Practical ICS security Workshop
RCCE students will learn Industrial Control System security including PLC programming security, DCS architecture protection, safety instrumented system integrity, industrial protocol analysis, and ICS-specific incident response. RCCE students will learn to assess ICS environments for cybersecurity vulnerabilities, implement defense-in-depth for industrial control networks, monitor ICS communications for unauthorized commands, detect and respond to attacks targeting programmable logic controllers and distributed control systems, maintain safety system integrity during cyber incidents, apply ICS security standards including IEC 62443 and NIST SP 800-82, and bridge the gap between IT security teams and OT operations staff. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. At an expert level, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Practical ICS security Workshop
- Build detections and response workflows for privilege escalation
- Execute hands-on tasks for assess & defend
- Execute hands-on tasks for detect & respond — covering Evaluate ICS environments for vulnerabilities, attacks on PLCs and DCS systems.
- Execute hands-on tasks for apply iec 62443 and nist sp 800-82 — covering attacks on PLCs and DCS systems.
- Execute hands-on tasks for hands-on mastery — covering Build muscle memory through repeated lab engagement.
- Execute hands-on tasks for what are industrial control systems?
- Execute hands-on tasks for key sectors — covering Systems that manage industrial processes, Energy generation and distribution.
- Explain ICS Architecture Overview fundamentals
- Execute hands-on tasks for level 5: enterprise network
- Execute hands-on tasks for level 4: business planning
- Execute hands-on tasks for level 3: site operations
- Execute hands-on tasks for level 2: area control
| Module 01 | Industrial Control System Defense, Detection & Response |
| Module 02 | Assess & Defend |
| Module 03 | Detect & Respond |
| Module 04 | Apply IEC 62443 and NIST SP 800-82 |
| Module 05 | Hands-On Mastery |
| Module 06 | What Are Industrial Control Systems? |
| Module 07 | Key Sectors |
| Module 08 | ICS Architecture Overview |
| Module 09 | Level 5: Enterprise Network |
| Module 10 | Level 4: Business Planning |
| Module 11 | Level 3: Site Operations |
| Module 12 | Level 2: Area Control |
| Module 13 | Level 1: Basic Control |
| Module 14 | Programming Languages |
All hands-on labs run on Rocheston Rose X OS. Students practice practical ics security workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Build detections and response workflows for privilege escalation
- Lab 2: Execute hands-on tasks for assess & defend
- Lab 3: Execute hands-on tasks for detect & respond
- Lab 4: Execute hands-on tasks for apply iec 62443 and nist sp 800-82
- Lab 5: Execute hands-on tasks for hands-on mastery
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Practical ICS security Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI