In this video from our Cybersecurity Testing for ICS online course we will take a look at Modbus traffic analysis in Wireshark. Modbus is an essential protocol to know when dealing with PLC security - if you want to get involved in that area, check it out!
Protecting the Industrial Control System (ICS) environment is more important than ever. Due to the fragile nature of ICS, pentesting must be performed in a manner that is not detrimental to the operation of an ICS environment while still determining where vulnerabilities can impact ICS. The techniques and tools to perform this kind of pentesting are similar to those used in a regular information technology environment but the techniques and tools need to be applied in a different manner. Pentesting techniques taught in this course will apply to all forms of ICS; e.g. SCADA, DCS, PLC.
- Videos will be provided in some lessons to demonstrate key ICS knowledge or ICS pentesting techniques.
- The primary focus of this course is not teaching student scripting. However, some fundamentals of scripting will be covered in conjunction with teaching about pentesting tools.
- All labs will be structured with a road map for the student to follow and questions to answer.
- There are review questions at the end of each module.
- The Final Exam for this course consists of 50 multiple choice questions. Some questions will be based on scenarios from topics learned during the course.
What skills will you gain?
- Be able to explain the similarities and differences between information systems and industrial control systems.
- General knowledge about the operation of industrial control systems to better understand what you will be testing.
- Monitor/Test ICS TCP/IP protocols, like Modbus, and be able to detect vulnerabilities.
- Passively and actively perform cyber security testing of industrial control systems.
- Understand how to apply countermeasures to ICS threats and vulnerabilities.