This tutorial introduces basic and advanced topics on industrial control systems (ICS) security. It starts with operational security, providing guidance on recognizing weaknesses in everyday operations and information which can be valuable to attackers. A comparative analysis between traditional information technology (IT) and operational control system architectures is also presented, along with security vulnerabilities and mitigation strategies unique to the control system domain. Current trends, threats, and vulnerabilities will be discussed, as well as attacking and defending methodologies for ICS. Case studies on cyberattacks and defenses will be presented for two critical infrastructure sectors: the power grid and the chemical sector. The tutorial also discusses the need for an accurate assessment environment, achieved through the inclusion of hardware-in-the-loop (HIL) testbeds.

The participants of the tutorial will learn: (1) known vulnerabilities of ICS, (2) common attacks on ICS and the entry point of those attacks along with impact level, (3) general strategies for secure design of ICS and cyberphysical systems, (4) strategies for attack detection, (5) testing strategies for security objectives, (6) other aspects related to economic aspect of secure design, trade-off between a secure design and usability, maintenance of features.

Agenda:

Part 1: Introduction and Security of ICS

1. Introduction to ICS security
   - Motivation, Recent Incidents, Terminology, Common practices

2. Testbeds and Security Studies
    

Break

Part 2: Requirements for ICS security studies

3. Threat Modeling and Risk Assessment 
4. Modeling, Resources, and Metrics for ICS studies
5. Demos of Denial-of-Service and Time-Delay Attacks in a Co-Simulation Testbed 
    

Break

Part 3: Defense strategies for ICS

6. Attack Detection and Secure Control of Cyber-Physical Systems 
7. Defense Methodologies and Best Practices
8. Future Challenges and Concluding Remarks