
TRITON targeted safety instrumented systems. Colonial Pipeline shut down fuel supply to the US East Coast. Stuxnet destroyed centrifuges. Every one of these attacks exploited the same gap — operational technology systems designed for reliability and safety, never hardened for adversarial attack. That gap is your responsibility now.
This course teaches OT cybersecurity the way it applies to control systems, not the way it reads in IT security material. It covers the OT threat landscape, the IEC 62443 framework, zones and conduits, risk assessment, network and system hardening, and the monitoring and response that keep a plant defensible.
The work is anchored in IEC 62443 — the industrial automation and control systems security standard — the Purdue reference model for segmentation, and the distinction between OT and IT priorities that shapes every control decision: availability and safety first, then integrity, then confidentiality.
It opens with why OT security is different — the consequences of a control system compromise, and why IT controls cannot be lifted wholesale onto a plant — then the threat landscape from Stuxnet to TRITON to Colonial Pipeline.
The IEC 62443 lessons set up the framework, roles, and security levels, then the Purdue model and zones-and-conduits as the design tools that turn a flat, vulnerable network into a defensible architecture.
OT risk assessment is taught as a structured method — identifying consequences, threats, and the security level targets that justify each countermeasure, so spending is driven by risk rather than fashion.
Network security covers segmentation, firewalls, and the DMZ between the control system and the enterprise, and system hardening covers patching, accounts, and configuration on systems that cannot simply be rebooted.
Secure remote access, monitoring, and incident response are covered as the operate-phase disciplines — detecting and responding to an OT incident without making the safety situation worse.
The course is built by a practising engineer with 15+ years delivering control systems and OT cybersecurity assessments on oil and gas and energy projects — including zone and conduit design and OT security assessments on operating plants. The section project applies the framework to a real OT architecture.
If you carry any responsibility for the security of the control systems you build or run, start with why OT is different and work through to the zone and conduit design project.