ELEC623 

Module Name IT/OT Cyber Security (Elective) 
Module Code ELEC623 
Pre-requisites BEIA212 
Level Six 
Credits 15 

Module Description and General Aims 

The objective is to impart to students the principles and application of cybersecurity for industrial automation systems. While the advanced and intelligent data-driven Industrial Automation and Control Systems (IACS) has significantly improved manufacturing and process automation, it has opened the door for new vulnerabilities. Especially, the convergence of Information Technology (IT) with the Operational Technology (OT) has merged the internal and external company networks which increased data transfer between systems. As a result, it increased the susceptibility for new and emerging cyber security threats. The subject matter covered in this module will include: Information Technology, Wireless Communication and Operational Technology security fundamentals and practices, security challenges in the IACS, global cybersecurity standards for IACS, and their defence mechanisms. It also includes critical infrastructure security like industrial energy systems, water, automotive, and supply-chain security. Next, it guides the privacy aspects of industrial data during the automation process. Finally, the cybersecurity risk management framework is discussed and some emerging aspects (e.g., blockchain, smart contracts) related to cybersecurity for Industry 4.0 is presented. 

Learning Outcomes 

On successful completion of this Module, students are expected to be able to: 

1. Discuss the cybersecurity principles for industrial automation systems, demonstrate the ability to explain and apply the current state of the art practices  

Blooms level 3  

2. Identify and Analyse cybersecurity risks for IT and OT networks 

Bloom’s level 4 

3. Evaluate key cybersecurity requirements for Industrial Automation and Control Systems (IACS) 

Bloom’s level 5 

4. Perform cybersecurity risk assessment for IT/OT network.  

Bloom’s level 5 

5. Analyse threat models and countermeasures for IT/OT network. 

Bloom’s level 4 

6. Design a safe and secure system considering IACS security aspects 

Bloom’s level 6 

Student Assessment 

Assessment Type When assessed Weighting (% of total module marks) Learning Outcomes Assessed 
Assessment 1 Type: Multiple-choice quiz (Invigilated)  Description: The multiple-choice quiz questions will be based on the fundamentals of information security, communication, and network layer protocol security, as well as wireless network security.  Due after Topic 3 15%  1  
Assessment 2 Type: Mid-semester test (Invigilated) Description: Students will need to answer some short and/or long answer questions based on the Industrial control system communication protocols, and different aspects of IT/OT security that has been covered from week 4-6. Students can also be asked to design conceptual architectures of IT/OT communication protocols and explain ICS security standards.  Due after Topic 6 20% 1, 2, 3 
Assessment 3 Type: Research Report Description: Students need to perform a comprehensive literature review to investigate key cybersecurity threats which are observed in an ICS setup. The report will also analyse the associated security risks, and possible defence mechanisms.   Due after Topic 9 20%  4, 5, 6 
Assessment 4 Type: Examination (Invigilated) Description: An examination with a mix of MCQs, short answer questions, and question related to the design of secured architecture and communication protocol. It will also ask the students to write their self-reflection on the learning related to IT/OT security requirements, and practices. Questions will also examine students’ knowledge on global standards related to ICS security and its privacy aspects.  Final Week 40% All 
Tutorial Attendance & Participation            Description: Attendance, presentation, discussion, group work, exercises, self-assessment/reflection, case study analysis, application. Continuous 5% All 

Overall Requirements: Students must achieve a result of 40% or above in the exam itself to pass the exam and must pass the exam to be able to pass the module. An overall final module score of 50% or above must be achieved to pass the module once all assessment, including the exam, has been completed. 

Prescribed and Recommended Readings  

Textbook 

  • Industrial Automation and Control System Security Principles: Protecting the Critical Infrastructure, by Ronald L. Krutz Ph.D. P.E., Second Edition, International Society of Automation, 2016. 
  • Industrial Cybersecurity: Efficiently secure critical infrastructure systems by Pascal Ackerman, Packt Publishing, 2017. 
  • Cyber Security of Industrial Control Systems in the Future Internet Environment, by Mirjana D. Stojanović (University of Belgrade, Serbia) and Slavica V. Boštjančič Rakas (University of Belgrade, Serbia), IGI Global, February 2020 

Reference 

Notes and Reference texts 

Other material advised during the lectures 

Module Content  

One topic is delivered per contact week.  

Topic 1 

Information System Security Fundamentals 

  1. Security Principles (Confidentiality, Integrity, Availability) 
  1. Cryptosystems (hash functions, authentication, encryption) 
  1. Authentication, Authorization, Accounting (AAA) 
  1. Intrusion Detection (characteristics, types, attack responses) 
  1. Virtual Private Networks (VPNs) 
  1. Topic 1 Lab: Covers Symmetric Encryption and Hashing 

Topic 2 

Communication and Network Layer Security 

  1. Secure Communication Protocols 
  1. Secure Sockets Layer (SSL) 
  1. Transport Layer Security (TLS) 
  1. TCP/IP Layers and security 
  1. Network layer Security – Network Address Translation (NAT) 
  1. Port Scanning, IP Spoofing, DNS Spoofing 
  1. Firewalls (security threats, firewall principles and applications) 
  1. Topic 2 Lab: Practical demonstration on Port Scanning 

Topic 3 

Wireless network security 

  1. Wireless network Security Practices 
  1. Physical layer security 
  1. WiFi Security 
  1. Securing the industrial wireless network 
  1. Topic 3 Lab: Capturing Wireless Packets via Wireshark and then Cracking WPA2 WiFi Passphrase 

Topic 4 

Industrial control system communication media and protocols 

  1. Process automation protocols 
  1. Industrial control system protocols 
  1. Building automation protocols 
  1. Automatic meter reading protocols 
  1. Communication protocols in the enterprise zone 
  1. Communication protocols in the Industrial zone 
  1. Common IT protocols found in the ICS 

Topic 5 

Convergence (and Divergence) of IT& OT Security 

  1. Differences between Information Technology (IT) versus Operational Technology (OT) Paradigms 
  1. Comparison Between IT and Industrial Control and Automation Systems Issues 
  1. Industrial Automation and Control Systems Security Methodologies and Approaches 
  1. NIST Special Publication 800-82, Guide to Industrial Control Systems Security 
  1. ANSI/ISA-TR99.00.01-2007, Security Technologies for Industrial Automation and Control Systems 
  1. North American Electric Reliability Corporation, Critical Infrastructure Protection Cybersecurity Standards 
  1. Considerations in Adopting IT Security Methods to Industrial Automation and Control Systems 
  1. IT and Industrial Automation and Control Systems Comparisons from a Standards Perspective 

Topic 6 

Global Standards for ICS Security 

  1. International standards and best practices for ICS security 
  1. IEC 62443 and NIST framework 
  1. Cyber security management system 
  1. Risk Analysis and Security Maturity Level based on IEC 62443 
  1. Addressing risk with the CSMS 
  1. Monitoring and improving CSMS 
  1. The International Society for Automation’s (ISA) Security Program for IACS (ANSI/ISA–62443-2-1 (99.02.01)–2009) 
  1. ISA’s IACS security requirements and security levels (ANSI/ISA-62443-3-3 (99.03.03)-2013) 
  1. The International Organization for Standardization (ISO)’s Security Requirements (ISO/IEC 27001:2013) 
  1. ICS-CERT 
  1. Guideline towards ICS security 

Topic 7 

Defending IACS System 

  1. IACS Physical Security 
  1. IACS Network Security 
  1. IACS Computer Security 
  1. IACS Application Security 
  1. IACS Device Security 
  1. NSA’s Seven Steps to Effectively Defend IACS 
  1. Lab discussion: Design a safe and secure system considering IACS security aspects 

Topic 8 

Critical Infrastructure Security 

  1. Energy Grid Security 
  1. AMI System Security Requirements 
  1. United States’ Department of Energy’s 21 Steps to Improve Cyber Security of SCADA Networks
  1. Cybersecurity for automotive industry  
  1. Cybersecurity for Water 4.0 
  1. Cybersecurity for Supply-Chain Automation 
  1. Lab Discussion on Power System Cyber Security Examples  

Topic 9 

Privacy in Automation 

  1. Privacy challenges in the industry 4.0 era 
  1. Privacy and data protection laws 
  1. General Data Protection Regulation (GDPR)  
  1. The NIST’s “Security and Privacy Controls for Federal Information Systems and Organizations” (NIST SP 800-53 Rev.4) 
  1. Data Protection Best Practices for Industrial Internet of Things (IIoT) Systems 

Topic 10 

Security Risk Assessment and Management  

  1. Attacks, objectives, and consequences  
  1. Risk assessments  
  1. Insider Threat 
  1. Threat examples worth to note 
  1. A risk assessment example Step by Step  
  1. Assets Identification and characterization,  
  1. Vulnerability Identification and Threat Modelling,  
  1. Risk Calculation and Mitigation 
  1. Security assessment tools 

Topic 11 

Emerging Topics in Industrial Cybersecurity  

  1. Emerging Threats in Industrial IoT system 
  1. New Challenges from Ransomware in IACS 
  1. Insider Threats on the Rise 
  1. Blockchain for Industry 4.0 
  1. Smart Contracts for IACS 
  1. Blockchain Applications in IACS 
  1. Secured Cloud Computing for IACS 

Topic 12 

Project and Module Review 

In the final week, students will have an opportunity to review the contents covered so far. Opportunities will be provided for a review of student work and to clarify any outstanding issues. Instructors/facilitators may choose to cover a specialized topic if applicable to that cohort.  

Software/Hardware Used 

Software 

  • Software:  
  • Version: N/A 
  • Instructions: N/A 
  • Additional resources or files: N/A 

Hardware 

  • N/A