Critical infrastructure Architecture Patterns
RCCE students will learn critical infrastructure protection for sectors including energy, water, transportation, healthcare, and communications, covering sector-specific threats, regulatory frameworks, and defense strategies. RCCE students will learn to assess security posture for critical infrastructure environments, implement ICS-specific security controls, comply with frameworks like NERC CIP and IEC 62443, design network architectures that protect operational technology from IT-based threats, monitor industrial systems for cyber-physical attacks, conduct vulnerability assessments without disrupting operations, and coordinate with government agencies including CISA for threat intelligence sharing. This architecture course teaches secure system design using proven patterns, guardrails, and reference architectures. At an expert level, RCCE students will learn to evaluate design options against security requirements, make informed trade-off decisions, and build systems that are resilient by design. Students gain the architectural thinking skills needed for security engineering and solution design roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Critical infrastructure Architecture Patterns
- Execute hands-on tasks for critical infrastructure
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for learning objectives
- Design a scalable privilege management architecture with policy and enforcement, including Evaluate design options vs security, OT/ICS Protection, and critical infrastructure security posture.
- Execute hands-on tasks for ot/ics protection — covering critical infrastructure security posture.
- Execute hands-on tasks for compliance & governance — covering Comply with NERC CIP and IEC 62443.
- Execute hands-on tasks for operations & assessment — covering Conduct vulnerability assessments safely.
- Execute hands-on tasks for critical infrastructure: the 16 sectors
- Execute hands-on tasks for critical national infrastructure
- Execute hands-on tasks for ot security — covering Confidentiality-first (CIA triad).
- Execute hands-on tasks for enterprise network
| Module 01 | Critical Infrastructure |
| Module 02 | Architecture Patterns |
| Module 03 | Learning Objectives |
| Module 04 | Architecture & Design |
| Module 05 | OT/ICS Protection |
| Module 06 | Compliance & Governance |
| Module 07 | Operations & Assessment |
| Module 08 | Critical Infrastructure: The 16 Sectors |
| Module 09 | Critical National Infrastructure |
| Module 10 | OT Security |
| Module 11 | Purdue Enterprise Reference Architecture |
| Module 12 | Enterprise Network |
| Module 13 | Business Planning & Logistics |
| Module 14 | Site Operations |
All hands-on labs run on Rocheston Rose X OS. Students practice critical infrastructure architecture patterns by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for critical infrastructure
- Lab 2: Design a scalable privilege management architecture with policy and enforcement
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Design a scalable privilege management architecture with policy and enforcement
- Lab 5: Execute hands-on tasks for ot/ics protection
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Critical infrastructure Architecture Patterns, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI