industrial Control and Supervision, Electric Management, and Communications. Physical devices and Hyper-V virtual machines were both utilized. A physical central server was used for providing an LMS, remote access management and administrative utilities. In addition, a PC was hooked up to each cabinet for software administration, including managing traffic, access management, PLC programming and HMI configuration, and monitoring traffic. Each student can remotely access an independent physical computer and is redirected to the assigned workstation after login. To avoid loss of connection to the cabinet, the architecture isolates the practice networks from the management one to be able to re-establish the systems in case of failure.
Two introductory, eminently practical, courses were developed using the proposed platform with generic ICS security topics as well as securing its communication networks. They are designed for educators with strong backgrounds in ICS and cybersecurity. Learning outcomes ranged from engineering technical perspectives such as utilizing vulnerability scanners and sniffing networks, to network design, security policies design and risk management. Both courses were provided in 2021 remotely, where the instructors had fully-fledged video conferencing with the students and remote access to stations. Materials included step-by-step hands-on exercises through the LMS, and all the students shared the same configuration for each task, regardless of which cabinet they are connected to.
Eventually, a questionnaire was handed out to the trainees to evaluate the effectiveness of the training and gain valuable feedback regarding the lab structure, quality of remote operation and their perception of the improvement in the learning process using the platform’s equipment. The results came back mostly positive in all the three sections.
An educational platform for remote training in industrial cybersecurity is developed. The architecture is composed of several functional blocks. The proposed platform has been used for training of professional educators in two eminently practical courses that addressed the security of ICS and communication networks. The students had the chance to work with key technologies for secure configuration of industrial hardware and software, as well as other technologies such as vulnerability assessment and IDS. In this sense, the proposed approach can be considered successful as an ICS training platform.
Just Some Techie Notes! 