June 14, 2015
June 14, 2015
June 17, 2015
Computing & Information Technology
26.573.1 - 26.573.10
Educational Modules in Industrial Control Systems for Critical Infrastructure Cyber SecurityThe cyber security of critical infrastructure has gained much attention in recent years due to theeffectiveness of such attacks to cause physical harm. Cyber attacks on critical infrastructure,specifically the Industrial Control Systems (ICS) by which critical processes are controlled,affect water, power, critical manufacturing and many other areas vital to society. Therefore, theeducation of new engineers to mitigate these attacks is also critical. One key problem that hasexisted for some time is the separation of cyber security education, in the Computer InformationScience (CIS) discipline, from that of ICS education, in the electrical and other engineeringdisciplines as ICS engineers. This separation results in misunderstanding between CIS and ICSprofessionals who typically remain divided within the corporate enterprise, which impedes theimplementation of cyber security solutions in critical infrastructure. To address this problem,new educational modules are developed to educate students from both CIS and ICS disciplines inthe unique aspects of ICS cyber security. The modules are designed to be accessible to studentsof either cyber security or ICS, which allows this important subject to be included into eithercurriculum quickly and without the need for developing a new course. The modules explore theunique network protocols and security measures implemented in ICS from the perspective ofmaintaining reliable process control, including known vulnerabilities and attacks. The modulesalso explore methodologies for intrusion detection, forensics, and attack mitigation as uniquelyapplied to ICS. CIS students gain insight into the nature of process control and understanding inhow cyber security policy affects process control. ICS students gain insight of cyber securityconcepts, and the importance of these concepts in the corporate enterprise. Finally, a lab scaleICS platform is developed to serve as a cyber security trainer for students from both disciplines,including sample lab experiments that encourage interdisciplinary cooperation towards achievingthe common goal of critical infrastructure cyber security. In order to assess the impact of thesemodules on CIS and ICS students, a survey is developed to measure the understanding of theunique aspects of ICS cyber security both before and after module presentation and labparticipation.
Foreman, C., & Turner, M., & Perusich, K. (2015, June), Educational Modules in Industrial Control Systems for Critical Infrastructure Cyber Security Paper presented at 2015 ASEE Annual Conference & Exposition, Seattle, Washington. 10.18260/p.23911
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2015 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015