• Classroom
Course Description

Building Control System - Incident Response

Learning Objectives

This workshop teaches students:

  • A basic understanding of BACnet protocol, covering BACnet objects, services, networking, vulnerabilities and attacks.
  • A basic understanding of the physical dependencies of building control systems and how the control systems interact with one another.
  • A basic understanding of the attack surface and impact surface for building control systems.
  • A basic understanding of triage and network analysis in incident response for building control systems.
  • An ability to communicate effectively with OT engineers during incident response for control systems. Hands-on exercises utilizing OT networks are used to develop the skill objectives of the course, including the fundamentals of triage, network hunting, and active defense in OT networks. Teamwork, communication, and proper application of these skills are required to pass the final exercise, where students must work together to identify and stop an active sabotage attack against an OT network. Students gain real-world experience in the fundamentals of BCS incident response on BACnet-based systems and networks.
  • Framework Connections