Getting Started in SIS Cybersecurity (Part 1)

Unless you have been living in an underground bunker for the last decade, you are probably aware that cybersecurity for industrial control systems is a thing now. The U.S. government has ordered the DoD and DHS to make cybersecurity of critical infrastructure a national priority. More recently, the hack of a live Safety Instrumented System (SIS) using the highly engineered Trisis malware has perhaps awakened the process industries to the fact that this is a real threat with real consequences.

As an experienced SIS engineer, you are likely also aware that the latest edition of IEC 61511 has some requirements related to the assessment and mitigation of SIS security risks. How do you get started understanding and implementing these requirements?

The good news is that there is a huge amount of information, training, and tools available online. That’s also the bad news, as the sheer amount of information can be intimidating. This post will attempt to cut through some of that noise and give some practical guidance. Sure, there is also commercially available training available, but this post will concentrate on free resources that get you started and help you get the most out of any future paid training.

Standards and References

There is no shortage of standards and guidance documents in the cybersecurity arena. Unfortunately, a couple of the most relevant documents that are not free, unless you are an ISA member (why aren’t you?):

IEC 62443 is an impressive (and still growing) series of documents, but it is a lot to digest. If you don’t have access to these standards, or you want an easier starting point, the following taxpayer-funded guidance documents are freely available from organizations including NIST, ICS-CERT, and the UK HSE. I have subjectively ordered them in priority order for reading:

Other useful whitepapers from private organizations include:

The guidance above is specifically targeted at Industrial Control System (ICS) Cybersecurity. There are many other useful guidelines covering cybersecurity in general. Like I said, there is plenty of guidance available. But how do you move from theory to practice?

FREE General Cybersecurity Training

[Note: Some of the links below are my affiliate partners, and I receive a small commission if you make a purchase. However, the links below are all for free resources. No purchase required! Some courses offer the option to purchase a completion certificate.]

Several organizations provide free online cybersecurity training that is generally applicable to ICS cybersecurity. I have sorted by subject matter category:

Introductory Cybersecurity

TCP/IP Networking

Scripting Languages

Advanced Cybersecurity Skills

U.S. veterans and government contractors also have access to free training at the Federal Virtual Training Environment.

FREE ICS Cybersecurity Training

Free training targeted specifically at ICS Cybersecurity is harder to find, but it is available! To get the most out of the ICS cybersecurity training, I would recommend getting up to speed on general cybersecurity tools and standards first.

ISA Webinars

exida Webinars

ICS-CERT Training

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is part of the U.S. Department of Homeland Security. All training, including the 5-day instructor-led training, is provided free of charge.

  • ICS-CERT Virtual Learning Portal
    • Course 100W – Operational Security (OPSEC) for Control Systems (1 hour)
    • Course 210W – Cybersecurity for Industrial Control Systems (15 hours)
  • ICS-CERT Instructor-Led Training
    • Course 101 – Introduction to Control Systems Cybersecurity (8 hours)
    • Course 201 – Intermediate Cybersecurity for Industrial Control Systems (8 hours)
    • Course 202 – Intermediate Cybersecurity for Industrial Control Systems (8 hours)
    • Course 301 – Industrial Control Systems Cybersecurity (5 days)

To Be Continued…

The best way to learn is by doing. In part 2 of this post, we will look at options for hands-on learning, including open source tools and cybersecurity war games!

I know this is a bit different from our usual content, but cybersecurity is a hot topic in the SIS world these days and deserves discussion. I hope you enjoyed the read!

Stephen Thomas, PE, CFSE
Stephen Thomas, PE, CFSE

Stephen is the founder and editor of He is a functional safety expert with over 26 years of experience.  He is currently a system safety engineer with a leading developer of autonomous vehicle technology. He is a member of the IEC 61508 and IEC 61511 functional safety committees. He is a member of the non-profit CFSE Advisory Board advising the exida CFSE program. He is the Director of Education & Professional Development for the International System Safety Society and an associate editor for the Journal of System Safety.

One thought on “Getting Started in SIS Cybersecurity (Part 1)

Leave a Reply

Your email address will not be published.