The increasing digitalization of industrial production plants in the context of Industry 4.0 and Industrial IoT requires that managers and employees on the part of manufacturers, integrators and operators deal with security in the production environment. Industrial security is of immense importance in order to ensure the permanently secure and reliable operation of networked systems. It’s not just about technical solutions, but also about processes and people’s behaviour. Training employees and technical experts is a huge implementation task.

Our portfolio of online courses and online learning content on Industrial Security covers a wide range of topics. We cover both the basic concepts of the relevant IEC 62443 standard and specific recommendations for action, explanations of technical principles and practical examples. The portfolio also includes cybersecurity for the office environment, functional safety and topics related to the European General Data Protection Regulation (GDPR). Our portfolio of online learning content is the starting point for creating tailor-made training courses for your company and your employees. The content in this area was developed with more than 20 companies and institutions. Members of the Industrial Security working group in the VDMA, Fraunhofer, Siemens, Rhebo, Goethe University Frankfurt, HiSolutions and Pepperl + Fuchs, among others, share their specialist knowledge of cybersecurity in industry.

Our cooperation partners

We offer content that was developed with experts from various companies and institutions in the field of Industrial Security. Here are some examples of the contributing partners and experts:

Steffen Zimmermann

Head of Industrial Security, VDMA

Klaus Mochalski

CEO & Founder, Rhebo GmbH

David Fuhr

Head of Research, HiSolutions AG

Dr. Andreas Hildebrandt

Head of Training, Pepperl+Fuchs AG

Christian Haas

Group Leader Industrial Cybersecurity, Fraunhofer IOSB

Dr. Pierre Kobes

Dr. Kobes Consulting

We cover the following themes with our portfolio:

  • Current threat situation
  • Security goals: confidentiality, integrity, availability
  • Attack types & attacker types
  • Cyber ​​kill chain model
  • Social engineering
  • Access control & secure passwords
  • Malware protection
  • Phishing & spear phishing protection
  • Updates & patches
  • Secure data storage & backups
  • Security in cloud systems & software
  • Safe internet browsing
  • Confident use of social media
  • Clean desk principle
  • Incident reporting
  • Basics of industrial control systems: sensors & actuators, PLC, SCADA, MES, ERP
  • Basics of systems in IT networks and cybersecurity
  • Introduction: demilitarized zone
  • Current threat situation
  • Attack types & attacker types
  • ICS cyber kill chain
  • Objectives of industrial security: availability, integrity, confidentiality
  • Information security management system
  • Risk analysis
  • Network segmentation
  • Account management
  • Secure protocols
  • Protection of radio technologies
  • Secure remote maintenance
  • Secure product lifecycle, vulnerability management, patch management, end-of-support & phase-out management
  • Component hardening, adaptation and testing of components & dispensing with superfluous functions
  • Cryptography, public key infrastructure & hash functions
  • Isolation techniques / virtualization
  • Securing databases & historians
  • Protection of interfaces
  • Security at suppliers and subcontractors
  • Security of OPC UA
  • Security of MQTT
  • Security of 5G
  • Social engineering
  • Penetration tests
  • Introduction of IT Security Act, EU Cybersecurity Act & NIS Directive
  • Introduction of the ISO / IEC 27000 series of standards
  • IEC 62443: structure & overview, holistic security management, protection levels, defense-in-depth, security control classes
  • Introduction of security for embedded systems
  • Attack models & attack vectors
  • Non-invasive & invasive hardware attacks & protective measures
  • Software attacks & protective measures
  • Security in the development process: automated tests, penetration tests, bug bounty programs, organizational measures
  • Introduction of the EU General Data Protection Regulation
  • Principles of the GDPR
  • EU validity & scope
  • Personal data
  • Lawfulness of processing
  • Duties & Rights
  • Directory of processing activities
  • Risk assessment & impact assessment
  • Order data processing within the EU & in third countries
  • Data breaches & information obligation in the event of data breaches
  • Information obligations & rights of data subjects
  • Deleting data
  • Hazard & risk analysis: HAZOP / PAAG, risk matrix, calibrated risk graph
  • Systematic & random errors
  • Basic concepts: Safety Instrumented Function (SIF), Safety Instrumented System (SIS), Safety Integrity Level (SIL), Probability of Failure on Demand (PFD), Probability of Failure per Hour (PFH), Proportion of Safe Errors (SFF), redundancy
  • Methods of error control: Hardware Failure Tolerance (HFT), Fail-Safe-Design, diagnostic coverage
  • Operational reliability

Our portfolio is the basis for:

Have a look at some content examples from our offering:

Industrial Security Basics | DE/EN | 6 Chapters | approx. 2 h

Industrial Security Basics introduces the topic of industrial security. You will learn why there is such a great need for action in the field of industrial security and about the cornerstones of implementation. You will also get an overview of methods and technologies to make IT secure in the industrial sector. In this course, you will get insight from experts at Siemens, Fraunhofer, Rhebo and the VDMA.

To Course

Social Engineering | DE | 3 Chapters | approx. 1.5 h

Social Engineering provides an introduction to social engineering with a focus on how social engineering attacks work and which protective measures can be taken by companies and their employees to prevent such scenarios. This course is particularly suitable for awareness training of employees. This course was created in cooperation with experts from Goethe University Frankfurt.

To Course

Your contact person for Industrial Security at University4Industry:

Dr. Claudia Harms-Schmid

Claudia is responsible for identifying relevant areas of knowledge and learning content and brings lots of experience in strategy consulting to this task. As a computer scientist, she is particularly interested in new technologies, as well as their potential and risks. Claudia supervises projects for our largest customers with a special focus on innovation and the development of new programs and content.