Link Search Menu Expand Document
Publications
  1. Knowledge areas

Knowledge areas

The most important knowledge areas for concerned professionals have been identified, by taking into account the existing ICS/SCADA Cyber Security Certification schemes and other relevant studies. The following uses as reference the work done under the ERNCIP (European Reference Network for Critical Infrastructure). One of its subgroups has focused on defining the competences, qualifications and experience needed by ICS Cyber Security Professionals. The result is a high level overview of the knowledge areas that need to be developed; they are summarized with the help of Figure 3. Of very specific interest are the following (ENISA, 2014): General Information Technology. This domain includes an introduction to IT architecture to Networking and Communications, systems development and software, data management and finally an overview of standards and processes. It is considered as the basic step for any certification related to Maritime SCADA taking into account the complexity that the trainee will face in the next steps; Cyber Security & Information Risk Management. The vulnerabilities and the complexity of several attacks makes risk management very essential for the Maritime SCADA Knowledge area. Risk management includes several methods for risk identification, (PHA/HAZOP usage), methodologies and procedures for risk acceptance, application of possible risk control options and finally risk/mitigation plan); Industrial Automation Control and Safeguarding. This is the main area given the variety of several maritime SCADA on board of ships. It includes topics such as maritime networking and Architecture, embedded device and control for maritime SCADA, Operating environment and hazards particularly on board of a ship. Maritime process Safety management, relevant standards and procedures from other sectors.

Knowledge areas relating to education and training activities for maritime SCADA. Figure 3 Knowledge areas relating to education and training activities for maritime SCADA. Created by the Authors, via adaptation from European Union Agency for Cybersecurity. (2014). Certification of Cyber Security skills of ICS/SCADA professionals: Good practices and recommendations for developing harmonized certification schemes. Retrieved from https://www.enisa.europa.eu/publications/certification-of-cyber-security-skills-of-ics-scadaprofessionals

Table of Contents