This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.

Continue

Informa Australia is part of the Informa Connect Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

informa

Choose Location

Close

Register Your Interest

Close

Comments

Rail Operational Technology Cyber Security (ROTCS) according to TS50701/IEC62443

2-DAY TRAINING COURSE: Designed for engineers, managers and other rail decision makers to learn about the TS50701/IEC62443 standards for OT

Face to Face Training
Brisbane | 8-9 December 2022
Melbourne | 12-13 December 2022

Register Your Interest Call me back Download Brochure

EARLY BIRD RATE - SAVE $100 // SEE PRICING BELOW

overview

Key Learning Objectives

  • What is Railway Cyber Security? (putting it into the context of railway and transportation).
  • Identify the threats and vulnerabilities (such as cyber security, safety and availability).
  • Develop mitigation actions for threats and vulnerabilities and recovery from potential consequences.
  • Cyber Security – What standards are available for dealing with threats.
  • An understanding of how TS50701 and IEC62443 can improve cyber security across the entire railway.
  • How to manage IT and OT cyber security as a business.

Background

The railway sector is facing a new challenge: the Network Information Security (NIS) regulations. According to a 2020 survey by the European Union Agency for Cybersecurity (ENISA), only 33% of rail operators of essential services (OES) have fully implemented defensive measures against cyber-attacks, as recommended by NIS regulations.

This places their software under serious threat – not to mention their compliance with regulations. When security breaches occur the ripple effect throughout an organisation can be vast, with implications that are both financial and personal. There may also be implications concerning system safety and resilience.

About the Course

This 2-day course is designed for engineers, managers and other rail decision makers to learn about the TS50701/IEC62443 standards for OT. This course will help attendees expand their knowledge and make better decisions around the standards and their application in the area of railway cyber security and conduct discussions as an educated client should.

This course is based upon the new railway cyber security specific CENELEC specification TS50701 and best practice from other OT and IT cyber security standards such as IEC62443.

The training provides a complete overview of the important standards, with well-structured presentations and discussion sessions ensuring that attendees get the most from participating.

Who Will Benefit

This course is for railway business leaders, managers, railway inspectors, railway legislators, safety professionals, planners, Information Technology (IT) professionals, resilience specialists and railway engineers tasked with making decisions that could impact the cyber resilience of technical and organisational systems.

trainer

Dr Howard Parkinson

Chartered Engineer

Executive Coaching

Take your learning and development further and experience transformational impact on your career progression. Our Executive Coaching and Mentoring programme offers you additional value and benefits to reinforce key learning outcomes obtained on an Informa course. Package your learning to incorporate additional 1-on-1 executive coaching with our expert Instructor.

To learn more or to include Executive Coaching and Mentoring as part of your registration for this course, please contact one of our Training Consultants on +61 (2) 9080 4395 or email training@informa.com.au or refer to the registration page when booking online.

Testimonials

Nice overview presented. Howard brought a lot of technical experience with him.
– Principal, Shaktl Corp P/L

Very knowledgeable with significant and relevant experience. Approachable and gave excellent examples of practical application.
– Manager Rollingstock Engineering, Public Transport Services

Course Outline

DAY 1

Module 1

  • Introduction to Cyber Security in Railway Systems
  • Setting the Scene
  • Threat Landscape in the Railway Domain
  • Safety and Security

 

Module 2

  • Cyber Security Overview
  • Terminology
  • GDPR
  • Cyber Security challenges
  • Risk Factors

 

Module 3

  • Cyber Security Incidents
  • Lodz Tram Cyber Attack
  • Stuxnet Cyber Attack
  • San Francisco Municipal Transportation Authority Ware Attack
  • Deutsche Bahn Ransom Ware Attack

 

Module 4

  • Cyber Security Standards and Schemes
  • IEC 62443 Series
  • ISO27001
  • NIS regulations

 

Module 5

  • TS50701 and the Railway System
  • Introduction
  • Railway asset model
  • Railway physical architecture model
  • High-level railway zone model

 

Module 6

  • Cyber security within a railway application lifecycle
  • Railway application and product lifecycles
  • Activities, synchronization and deliverables
  • Cyber Security context and cyber security management plan
  • Relationship between cyber security and essential functions
  • Cyber security assurance process

 

Q&A Session
Discission around the following:

  • Differing Priority for IT and OT
  • Differing Experiences
  • Differing Scopes
  • OT teams and IT Teams
  • IT/OT interfaces

 

DAY 2

MODULE 7

  • System Definition and Risk Assessment
  • Identification of the system under consideration
  • Initial Risk Assessment
  • Partitioning of the SuC
  • Output and documentation
  • Establishment of cyber security requirements
  • General guidance on risk assessment including setting
    Security Levels (SL)

MODULE 8

  • Cyber Security Requirements
  • Objectives of Security Requirements
  • System security requirements
  • Apportionment of cyber security requirements

MODULE 9

  • Cyber security assurance and system acceptance for
    operation
  • Cyber security case
  • Cyber security verification
  • Cyber security validation
  • Cyber security system acceptance

MODULE 10

  • Operational, Maintenance and Disposal Requirements
  • Vulnerability management
  • Security patch management
  • End of Life

MODULE 11

  • TS50701 Appendices and Guidance
  • Legacy Equipment Systems
  • Cyber Security Best practice for OT

 

Q&A Session
Discission around the following close yet, different relationships:

  • Effective process for IT and OT
  • Teamwork
  • Resolving potential conflicts
  • Data sharing
  • Sum and way forward
  • Test

when & where

08 - 09 Dec 2022

Brisbane

12 - 13 Dec 2022

Melbourne

On-site & in-house training

Deliver this course how you want, where you want, when you want – and save up to 40%! 8+ employees seeking training on the same topic?

Talk to us about an on-site/in-house & customised solution.

Register Interest

contact

Still have a question?

Sushil Kunwar
Training Consultant
+61 (0)2 9080 4395
training@informa.com.au

Get all the latest on Informa news and events

Informa Connect Australia is the nation's leading event organiser. Our events comprise of large scale exhibitions, industry conferences and highly specialised corporate training.

Find out more

Register Your Interest