BROCHURE

ONLINE CERTIFICATION COURSE ON

SFOR EPOWER
C UPROFESSIONALS
RITY

120 HRS DURATION

COMMENCING FROM

01 August, 2023

NODAL OFFICERS
Shri. M. R. Chauhan, Jt. Advisor (BD)
Cell: 9910378129, Email: mrchauhan@cbip.org
Shri. Jaideep Singh, Sr. Manager (T)
Cell: 9871718218, Email: jaideep@cbip.org

Organized By: Supported By:

Central Board of Irrigation and Power Central Electricity Authority of India
CBIP Centre of Excellence, Gurgaon Under The Aegis Of:
The Society of Power Engineer (India)
INTRODUCTION • Encouraging use of open standards

Critical infrastructure systems like those driving power • Promotion of research and development in cyber
generation, water treatment, electricity production and security.
other platforms are interconnected to form the energy
“grid”. Although beneficial to the public this grid is • Human resource development in the domain of cyber
vulnerable to cyber-attacks. security.

Cyber intrusion attempts and cyber- attacks in any critical • Information Sharing and cooperation.
sector are carried out with a malicious intent. In the power
sector it is either to compromise the power supply system DURATION AND METHODOLOGY OF
or render the grid operation insecure. Any such COURSE
compromise may result in mal-operation of equipments,
equipment damages or even in a cascading grid blackout.
The duration of the course will be 120 Hrs. having 2 hours
The much-hyped air gap myth between IT and OT Systems each on alternate days and 4 hours on week-end. The
now stands shattered. The artificial air gap created by timing of the lecture will be preferably in evening on
deploying firewalls between any IT and OT System can be weekdays and daytime on Saturday / Sunday. The exact day
jumped by any insider or an outsider through social wise schedule shall be available well in advance, before
engineering. After gaining the entry inside the system commencement of the sessions of the program. The
through privilege escalation, the control of IT network and classes will be conducted in Online mode through MST
operations of OT systems can be taken over even remotely
platform, link of which will be shared by CBIP.
by any cyber adversary. The gain of sensitive operational
data through such intrusions may help the Nation/ State
sponsored or non-sponsored adversaries and cyber
ABOUT CBIP
attackers to design more sinister and advanced cyber-
attacks. Central Board of Irrigation & Power (CBIP) a premier
Institution, setup by GOI in 1927, is serving the nation in
In order to decrease the risk, leaders/ operators must the disciplines of Power, Renewable Energy and Water
identify and focus on the elements of cyber-risk to target. Resources Sectors for more than 95 years.
More specifically, the many components of cyber-risk must
be understood and prioritized for enterprise cybersecurity It is an exchange and knowledge bank for dissemination of
efforts. Also, there is a need to increase awareness, and technical knowledge & professional experience to help
development of human resources trained in cyber security Engineers / Professionals to update their knowledge and gain
technology along with policy makers, law enforcement,
practical know-how.
judicial actors, who are also equally necessary.
CBIP'S MAIN OBJECTIVE IS
The objective of Training Program is to
➢ To disseminate technical knowledge through various
• Creating cyber security awareness.
modes, e.g., publication of technical documents,
• Creating a secure cyber ecosystem. organizing conferences /workshops.

• Creating a cyber-assurance framework. ➢ To provide specialized training to the professionals in

the Power, Renewable Energy and Water Resources
• Strengthening the regulatory framework. Sectors.

• Creating mechanisms for security threat early warning, STRENGTHS OF CBIP

vulnerability management and response to security
threats. ➢ More than 95 years old establishment into
dissemination of knowledge in Power, Irrigation and
• Securing remote operations and services. Renewable sectors.
• Protection and resilience of critical information ➢ Almost all reputed utilities of Power, Irrigation and
infrastructure. Renewable sectors of the country are the institutional
members and at least 3000 senior officers of the level
• Reducing cyber supply chain risks.

1
 of Chief engineer and above from these sectors are the TO REGISTER
members.
The prospective participants, desirous of attending the
➢ Easy availability and access to the reputed and highly above course may register themselves by clicking the
experienced faculty because of above two facts. following button:

➢ Has a strong base of the very senior officers with deep CLICK TO REGISTER
experience of various disciplines of Power and irrigation
sector. Or by sending the following details to CBIP by email at
training@cbip.org
➢ Has the secretariat of at least 10 international Title of Course:___________________________
organizations and the Secretary CBIP is the secretary or Name:__________________________________
the member secretary of their India chapters. Qualification:____________________________
Organization /Institute(if any):_______________
FACULTY Mailing address:__________________________
E-mail:_________________________________
Renowned / Reputed and well experienced faculty members / Mob:___________________________________
subject expert from Power Industry / Developers /
Manufacturers will be delivering the lectures. BANK DETAILS

RECOGNISION / CERTIFICATION OF THE Payments of course fee should be made by cheque at

par/Demand Draft drawn in favour of "Central Board of
COURSE
Irrigation and Power”, payable at Gurgaon.
or
Certificate will be issued by Central Board of irrigation &
Power (CBIP) which is a reputed autonomous body in the Online transfer the amount to Indian Overseas Bank
field of Power & Water Resources with the course module Beneficiary Name: Central Board of Irrigation & Power
recognised and supported by CEA. SB Account No.: 236701000000922
IFSC: IOBA0002367
CBIP institute has been recognized as Category-I Branch Code: 2367
training Institute by Ministry of Power, Govt. of India Address: Indian Overseas Bank, SCO 26, Sector-31,
and also a recognized training partner of National Skill Gurgaon, Haryana, PIN-122002
Development Corporation (NSDC), Power Sector Skill
**It is compulsory that the details of the payments are
Council (PSSC) and Skill Council for Green Jobs (SCGJ) shared with CBIP via mail (i.e. mrchauhan@cbip.org or
jaideep@cbip.org).
COURSE FEE
ADDRESS FOR CORRESPONDENCE
The Course Fee will be

• Rs. 28,000/- per participant for non- members A. K. Dinkar, Secretary, CBIP
Sanjeev Singh, Director, CBIP

• Rs 25,200/- per participant for members of CBIP & SPE. Nodal Officers:

GST @ 18% shall be payable extra. GST No. Shri. M. R. Chauhan, Jt. Advisor (BD)
06AAAJC0237F1ZW Mob: 9910378129, Email: mrchauhan@cbip.org
Shri. Jaideep Singh, Sr. Manager (T)
PAYMENT PLAN Mob: 9871718218, E-mail: jaideep@cbip.org

• Full payment in 02 equal installments for non-sponsored CENTRAL BOARD OF IRRIGATION & POWER
participants. 1st installment at the time of commencing Malcha Marg, Chanakyapuri, New Delhi -110021
the course & 2nd installment within 30 days from Phone: 011 26115984, E-mail: cbip@cbip.org
commencement of the course.
CBIP CENTRE OF EXCELLENCE
• Sponsored participants may pay in single installment. Plot No-21, Sector-32, Gurgaon, Haryana
Phone: 0124 4035267, E-mail: training@cbip.org

2
 PROGRAM MODULE
S. N. MODULE/TOPIC CONTENTS 1.5 Case studies Solar, Wind, Colonial
Pipeline, Black Energy 3 & Stuxnet -
1. Basic Level Cyber Security Training Program for Power Lessons Learnt
Professionals Emerging Technology in Cyber Security:
1.1 Introduction to Introduction to Cyber Security as Cyber • Intrusion detection system (IDS)
Cyber Security Risk Management • Deception technology
• What is Cyber Security? • Data diode
• What is Cyber Risk? What factors • SIEM (Security Information and Event
contribute to CyberRisk? Management)
• Basic Risk Models • SOC (Security Operation Center)
• Cyber Security of IT vs. OT • Technologies for anomaly detection in
• NIST Cyber Security Framework power system
Thinking like a Cyber Security Aware
Operator 2 Intermediate Level Cyber Security Training Program
• Device/End Point Security
2.1 Risk Driven Cyber Introduction to Risk Driven Cyber
• Server Security
Security and Security
• Network Security
Cyber Security • Risk Assessment Methodology
• Application Security
MaturityModel • Risk Driven Cyber Security Levels
• ICS and SCADA Security
• NIST CSF and 5 core functions
• NIST CSF Tiers and Maturity Models
1.2 Network Security Network Security Fundamentals
• Cyber Security Maturity Model
• Network Diagramming, Zoning and
Segregation (Firewalls)
Implementing IDENTIFY Function
• Network Cyber Threats
• Network Protocols and their security • Asset Enumeration, Asset Management
Issues System
• Asset Vulnerability Assessment
➢DNS, TCP/IP, LAN, Physical
• User Life Cycle
Layer Security
• Authentication and Authorization
➢Wifi Security
Technologies
➢Intranet Security • Threat Models based on Asset
• Mitigation Techniques Vulnerabilities
• Firewall
• Intrusion Detection and Intrusion
2.2 Risk Driven Protection Function
Prevention
Protection and • Configuration Management
• Detecting Network based Attacks
Detection • Malware Analysis
• Encryption, Hashing, Digital Signature
Techniques • Vulnerability Assessment and Pen-
• Router Security
Testing
• Perimeter Security
1.3 Application Security Threats to Applications –
• Risk Analysis and Appropriate
Security Stand alone, Networkbased
Protection Functions
applications, Web applications
• Encryption, Hashing, Digital Signature
• Application Security Threats and
• Digital Certificates
Problems
• Web Application Protection
• Application Security Threat Detection
and Mitigation
• Vulnerability Assessment and Detection Function
Penetration Testing (VAPT) • Intrusion Detection and Intrusion
• Web Application Security Threats Prevention
and Attacks • Detecting Network based Attacks
• Web Application Attack Detection • End Point Intrusion Detection and
• SSL/TLS and Digital Certificates Protection
• Capturing Web traffic • Tools for Continuous Monitoring (SIEM,
• Web Application VAPT SOC)
• Escalation of Cyber Events
1.4 Best Practices • NESCOR guide to vulnerability
andAwareness assessment 2.3 Risk Driven Response Function
• Security assessment strategy Response • Response Planning
• Risk Assessment • Analysis and Forensics
• Authentication and Authorization • Mitigation Planning
• Malware Detection • Ransomware Attack Response
• Network Traffic Analysis • Supply Chain Attack Response
• Phishing Awareness • Risk Assessment Update
• Remote Session Security • Communication and Escalation
3
2.4 Recovery • Ransomware Attacks 3.4 Intrusion • Using Snort
• Backup Process Detection Lab NIDS
• Recovery from Backups • Using Zeek/
• Drills for Recovery Bro NIDS
• Communication • Visualization of network traffic
data
2.5 Detailed Risk • ISO27001 Risk Methodology • Host/Endpoint Intrusion Detection
Assessment • System Architecture diagram Lab using Wazuh
Methodology • Network Architecture Diagram
• Dependence Analysis (OEMs and 3.5 Deception • Honeypots for Threat Intelligence
other Service Providers) Technology Labs Collection Lab
• Other Risk Factors and • Use of Honey Tokens
• Risk Matrix Organizational Organization Level Security Policy–
• Threat Intelligence Security Policy Requirements, Discussions and
• Likelihood Computation Lab Formulation (Discussion Oriented
• Risk Measurements Lab)
• Risk Based Security Profile
4 Advance Level Cyber Security Training Program for
2.6 Need for Working Together in formulating Power Professionals
Organizational Cyber Security Policy for your 4.1 Cyber Security & Introduction to Cyber Security for
Security Policy, organization (Interactive) Protocol Critical Infrastructure:
Policy Adoption Discussing policy formulated, Discuss Vulnerability • ICS Security
and Policy Implement ability, Fitment to Risk • SCADA Security
Implementation Profile (Interactive) • OSI Model

3 Intermediate Level Hands-On Practice on Cyber Security for Understanding of Protocol

Power Engineers Vulnerability:
• PCN Protocols
3.1 Hardening Your LAB: Hands on Malware Analysis
• Modbus
System • Manual Tools to check malware
• IECTC 57 Protocol
• Using File Hashes and Use of Virus
Total to check against existing Standards & Best Practices:
4.2 Standards &
malware • NIST SP 80-161
Practices
• NERC - CIP (North American
LAB: Operating System Hardening Electric Reliability Corporation
• Understanding the concept of O/S Critical Infrastructure Protection)
Hardening against Vulnerabilities
Incident response & incident
• Lynis Tool for Linux
reporting
• Windows Group Policy Edit Tool
• Openscap and Scap Workbench for
IEC 62443 Standards:
Configuration Audit
• Zones and Conduits
• Patch management
3.2 Finding Security Application Security • Risk Assessment
Flows • Buffer Overflow Lab • Security Requirement
• Integer Overflow Lab
• Privilege Escalation Labs 4.3 Vulnerability & Device Level Vulnerability:
Malware • Embedded Security
Web Security • Firmware Analysis
• Command Injection Lab • Side Channel Attack
• SQL Injection Lab
• Cross-site Scripting Lab Malware Analysis:
• Cross-site Request Forgery Lab • Static Analysis
3.3 Network Security •Network
Session Hijacking Lab
Labs • Dynamic Analysis
Lab • Arp Spoofing Lab
• Packet Sniffing and Packet Analysis 4.4 VAPT Vulnerability Assessment and
Lab Penetration Testing – I
• Man-in-the-Middle Attack • Vulnerability identification
• Network reconnaissance Lab • Common SCADA vulnerabilities
• Physical access
Wifi Network Lab • Vulnerability scanning
• Password sniffing in wifi network • Server OS testing
• Reconnaissance on wifi network • Patch levels
using aircrack-ng • Default and insecure
• Wifi password cracking lab configurations
4
 Vulnerability Assessment and LAB: Hands on
Penetration Testing – II • IP Scanning
• Authentication and remote • Port scanning tools
access 5.2 SecurityControls Physical security & safety
• Attacking ICS & Protocols • Categorization of system
• Attacking standard services controls
(HTTP, FTP) • Identification/authentication/Au
• Attacking server OS thorization (IA&A)
• Attacking ISC Protocols • Remote access security and
• Attacking wireless Encryption.
communications • Logical security
4.5 Vulnerability Host, application and platform LAB: Hands on
Assessment & fingerprinting: • Concept of UTM box
Forensic • Host and port • Firewall details
scanning/Security • Security Architecture
considerations • Intrusion Detection system
• Scanning tools and techniques • IDS/IPS (Introduction to Snort)
• Scanning ICS/SCADA networks • Patch management
• Vulnerability identification 5.3 Policy &practices Strategic Planning and Building a
• Common SCADA Roadmap forSecuring Critical
vulnerabilities Infrastructure
• Physical access • Incident response
• Vulnerability scanning • Active Directory and group
• Server OS testing policy
• Patch levels ICS / SCADA Security Maturity
• Default and insecure
Model
configurations
• Summary of good security
SCADA Forensic:
practices, depth in defense
• Network communications RF
• Security solutions - Data Diodes,
signal capture & analysis
SIEM, SOC/ NOC
• Sniffing network traffic
5.4 Securing Systems An overview of the NIST Cyber
• Device functionality analysis
and security Framework forCritical
• Attacking ICS
Brainstorming Infrastructure (Part I) and (Part II)
• Attacking standard services
(HTTP, FTP) Policies
• Attacking server OS Brain storming on relevance of NIST
• Attacking ISC Protocols framework in Indiancontext
• Attacking wireless specially for LDCs.
communications
• WEP/WPA2 password cracking 5.5 Lessons Learned Case study 2 - Ukrainian Power
5 Advance Level Hands-On Practice on Cyber Security Grid (BlackEnergy3) Cyber- attack &
for Power Professionals Group discussions on lessons
learned from Ukrainian PowerGrid
5.1 VAPT LAB: Hands on Penetration Tests:
(BlackEnergy3) Cyber attack
• Penetration Tests of Device
and system (Pen Test)/
Physical test Case study 1 – STUXNET &Group
• Facility for manually verifying discussions on lessons learned from
the compliance against NERC STUXNET WEP/ WPA2 password
• CIP & IEEE 1686 Guidelines.
• Application layer protocol and cracking.
its security extensions test
ABOUT SOCIETY OF POWER ENGINEERS (SPE INDIA)

The Society of Power Engineers (India) is an apex body engaged in the activities of technological upliftment of the power
engineers of this country by making available latest technological developments all over the world to the members.
Publication & distribution of information Journal, Workshops/Seminar, group discussion are regular features of the society.

The aims and objects for which the Society is constituted, is to promote the advancement of power engineering and allied
subjects, and their applications, and to provide facilities for the exchange of information and ideas on those subjects
amongst the members of the Society and for that purpose

**For More Details or to Become a Member of SPE India Please Click** 5