教育訓練


2022-02-15

ISA/IEC 62443 工控資安認證工程師訓練課程

ISA/IEC 62443 IACS Cybersecurity Certified Engineer Training Course

近年來高科技產業資安事件頻傳,在工業務聯網(IIoT )發展下, 潛在的網路攻擊的危險越來越多。因此企業除了資訊安全(IT Security - Information Technology Security ), 為了降低工業通訊網路存在風險, 企業也需要OT Security ( Operational Technology)納入考量, IEC 62443標準是可以提供結構性方法,讓工控產品專案開發有明確且安全開發過程,以符合各行業最佳安全安求。

 

課程特色:
本課程的目的是為學員提供ISA/IEC 62443品質管理系統知識和執行審核所需的技能。具體而言,訓練課程會為學生提供了基礎,成為一個稱職的系統維護及流程應用與開發的角色。

 

課程:

時間

課程內容

 

第一天

 

TOPIC-1

Basic introduction of ISA/IEC 62443 Standards
(including Cyber Security Certifications in a National / European / International Environment)

 

TOPIC-2

Basic introduction of ISA/IEC 62443 Conformity Assessment Schemes
(including ISASecure and IECEE Scheme)

 

TOPIC-3

Basic introduction of IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE System)
Part I: Industrial Cyber Security Program
Part II: CB Scheme Test Certificates

 

TOPIC-4

General assessment process for IEC 62443
- For IEC 62443-2-4
- For IEC 62443-4-1
- For IEC 62443-3-3 and IEC 62443-4-2

 

TOPIC-5

IEC 62443 in the future
- Concept of protection level
- Concept of profile
- Standard release in the future

 

第二天

 

 

TOPIC-1

Standard introduction of IEC 62443-2-1:2010
- Initiate CSMS Program
- High-level Risk Assessment
- Detailed Risk Assessment
- Establish policy, organization and awareness
- Select and implement countermeasures
- Maintain the CSMS
(including relationship between IEC 62443-2-1 and ISO/IEC 27001)
(including relationship between IEC 62443-2-1 and IEC 62443-3-2)

 

TOPIC-2

Further discussion of IEC 62443-2-1:2019 (Draft)
(including relationship between IEC 62443-2-1 to IEC 62443-2-4, IEC 62443-3-3, IEC 62443-4-2)

 

TOPIC-3

Standard introduction of IEC 62443-2-4:2015
- Functional Area: Solution staffing
- Functional Area: Assurance
- Functional Area: Architecture
- Functional Area: Wireless
- Functional Area: SIS
- Functional Area: Configuration management
- Functional Area: Remote access
- Functional Area: Event management
- Functional Area: Account management
- Functional Area: Malware protection
- Functional Area: Patch Management
- Functional Area: Backup/Restore
(including relationship between IEC 62443-2-4 and IEC 62443-3-2)

 

第三天

 

 

TOPIC-1

Standard introduction of IEC 62443-4-1:2018
- Security Management
- Specification of security Requirements
- Secure by Design
- Secure Implementation
- Security Verification and Validation testing
- Management of security-related issues
- Security Update Management
- Security Guidelines
(including relationship between IEC 62443-4-1, IEC 62443-3-3 and IEC 62443-4-2)
(including relationship between IEC 62443-4-1 and IEC 62443-3-2)
(including relationship between IEC 62443-4-1 and ISO/SAE 21434)

 

TOPIC-2

Standard introduction of IEC 62443-3-3:2013 and IEC 62443-4-2:2019
- Common constraints (for system/Component)
- FR1: Identification and authentication control (IAC)
- FR2: Use Control
- FR3: System integrity
- FR4: Data confidentiality 
- FR5: Restricted data flow
- FR6: Timely response to events
- FR7: Resource availability

 

第四天

Exam
Duration: 13:30 - 16:30 (3 hours)

 

 

招生對象:

公司工業控制與工業務聯網物事業部及專案主管、採購主管、品保主管,品管主管,供應商管理過程管理者、供應商審核員與各部門相關作業人員,以及希望取得ISA/IEC 62443的業者。

 

開課資訊:

上課日期:20220406070811 (週三、四、五、一)

上課時間:10:00~17:00 ,午休1小時

上課地點:台北花園大酒店【台北市中中正區中華路二段1號】
(
主辦單位保留變更之權益)


參加費用:NT$50,000/每名 (含稅、講義、午餐及點心)

講師:林正偉先生
現任TÜVNORD工業服務部 資深技術經理,ISO/SAE 21434 稽核師/評鑑師、IEC 62443/ISO 27001稽核員、TISAX 訓練核可稽核員,管理、驗證及教學經驗豐富。
證書:本課程測驗合格者, TUV NORD人員認證合格證書。

主辦單位: TUV北德學苑

課程聯絡人:陳宜慧 小姐 02-2378-0578分機52 schen@tuv-nord.com

Fax02-2378-0587【請於傳真後半小時來電確認】

 

線上報名

 

TUV NORD不會將您的個人資料傳輸給第三方,且將遵循以下原則於本國領域內使用您的個人資料:
1. 僅使用於此次課程與後續相關事項;
2. 僅使用於TUV NORD之活動訊息發送;
3. 僅使用於TUV NORD之課程資訊及研討會發送。

若有其他個人資料權益相關問題,請洽taiwan@tuv-nord.com