| 課程系列 | 地區 | 課程時數 | 開課日期 | 上課時間 | 會員費用 | 非會員費用 |
|---|
近年來高科技產業資安事件頻傳,隨著工業物聯網(IIoT)與智慧製造快速發展,工業控制系統與設備所面臨的網路攻擊風險亦日益增加。企業除了重視資訊安全(IT Security)外,也需將營運技術安全(OT Security)納入考量,以降低工業通訊網路與關鍵基礎設施可能面臨的資安威脅。IEC 62443 為國際廣泛採納和認可的工業資安標準,可提供完整且具結構性的資安框架與方法,協助企業於工控系統與產品開發過程中建立安全開發流程,並強化系統、設備與供應鏈之安全性,以符合各產業對工業資安與國際合規要求之最佳實務。
本次課程將深度解析IEC 62443工控資安標準架構,內容涵蓋IEC 62443標準介紹、適用產業與應用情境、成熟度與安全等級要求、風險評估方法、評鑑機制與導入流程等核心內容,並進一步說明IEC 62443-2-1、-2-4、-3-2、-3-3、-4-1、-4-2 等重要章節標準之架構與實務應用,包含資安管理制度要求、系統安全需求、產品開發生命週期、技術安全控制措施及元件安全要求等內容。協助學員建立完整的工業控制系統資安觀念,企業能了解 IEC 62443核心重點、稽核評估方向及供應鏈資安要求,以因應智慧製造、工業自動化與國際資安合規之需求。
|
時間 |
課程內容 |
|
Day 1 |
Basic introduction of IEC 62443 Standards Basic introduction of IEC 62443 Conformity Assessment Schemes Basic introduction of IEC System of Conformity Assessment Schemes for electrotechnical equipment and components (IECEE System) - Part I: Industrial Cyber Security Program - Part II: CB Scheme Test Certificates General assessment process for IEC 62443 - For IEC 62443-2-4 - For IEC 62443-4-1 - For IEC 62443-3-3 and IEC 62443-4-2 IEC 62443 in the future - Concept of protection level - Concept of profile - Standard release in the future
|
|
Day 2 |
Standard introduction of IEC 62443-2-1 - Initiate CSMS Program - High-level Risk Assessment - Detailed Risk Assessment - Establish policy, organization and awareness - Select and implement countermeasures - Maintain the CSMS (including relationship between IEC 62443-2-1 and ISO/IEC 27001) (including relationship between IEC 62443-2-1 and IEC 62443-3-2) Further discussion of IEC 62443-2-1 (including relationship between IEC 62443-2-1 to IEC 62443-2-4, IEC 62443-3-3, IEC 62443-4-2) Standard introduction of IEC 62443-2-4 - Functional Area: Solution staffing - Functional Area: Assurance - Functional Area: Architecture - Functional Area: Wireless - Functional Area: SIS - Functional Area: Configuration management - Functional Area: Remote access - Functional Area: Event management - Functional Area: Account management - Functional Area: Malware protection - Functional Area: Patch Management - Functional Area: Backup/Restore (including relationship between IEC 62443-2-4 and IEC 62443-3-2)
|
|
Day 3 |
Standard introduction of IEC 62443-4-1 - Security Management - Specification of security Requirements - Secure by Design - Secure Implementation - Security Verification and Validation testing - Management of security-related issues - Security Update Management - Security Guidelines (including relationship between IEC 62443-4-1, IEC 62443-3-3 and IEC 62443-4-2) (including relationship between IEC 62443-4-1 and IEC 62443-3-2) (including relationship between IEC 62443-4-1 and ISO/SAE 21434) Standard introduction of IEC 62443-3-3 and IEC 62443-4-2 - Common constraints (for system/Component) - FR1: Identification and authentication control (IAC) - FR2: Use Control - FR3: System integrity - FR4: Data confidentiality - FR5: Restricted data flow - FR6: Timely response to events - FR7: Resource availability
|
|
Day 4 |
Exam: 9:30 - 12:30 (3 hours) |
.公司工業控制與工業物聯網物事業部及專案主管、採購主管、品保主管,品管主管。
.供應商管理過程管理者、供應商審核員與各部門相關作業人員。
.希望取得IEC 62443的從業者。
天數:3天課程+考試3小時
課程日期:2026/9/14~9/16 09:30 – 16:30 (午休1小時)
考試日期: 9/17 9:30 – 12:30
地點:台北市松山區復興北路57號 1 樓
(主辦單位保留變更之權益)
陳德欽 TC 老師
TC老師通過了一系列國際認可的資訊安全和管理課程,包括ISO/IEC 27001資訊安全管理系統和ISO/IEC 27701隱私資訊管理系統的主任審核員(LA)課程,CISM國際資訊安全經理人和CISA國際電腦稽核師認證,以及IEC 62443工控資安認證工程師訓練等。此外,TC老師還獲得了CGEIT國際企業資訊治理師、CRISC國際資訊風險控制師等重要資格認證。
目前,作為資訊安全課程講師及專業顧問,TC老師致力於分享知識和經驗,幫助企業和個人提升他們的資訊安全能力。教學方法不僅涵蓋理論知識,更強調實務操作和案例分析,以確保學員能夠在真實環境中應用所學,有效提升解決問題的能力。
全程參與本課程並通過考試者,將核發TÜV NORD合格證書
此課程為TÜV NORD與AIN全智網聯合開課,
→ 請點選此AIN全智網連結進行報名: 報名連結
AI Network Training Ltd. 全智網科技股份有限公司
02-2771-5523
service@ainetwork-training.com
主辦單位保有最終修改、變更、解釋及取消本課程之權利。