SCADA Hardening Workshop
RCCE students will learn Supervisory Control and Data Acquisition system security including SCADA architecture, communication protocols (Modbus, DNP3, OPC), HMI security, historian database protection, and SCADA network monitoring. RCCE students will learn to identify SCADA-specific vulnerabilities, assess SCADA system security without disrupting operations, implement network segmentation between SCADA and enterprise networks, monitor SCADA communications for anomalous commands, detect unauthorized modifications to SCADA configurations, secure remote access to SCADA systems, and respond to SCADA security incidents while prioritizing operational safety and process continuity. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. Starting from foundational concepts, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing SCADA Hardening Workshop
- Explain Course Overview fundamentals
- Execute hands-on tasks for data acquisition — covering Central monitoring station, Remote command execution, Sensor data collection.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for level 4-5: enterprise
- Execute hands-on tasks for level 3: site operations
- Explain Modbus Protocol Overview fundamentals — covering Serial communication (RS-232/485), Ethernet-based variant.
- Execute hands-on tasks for modbus rtu — covering Serial communication (RS-232/485).
- Execute hands-on tasks for modbus tcp — covering Ethernet-based variant.
- Execute hands-on tasks for dnp3 basics — covering Event-driven reporting.
- Execute hands-on tasks for dnp3 secure auth — covering SA v5 adds HMAC challenge-response.
- Execute hands-on tasks for dnp3 risks — covering Legacy devices lack SA support.
| Module 01 | Course Overview |
| Module 02 | Data Acquisition |
| Module 03 | SCADA Architecture Layers |
| Module 04 | Purdue Model reference for SCADA network zones |
| Module 05 | Level 4-5: Enterprise |
| Module 06 | Level 3: Site Operations |
| Module 07 | Modbus Protocol Overview |
| Module 08 | Modbus RTU |
| Module 09 | Modbus TCP |
| Module 10 | DNP3 Basics |
| Module 11 | DNP3 Secure Auth |
| Module 12 | DNP3 Risks |
| Module 13 | OPC UA |
| Module 14 | Access Control |
All hands-on labs run on Rocheston Rose X OS. Students practice scada hardening workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Explain Course Overview fundamentals
- Lab 2: Execute hands-on tasks for data acquisition
- Lab 3: Design a scalable privilege management architecture with policy and enforcement
- Lab 4: Design a scalable privilege management architecture with policy and enforcement
- Lab 5: Execute hands-on tasks for level 4-5: enterprise
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for SCADA Hardening Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI