header

 
Version  1.3                         

 

Unit Name IT/OT Cyber Security
Unit Code BIA307
Unit Duration 1 Term
Award

Bachelor of Science (Engineering)

Duration 3 years    
Year Level Three
Unit Creator / Reviewer Dr. Adnan Anwar
Common/Stream : Stream (Elective)
Pre/Co-requisites N/A
Credit Points

3

Total Course Credit Points 81 (27 x 3)
Mode of Delivery Online or on-campus. 
Unit Workload (Total student workload including “contact hours” = 10 hours per week)
Pre-recordings / Lecture – 1.5 hours
Tutorial – 1.5 hours
Guided labs / Group work / Assessments – 2 hours
Personal Study recommended – 5 hours

Unit Description and General Aims

The objective is to impart to students the principles and application of cybersecurity for industrial automation systems. While the advanced and intelligent data-driven Industrial Automation and Control Systems (IACS) has significantly improved manufacturing and process automation, it has opened the door for new vulnerabilities. Especially, the convergence of Information Technology (IT) with the Operational Technology (OT) has merged the internal and external company networks which increased data transfer between systems. As a result, it increased the susceptibility for new and emerging cyber security threats. The subject matter covered in this unit will include: Information Technology, Wireless Communication and Operational Technology security fundamentals and practices, security challenges in the IACS, global cybersecurity standards for IACS, and their defence mechanisms. It also includes critical infrastructure security like industrial energy systems, water, automotive, and supply-chain security. Next, it guides the privacy aspects of industrial data during the automation process. Finally, the cybersecurity risk management framework is discussed and some emerging aspects (e.g., blockchain, smart contracts) related to cybersecurity for Industry 4.0 is presented.

Learning Outcomes

  1. Discuss the cybersecurity principles for industrial automation systems, demonstrate the ability to explain and apply the current state of the art practices.
    Bloom's Level 3
  2. Identify and analyze cybersecurity risks for IT and OT networks.
    Bloom's Level 4
  3. Evaluate key cybersecurity requirements for Industrial Automation and Control Systems (IACS).
    Bloom's Level 5
  4. Perform cybersecurity risk assessment for IT/OT network.
    Bloom's Level 5
  5. Analyze threat models and countermeasures for IT/OT network.
    Bloom's Level 4
  6. Design a safe and secure system considering IACS security aspects.
    Bloom's Level 6

Student assessment

Assessment Type When assessed Weighting (% of total unit marks) Learning Outcomes Assessed

Assessment 1

Type: Weekly Quizzes (Topic 2-11)

Description: Students may complete quizzes with MCQ type answers and solve some simple equations to demonstrate a good understanding of the fundamental concepts.

 Ongoing 10% All

Assessment 2

Type: Test (Invigilated)

Description: Students will need to answer some short and/or long answer questions based on the Industrial control system communication protocols, and different aspects of IT/OT security that has been covered from week 4-6. Students can also be asked to design conceptual architectures of IT/OT communication protocols and explain ICS security standards.

 Due after Topic 6 25% 1, 2, 3

Assessment 3

Type: Report

Description: Students need to perform a comprehensive literature review to investigate key cybersecurity threats which are observed in an ICS setup. The report will also analyze the associated security risks, and possible defense mechanisms.

 Due after Topic 9 25% 4, 5, 6

Assessment 4

Type: Examination (Invigilated)

Description: An examination with a mix of MCQs, short answer questions, and question related to the design of secured architecture and communication protocol. It will also ask the students to write their self-reflection on the learning related to IT/OT security requirements, and practices. Questions will also examine students' knowledge on global standards related to ICS security and its privacy aspects.

 Final Week 40% All

 

Overall requirements: Students must achieve a result of 50% or above in the exam itself to pass the exam and must pass the exam to be able to pass the unit. An overall final unit score of 50% or above must be achieved to pass the unit once all assessment, including the exam, has been completed.

Prescribed and Recommended Readings

Textbook:

  • Industrial Automation and Control System Security Principles: Protecting the Critical Infrastructure, by Ronald L. Krutz Ph.D. P.E., Second Edition, International Society of Automation, 2016.
  • Industrial Cybersecurity: Efficiently secure critical infrastructure systems by Pascal Ackerman, Packt Publishing, 2017.
  • Cyber Security of Industrial Control Systems in the Future Internet Environment, by Mirjana D. Stojanović (University of Belgrade, Serbia) and Slavica V. Boštjančič Rakas (University of Belgrade, Serbia), IGI Global, February 2020.

Reference:

Notes and Reference texts:

  • Other material advised during the lectures.

Unit Content

One topic is delivered per contact week, with the exception of part-time 24-week units, where one topic is delivered every two weeks.

Topic 1

Information System Security Fundamentals

  1. Security Principles (Confidentiality, Integrity, Availability)
  2. Cryptosystems (hash functions, authentication, encryption)
  3. Authentication, Authorization, Accounting (AAA)
  4. Intrusion Detection (characteristics, types, attack responses)
  5. Virtual Private Networks (VPNs)
  6. Topic 1 Lab: Covers Symmetric Encryption and Hashing

Topic 2

Communication and Network Layer Security

  1. Secure Communication Protocols
  2. Secure Sockets Layer (SSL)
  3. Transport Layer Security (TLS)
  4. TCP/IP Layers and security
  5. Network layer Security - Network Address Translation (NAT)
  6. Port Scanning, IP Spoofing, DNS Spoofing
  7. Firewalls (security threats, firewall principles and applications)
  8. Topic 2 Lab: Practical demonstration on Port Scanning

Topic 3

Wireless network security

  1. Wireless network Security Practices
  2. Physical layer security
  3. WiFi Security
  4. Securing the industrial wireless network
  5. Topic 3 Lab: Capturing Wireless Packets via Wireshark and then Cracking WPA2 WiFi Passphrase

Topic 4

Industrial control system communication media and protocols

  1. Process automation protocols
  2. Industrial control system protocols
  3. Building automation protocols
  4. Automatic meter reading protocols
  5. Communication protocols in the enterprise zone
  6. Communication protocols in the Industrial zone
  7. Common IT protocols found in the ICS

Topic 5

Convergence (and Divergence) of IT & OT Security

  1. Differences between Information Technology (IT) versus Operational Technology (OT) Paradigms
  2. Comparison Between IT and Industrial Control and Automation Systems Issues
  3. Industrial Automation and Control Systems Security Methodologies and Approaches
  4. NIST Special Publication 800-82, Guide to Industrial Control Systems Security
  5. ANSI/ISA-TR99.00.01-2007, Security Technologies for Industrial Automation and Control Systems
  6. North American Electric Reliability Corporation, Critical Infrastructure Protection Cybersecurity Standards
  7. Considerations in Adopting IT Security Methods to Industrial Automation and Control Systems
  8. IT and Industrial Automation and Control Systems Comparisons from a Standards Perspective

Topic 6

Global Standards for ICS Security

  1. International standards and best practices for ICS security
  2. IEC 62443 and NIST framework
    1. Cyber security management system
    2. Risk Analysis and Security Maturity Level based on IEC 62443
    3. Addressing risk with the CSMS
    4. Monitoring and improving CSMS
  3. The International Society for Automation's (ISA) Security Program for IACS (ANSI/ISA-62443-2-1 (99.02.01)-2009)
  4. ISA's IACS security requirements and security levels (ANSI/ISA-62443-3-3 (99.03.03)-2013)
  5. The International Organization for Standardization (ISO)'s Security Requirements (ISO/IEC 27001:2013)
  6. ICS-CERT
  7. The Australian Cyber Security Centre's (ACSC) guideline towards ICS security

Topic 7

Defending IACS System

  1. IACS Physical Security
  2. IACS Network Security
  3. IACS Computer Security
  4. IACS Application Security
  5. IACS Device Security
  6. NSA's Seven Steps to Effectively Defend IACS
  7. Lab discussion: Design a safe and secure system considering IACS security aspects

Topic 8

Critical Infrastructure Security

  1. Energy Grid Security
    1. AMI System Security Requirements
    2. United States' Department of Energy's 21 Steps to Improve Cyber Security of SCADA Networks
  2. Cybersecurity for automotive industry
  3. Cybersecurity for Water 4.0
  4. Cybersecurity for Supply-Chain Automation
  5. Lab Discussion on Power System Cyber Security Examples

Topic 9

Privacy in Automation

  1. Privacy challenges in the industry 4.0 era
  2. Australian privacy and data protection laws
  3. General Data Protection Regulation (GDPR): an Australian perspective
  4. The NIST's "Security and Privacy Controls for Federal Information Systems and Organizations" (NIST SP 800-53 Rev.4)
  5. Data Protection Best Practices for Industrial Internet of Things (IIoT) Systems

Topic 10

Security Risk Assessment and Management

  1. Attacks, objectives, and consequences
  2. Risk assessments
  3. Insider Threat
  4. Threat examples worth to note
  5. A risk assessment example Step by Step
    1. Assets Identification and characterization
    2. Vulnerability Identification and Threat Modelling
    3. Risk Calculation and Mitigation
  6. Security assessment tools

Topic 11

Emerging Topics in Industrial Cybersecurity

  1. Emerging Threats in Industrial IoT system
  2. New Challenges from Ransomware in IACS
  3. Insider Threats on the Rise
  4. Blockchain for Industry 4.0
    1. Smart Contracts for IACS
    2. Blockchain Applications in IACS
  5. Secured Cloud Computing for IACS

Topic 12

Project and Unit Review

In the final week, students will have an opportunity to review the contents covered so far. Opportunities will be provided for a review of student work and to clarify any outstanding issues. Instructors/facilitators may choose to cover a specialized topic if applicable to that cohort.

Software/Hardware Used

Software

Hardware

  • 130in1 Electronic Hardware Kit (Optional - to show electronics

Unit Changes Based on Student Feedback