CS 631: Cyber Security of Critical Infrastructures

Prerequisites and Co-requisites

Prerequisites will include at least one course in operating systems, and one course in networking. Prior familiarity with preliminaries of cyber security would be helpful but not required. With the instructor's permission, one or both prerequisites can be waived provided the instructor feels that the student has adequate exposure to the relevant topics in those courses.

 

Major, Measurable Learning Objectives

Having successfully completed this course, the student will be able to:

1. Identify the key research questions in the area of cyber-security of critical infrastructure
2. Apply research methods which includes survey, experiments, and articulation of research problems in this area, and methods for finding solutions to selected problems
3. Present in written and/or verbal form key findings in the specific subject area of the course from contemporary research papers.
4. Read and analyze research papers from journals and conferences in the specific subject area of the course.

 

Syllabus

The students will be exposed to the following topics:

1. Stuxnet worm and its after effects in the Critical Infrastructure security
2. Consequent Presidential Executive Order for Securing Critical Infrastructure in 2013 and its impact: Policy Issues in Security of Critical Infrastructure
3. Security and Vulnerability of Cyber-Physical Infrastructures
4. Game Theory and other analytical modeling of the security problems of critical infrastructures
5. Security of the Networked Infrastructure
6. Event monitoring, Event Correlation, and Situational Awareness
7. Case Studies – Smart Grid, Smart Infrastructure etc.
8. Vulnerability Database and its importance

 

The course will consist of instructor presentations, student presentations, guest lectures, and group discussions. This course will be quite research focused, and the goal of the course will be to enable students to find research topics in the domain of cyber-security of critical infrastructure.

 

Module	Topic	No. of Lectures
Introduction	Critical Infrastructures such as Power Grid, Railways Systems, Transportation Systems, Water/Sewage Systems and their automation architecture, Vulnerabilities, and Past Cases of Cyber Security  Compromises and Trends Stuxnet Case Study, and Reaction through US Presidential Executive Order	4
Industry Automation and SCADA Systems	SCADA Based Control, Sensors (IEDs, PLCs), field network and its protocols (profibus, DNP3 etc)	8
Modeling SCADA Systems as a Cyber Physical System Model	Cyber Physical System Modeling, Plant Models, Feed Back Control Model, and Anomaly Detection Models	2
Cyber Threat Modeling	Various Types of Cyber Threats to Industrial Critical System Modeled in a 3 dimensional Attack Space in terms of adversary Model and Understanding various attacks in this Model	6
Cyber Threat Mitigation	Various Techniques to mitigate various attacks such as replay attack, zero-dynamics attack, stealthy attacks etc	4
Virtual SCADA Simulation Platform	Virtual SCADA Simulation Platform to be used in Projects and Homeworks, Its architecture, implementation, and instruction on installation	4
Machine Learning Techniques	Cyber Physical Systems under attacks and  study of their physical dynamics to distinguish between a normal behavior vs. behavior under attack, use of machine learning techniques to distinguish and detect in real-time	10
Game Theoretic formulation	Modeling an attacker vs. Defender game, Nash Equilibrium criteria, and understanding advantages of game theoretic modeling	4

 

Grading

Semester grades will be based on the following weights.

1. In-Class Exercises : 10% (Based on participation as described below)
2. At-Home Exercises: 40% (10% each for 4 at-home exercises)
3. Midterm Exam: 10%
4. Final Exam: 10%
5. Projects: 30% (Number of Projects yet to be determined)

 

Texts and Special Teaching Aids

Handbook on Securing Cyber-Physical Critical Infrastructure, Sajal K. Das, Krishna Kant, Nan Zhang, Morgan Kaufmann (Elsevier), ISBN 978-0-12-415815-3, Publication: 2012.

Journal articles, conference papers, reports, advanced texts, and/or personal notes will be provided.