Overview
Special attention is given to an overview of common anti-patterns encountered in embedded OT systems, by providing dozens of detailed breakdowns of vulnerabilities of different types in RTUs, PLCs, DCS controllers, routers, and protocol converters of major vendors across the tech stack ranging from bootloaders all the way to network protocols.
This course, aimed at asset owners, system integrators, EPC contractors, and OT equipment manufacturers will provide participants with a comprehensive and in-depth understanding of the key concepts and challenge in securing embedded systems - with a special focus on Operational Technology (OT).
This training combines fundamentals and theory with real-world case studies and hands-on exercises in order to teach participants about everything from threat modeling tailored to embedded systems and the MITRE EMB3D™ framework to common embedded systems attack vectors and counter-measures.
This training, which has been delivered to Fortune Global 500 OT equipment manufacturers and critical infrastructure operators alike, provides attendees with a thorough understanding of OT device cybersecurity and a solid grounding in embedded systems threat modeling and hardening.
The embedded devices populating Operational Technology (OT) environments, such as PLCs, RTUs, IEDs, and the various routers, gateways, and protocol converters, have long been known to suffer from a subpar security posture ranging from insecure-by-design issues to ancient and unaudited code components leading to sometimes trivial security flaws.
Incidents such as the Industroyer attacks against the Ukrainian power grid, the TRITON attack against a Saudi petrochemical facility, and the 2025 attacks against the Polish power grid all involved exploitation of embedded OT devices in an attempt to achieve or amplify cyber-physical impact. Similarly, prepositioning activity in critical infrastructure such as the activity of the Volt Typhoon and RedFly threat actors has involved the exploitation and implanting of embedded edge devices in OT environments.
This growing realization of the importance of device-level security in OT has contributed to asset owners and system integrators facing increasing compliance and regulatory requirements such as IEC 62443, Cyber Resilience Act (CRA), and NIS2 directive and OT equipment vendors attempting to move to a secure-by-design and secure-by-default posture for their latest products.
However all too often the device evaluations which are part of such compliance efforts only touch the surface, resulting in deceptively vulnerable but compliant equipment. Attendees will learn the fundamentals of embedded systems security, the OT-specific nuances, and how to threat model and design OT devices according to high assurance software engineering principles and common industry frameworks such as MITRE EMB3D™.
During the training, attendees will become familiar with an attacker's perspective on attacking embedded devices - from initial reconnaissance all the way to reverse engineering and exploitation. Attendees will be provided with a thorough overview of common attack vectors and corresponding counter-measures ranging from logic bugs and weak cryptographic schemes to memory corruption and side-channel analysis (SCA).
Each vulnerability class will be illustrated by means of dozens of detailed breakdowns of vulnerabilities in OT devices by vendors such as Schneider Electric, Emerson, ABB, Motorola, Honeywell, Siemens, Yokogawa, and others and their potential impact will be highlighted through real-world case studies involving exploitation of similar devices.
Hands-on exercises will involve threat modeling an example OT device, discovering flaws in its security mechanisms, and designing mitigations or compensating security controls in order to put theory into practice.
.jpg)
In person
Jos Wetzels
Wouter Bokslag
Upon request
Upon request
All items
