ISA Delivers On-Site Industrial Cybersecurity Training and Technical Support at US National Guard Exercise

ISA Logo

 

June 4,2018

For the third year in a row, the International Society of Automation (ISA) provided operational technology (OT) training and on-site technical assistance in support of the US National Guard’s national cyber-operations exercise, Cyber Shield.

Cyber Shield is designed to train National Guard members on cyber protection, network defense, forensic analysis, tactics, techniques and procedures defense against cyberattacks, hackers and other malign actors. The exercise supports the National Guard’s missions to defend US Department of Defense assets, conduct readiness inspections and critical infrastructure vulnerability assessments, and leverage new and emerging technologies for homeland defense.

This year’s Cyber Shield 2018 (videos and photos posted), held 6-18 May at Camp Atterbury in Indiana, brought together more than 800 participants-including members of the National Guard from 40 US states and territories, the Army Reserve, federal and state government agencies, industry partners and academia-to test their collective skills and evaluate their defensive capabilities in response to cyber warfare.

Cyber Shield 2018 incorporated two phases: the first week focused on military, government and private sector training on vital cyber skills. The second week challenged National Guard soldiers and airmen to face off against trained online adversaries, and use their training and skills to defend networks and mitigate the effects of attacks against vulnerable infrastructure.

“This exercise provides a very technical defensive cyber ecosystem with a Defensive Cyber Operations Element training focus,” said Ohio National Guard Lt. Col Teri Williams, the exercise commander. “Cyber Shield truly is a crucible where industry cyber talent merges with our military forces and the result is a more polished, tuned, and stronger response capability.”

ISA was selected a US National Guard Mission Partner because of its leadership in industrial cybersecurity standards and training

ISA was selected as a Mission Partner of the National Guard due to its leadership and experience in developing the world’s only consensus-based series of industrial cybersecurity standards, ISA/IEC 62443. These standards, which also serve as the basis for ISA cybersecurity training, protect the industrial automation and control systems (IACS) and networks that operate OT machinery and associated devices within critical infrastructure. Without these defenses in place, industrial cyberattack can result in plant shutdown, operational and equipment impairment, severe economic and environmental damage, and public endangerment.

Given their protective capabilities, the ISA/IEC 62443 series of standards are key components of The Framework for Improving Critical Infrastructure Cybersecurity (updated April 2018), a how-to guide developed through the National Institute of Standards and Technology (NIST) to help strengthen America’s cyber defenses.

ISA was actively involved in supporting Cyber Shield 2018 during both phases of the exercise. During the first week, ISA instructors taught two ISA industrial cybersecurity courses: IACS Cybersecurity Design & Implementation (IC34) and IACS Cybersecurity Operations & Maintenance (IC37). This photo, taken during the instruction of IC37, shows National Guard members and other partners working in an incident response lab during Cyber Shield 2018. Here, an ISA industrial cybersecurity subject matter expert, Wally Magda, discusses the importance of following critical security protocols during the training.

“ISA is gratified to be able to assist the National Guard in this important national cyber-operations exercise,” remarked Dalton Wilson, ISA’s Director of Education and Certification Services. “Because ISA’s industrial cybersecurity training courses are based on the benchmark ISA/IEC 62443 security standards, they deliver the vital skills and know-how needed to identify OT cybersecurity vulnerabilities and limit damage to industrial automation control systems and networks. In addition, ISA cybersecurity training is comprehensive in scope, helping ensure IACS security through a lifecycle that integrates design, implementation, monitoring and continuous improvement.”

During the second week of the exercise, when cyber-operations teams tested their mettle against cyberattack, ISA provided on-site technical support. National Guard cyber-defense teams utilized ISA’s Cyber Trainers, which serve as “micro-factories”-small-scale versions of actual industrial automation and control systems. Each micro-factory is configured to run three different critical infrastructure simulations: water/wastewater, natural gas pipeline, and power grid.

Not only do Cyber Trainers simulate the actual processes and communications protocols used in industrial OT, they provide users with hands-on, working knowledge of the ISA/IEC 62443 standards and how they protect industrial control systems and networks.

ISA’s umbrella association, the Automation Federation, is committed to broadening awareness around the need to better protect IACS

As the umbrella and outreach association of ISA, the Automation Federation has been collaborating with NIST and other federal and state entities for years to raise awareness of the growing risk of industrial cyberattack and the need to implement ISA/IEC 62443 security standards.

Marty Edwards, Managing Director of the Automation Federation, was asked by the National Guard to deliver remarks during Distinguished Visitors Day at the closing of Cyber Shield 2018.

“Given that the Automation Federation has long partnered with the US government as a global resource for industrial control systems cybersecurity, I was honored to be able to speak at Cyber Shield 2018 and stand among the brave men and women in uniform who are charged with protecting America’s critical infrastructure from cyberattack,” says Edwards, a widely recognized industrial control systems cybersecurity expert.

Edwards, who previously led an operational division of the National Cybersecurity and Communications Integration Center (NCCIC) in the Department of Homeland Security (DHS), emphasized that ISA and the Automation Federation are proud to continue their alliance with the National Guard on such a vitally important effort.

More about ISA99/IEC 62443

Developed by leading international cybersecurity experts from industry, government and academia, ISA/IEC 62443 is a flexible framework for preventing and limiting cyber damage to IACS and networks.

Because most IACS are not designed to ensure resilience against cyber warfare, an IACS cyberattack can impair and disable safe operations of industrial facilities. The consequences-which can include plant shutdowns, widespread power blackouts, explosions, chemical leaks, and more-can place national and economic security as well as lives, personal safety and the environment at risk.

ISA/IEC 62443 enables owners and operators of critical infrastructure to achieve and maintain IACS security improvements through a lifecycle that integrates design, implementation, monitoring and continuous improvement.

For more information

https://www.isa.org/news-and-press-releases/isa-press-releases/2018/may/isa-delivers-on-site-industrial-cybersecurity-training-at-us-national-guard-exercise/

https://www.isa.org/

Related Articles


Changing Scene


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • Implementing Functional Safety Requirements

    Implementing Functional Safety Requirements

    The Safety Functional Requirements Specification (SFRS; sometimes referred to as SRS or Safety Requirements Specification) is the plan for the safety controls on a machine and is the second step of the safety lifecycle. The SFRS document serves as a framework for the safety control system design, is informed by prior work done in the… Read More…

  • From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    Endress+Hauser’s Asset Health Monitoring Solution–Rockwell Edition, now available for installation, provides operators with a centralized, digital overview of plant-wide device health to avoid unscheduled shutdowns and accelerate troubleshooting. It not only presents early visibility of problematic devices but distinguishes itself by adding likely causes and remedies to such a report so problems can be fixed… Read More…