Educational Modules in Industrial Control Systems for Critical Infrastructure Cyber Security

Chris Foreman; Matthew Turner; Karl Perusich

Download Paper | Permalink

Conference: 2015 ASEE Annual Conference & Exposition
Location: Seattle, Washington
Publication Date: June 14, 2015
Start Date: June 14, 2015
End Date: June 17, 2015
ISBN: 978-0-692-50180-1
ISSN: 2153-5965
Conference Session: Information and Network Security
Tagged Division: Computing & Information Technology
Page Count: 10
Page Numbers: 26.573.1 - 26.573.10
DOI: 10.18260/p.23911
Permanent URL: https://peer.asee.org/23911
Download Count: 582

Paper Authors

biography

Chris Foreman Purdue University, West Lafayette

visit author page

Dr. Chris Foreman, Ph.D. CSE, MENG EE, is an Assistant Professor at Purdue University in the School of Engineering Technology. He has over 15 years of industrial control systems experience and over 6 years of academic research in the cyber security of critical infrastructure systems. He has also participated in three DHS contracts in the area of critical infrastructure cyber security across the water treatment, dams, and telehealth sectors as well as leading several power sector cyber security projects, including Advanced Metering Infrastructure. Dr. Foreman continues to explore cyber security in critical infrastructure through novel process control solutions.

visit author page

biography

Matthew Turner Purdue University (Statewide Technology)

visit author page

Dr. Matthew Turner is an Assistant Professor of ECET at Purdue University New Albany where he teaches courses in power systems and controls. Prior to joining the faculty at Purdue, Professor Turner worked as a researcher at the Conn Center for Renewable Energy Research in the area of power and energy systems, with a focus on smart grid implementation and computer modeling. Dr. Turner's current research concentrates on demand response technologies and the application of novel teaching and learning methods to power engineering education.

visit author page

biography

Karl Perusich Purdue Statewide Technology DO NOT USE DUPE

visit author page

Dr. Perusich is an associate professor of electrical engineering technology. His research interests include fuzzy logic, fuzzy cognitive maps, STEM education and the social implications of technology.

visit author page

Download Paper | Permalink

Abstract

Educational Modules in Industrial Control Systems for Critical Infrastructure Cyber SecurityThe cyber security of critical infrastructure has gained much attention in recent years due to theeffectiveness of such attacks to cause physical harm. Cyber attacks on critical infrastructure,specifically the Industrial Control Systems (ICS) by which critical processes are controlled,affect water, power, critical manufacturing and many other areas vital to society. Therefore, theeducation of new engineers to mitigate these attacks is also critical. One key problem that hasexisted for some time is the separation of cyber security education, in the Computer InformationScience (CIS) discipline, from that of ICS education, in the electrical and other engineeringdisciplines as ICS engineers. This separation results in misunderstanding between CIS and ICSprofessionals who typically remain divided within the corporate enterprise, which impedes theimplementation of cyber security solutions in critical infrastructure. To address this problem,new educational modules are developed to educate students from both CIS and ICS disciplines inthe unique aspects of ICS cyber security. The modules are designed to be accessible to studentsof either cyber security or ICS, which allows this important subject to be included into eithercurriculum quickly and without the need for developing a new course. The modules explore theunique network protocols and security measures implemented in ICS from the perspective ofmaintaining reliable process control, including known vulnerabilities and attacks. The modulesalso explore methodologies for intrusion detection, forensics, and attack mitigation as uniquelyapplied to ICS. CIS students gain insight into the nature of process control and understanding inhow cyber security policy affects process control. ICS students gain insight of cyber securityconcepts, and the importance of these concepts in the corporate enterprise. Finally, a lab scaleICS platform is developed to serve as a cyber security trainer for students from both disciplines,including sample lab experiments that encourage interdisciplinary cooperation towards achievingthe common goal of critical infrastructure cyber security. In order to assess the impact of thesemodules on CIS and ICS students, a survey is developed to measure the understanding of theunique aspects of ICS cyber security both before and after module presentation and labparticipation.

Citation
Format

Foreman, C., & Turner, M., & Perusich, K. (2015, June), Educational Modules in Industrial Control Systems for Critical Infrastructure Cyber Security Paper presented at 2015 ASEE Annual Conference & Exposition, Seattle, Washington. 10.18260/p.23911

TY  - CPAPER
AB  -          Educational Modules in Industrial Control Systems for Critical                       Infrastructure Cyber SecurityThe cyber security of critical infrastructure has gained much attention in recent years due to theeffectiveness of such attacks to cause physical harm. Cyber attacks on critical infrastructure,specifically the Industrial Control Systems (ICS) by which critical processes are controlled,affect water, power, critical manufacturing and many other areas vital to society. Therefore, theeducation of new engineers to mitigate these attacks is also critical. One key problem that hasexisted for some time is the separation of cyber security education, in the Computer InformationScience (CIS) discipline, from that of ICS education, in the electrical and other engineeringdisciplines as ICS engineers. This separation results in misunderstanding between CIS and ICSprofessionals who typically remain divided within the corporate enterprise, which impedes theimplementation of cyber security solutions in critical infrastructure. To address this problem,new educational modules are developed to educate students from both CIS and ICS disciplines inthe unique aspects of ICS cyber security. The modules are designed to be accessible to studentsof either cyber security or ICS, which allows this important subject to be included into eithercurriculum quickly and without the need for developing a new course. The modules explore theunique network protocols and security measures implemented in ICS from the perspective ofmaintaining reliable process control, including known vulnerabilities and attacks. The modulesalso explore methodologies for intrusion detection, forensics, and attack mitigation as uniquelyapplied to ICS. CIS students gain insight into the nature of process control and understanding inhow cyber security policy affects process control. ICS students gain insight of cyber securityconcepts, and the importance of these concepts in the corporate enterprise. Finally, a lab scaleICS platform is developed to serve as a cyber security trainer for students from both disciplines,including sample lab experiments that encourage interdisciplinary cooperation towards achievingthe common goal of critical infrastructure cyber security. In order to assess the impact of thesemodules on CIS and ICS students, a survey is developed to measure the understanding of theunique aspects of ICS cyber security both before and after module presentation and labparticipation.
AU  - Chris Foreman
AU  - Matthew Turner
AU  - Karl Perusich
CY  - Seattle, Washington
DA  - 2015/06/14
PB  - ASEE Conferences
TI  - Educational Modules in Industrial Control Systems for Critical Infrastructure Cyber Security
UR  - https://peer.asee.org/23911
DO  - 10.18260/p.23911
ER  -