Training: Cyber Attack Methods for Cyber-Physical Systems (Day 1)
About This Session
US ONLY: This training is available for United States Citizens only. (Workshop Registration Fee: $3995)
Note: This hands on training will take place Tuesday, October 28th – Thursday, October 30th. Day 1 will be a full day, and Day 2 and 3 will be half days. Students will be able to attend sessions of the core ICS Cybersecurity Conference and access instructors event when the workshop is not in session. Access to all conference meals and networking events is also included.
Cyber-physical systems, i.e. systems that bridge the cyber and physical domains, are attractive targets for attack partially due to the possibility of causing real-world physical loss to the victim.
Have you ever wondered how cyber adversaries execute these sort of attacks? Do you see attacks in the news and wonder, “how did the attacker even think to do that?” Do you stay up at night thinking, “could that happen to my system?” Developers want their systems to be secure and need to understand the threat. Unfortunately, broad intel reports and vague proclamations about adversary capability and intent may not give developers a concrete understanding of what they can do to make their systems more secure.
This Cyber Attack Methods course takes a unique approach to meeting this need, putting students into the shoes of an attacker — walking them through the steps of system discovery, exploitation, and delivering a mission-impacting attack against an intentionally vulnerable virtual cyber physical system with their hands on the keyboard. In this course we won’t turn you into a hacker, but you will learn to think like one!
Course Objectives:
Provide an understanding of methods that an attacker may use against cyber-physical systems and their impact on mission readiness, capability, confidentiality, integrity, availability, productivity, or revenue.
With hands-on keyboard, develop and execute attacks against a representative cyber-physical system; discuss and evaluate mitigations against these attacks.
Foster an attacker mindset, enabling participants to think like bad actors, walk through attack methods related to historic exploits, and apply that knowledge to making systems more secure.
What students should know beforehand:
What students will learn:
Students will gain a tangible appreciation for adversary mindset, tactics, techniques and procedures related to enumerating and exploiting weaknesses in cyber physical systems. They will also learn to think through real-world mitigations and design choices to reduce attack surface and provide greater protections in the systems they design, build, or oversee.
Note: This hands on training will take place Tuesday, October 28th – Thursday, October 30th. Day 1 will be a full day, and Day 2 and 3 will be half days. Students will be able to attend sessions of the core ICS Cybersecurity Conference and access instructors event when the workshop is not in session. Access to all conference meals and networking events is also included.
Cyber-physical systems, i.e. systems that bridge the cyber and physical domains, are attractive targets for attack partially due to the possibility of causing real-world physical loss to the victim.
Have you ever wondered how cyber adversaries execute these sort of attacks? Do you see attacks in the news and wonder, “how did the attacker even think to do that?” Do you stay up at night thinking, “could that happen to my system?” Developers want their systems to be secure and need to understand the threat. Unfortunately, broad intel reports and vague proclamations about adversary capability and intent may not give developers a concrete understanding of what they can do to make their systems more secure.
This Cyber Attack Methods course takes a unique approach to meeting this need, putting students into the shoes of an attacker — walking them through the steps of system discovery, exploitation, and delivering a mission-impacting attack against an intentionally vulnerable virtual cyber physical system with their hands on the keyboard. In this course we won’t turn you into a hacker, but you will learn to think like one!
Course Objectives:
Provide an understanding of methods that an attacker may use against cyber-physical systems and their impact on mission readiness, capability, confidentiality, integrity, availability, productivity, or revenue.
With hands-on keyboard, develop and execute attacks against a representative cyber-physical system; discuss and evaluate mitigations against these attacks.
Foster an attacker mindset, enabling participants to think like bad actors, walk through attack methods related to historic exploits, and apply that knowledge to making systems more secure.
What students should know beforehand:
What students will learn:
Students will gain a tangible appreciation for adversary mindset, tactics, techniques and procedures related to enumerating and exploiting weaknesses in cyber physical systems. They will also learn to think through real-world mitigations and design choices to reduce attack surface and provide greater protections in the systems they design, build, or oversee.
Speaker

Brian Schleifer
Southeast Regional System Security Engineer & Cybersecurity SME - Modern Technology Solutions Inc (MTSI)
Strategic cybersecurity executive with 24+ years of progressive global leadership in governance, risk management, compliance, training, and business development across defense and commercial sectors. Pursuing a Doctorate of Technology through Purdue University with an emphasis on embedded systems. His hobbies include wrangling his five children and two dogs, as well as his YouTube Channel and Podcast, "People Add Value Experience," where he discusses entrepreneurship and shares life experiences with interesting people.