Educational guide
IDENTIFYING DATA 2020_21
Subject SECURITY OF CYBER-PHYSICAL SYSTEMS II Code 01733117
Study programme
1732 - MASTER UNIVERSITARIO EN INVESTIGACION EN CIBERSEGURIDAD (OL)
Descriptors Credit. Type Year Period
6 Optional Second First
Language
Prerequisites
Department ING.ELECTR.DE SIST. Y AUTOMATI
Coordinador
PRADA MEDRANO , MIGUEL ANGEL
E-mail mapram@unileon.es
mdomg@unileon.es
dperl@unileon.es
Lecturers
DOMÍNGUEZ GONZÁLEZ , MANUEL
PRADA MEDRANO , MIGUEL ANGEL
PEREZ LOPEZ , DANIEL
Web http://
General description
Tribunales de Revisión
Tribunal titular
Cargo Departamento Profesor
Presidente ING.ELECTR.DE SIST. Y AUTOMATI ALONSO ALVAREZ , ANGEL
Secretario ING.ELECTR.DE SIST. Y AUTOMATI BENAVIDES CUELLAR , MARIA DEL CARMEN
Vocal ING.ELECTR.DE SIST. Y AUTOMATI ALAIZ MORETON , HECTOR
Tribunal suplente
Cargo Departamento Profesor
Presidente ING.ELECTR.DE SIST. Y AUTOMATI ALAIZ RODRIGUEZ , ROCIO
Secretario ING.ELECTR.DE SIST. Y AUTOMATI REGUERA ACEVEDO , PERFECTO
Vocal ING.ELECTR.DE SIST. Y AUTOMATI FOCES MORAN , JOSE MARIA

Competencies
Type A Code Competences Specific
  A17091
  A17092
Type B Code Competences Transversal
  B5220
  B5221
  B5222
  B5223
  B5224
  B5225
Type C Code Competences Nuclear
  C1
  C2
  C3
  C4
  C5

Learning aims
Competences
A17091
B5224
B5225
C1
C2
C4
C5
A17092
B5224
B5225
C1
C2
C4
C5
B5220
B5221
B5222
B5223
C3

Contents
Topic Sub-topic
I. Security and resilience in critical infrastructures and industrial control systems. T1 Introduction
T2 Architectures and technologies
T3 Threats and vulnerabilities of the industrial control systems
T4 Review of relevant incidents
II. Initiatives and standards T5 European and Spanish Law. Important entities and sources of recommendations and information
T6 Standards. IEC-62443
III. Security, planning and design. T7 Measures and procedures
T8 Zones and conducts model
T9 Technologies applied to cybersecurity in control systems
IV. Design and evaluation of security programmes. T10 National schema of industrial cybersecurity. Capacity assessment
T11 Operator security plans. Specific Protection Plans
V. Incident management in critical infrastructures T12 Incident response

Planning
Methodologies  ::  Tests
  Class hours Hours outside the classroom Total hours
Laboratory practicals 18 44 62
 
Other methodologies 6 14 20
 
Lecture 23 45 68
 
 
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies
Methodologies   ::  
  Description
Laboratory practicals Application of the theoretical concepts to solve problems related to real practice.
Other methodologies Project. Workshops.
Lecture Lectures

Personalized attention
 
Lecture
Description
The students can receive personal or group attention that should be requested in advance by e-mail.

Assessment
  Description Qualification
Lecture Written exam 50%
Laboratory practicals Written exam 20%
Other methodologies Project 30%
 
Other comments and second call

The written exam can include both theoretical and practical questions. 

In order to pass the course, it is necessary to reach at least 3.5 out of 7 in the written exam, 1.5 out of 3 in the project, and a total grade of 5 points out of 10.

SECOND CALL:
Written exam: 70%
Project: 30%

On-line students also need to take a mandatory on-site written exam. 

ADDENDUM
Contingency plan due to COVID-19 emergency conditions that prevents from presence based teaching
COVID-19 Teaching Guide Addendum Access Link


Sources of information
Access to Recommended Bibliography in the Catalog ULE

Basic

Industrial Network Security, Second Edition: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Eric Knapp, Joel Thomas Langill. Syngress, 2014.

Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. Eric Knapp, Raj Samani, Joel Thomas Langill. Syngress, 2013.

Guide to industrial control systems (ICS) security. Keith Stouffer,  Joe Falco, Karen Scarfone. National Institute of Standards and Technology, 2015. 

Informe de Amenazas CCN-CERT IA-04/16. Amenazas y análisis de riesgos en Sistemas de Control Industrial (ICS). Centro Criptológico Nacional, 2016

Complementary

Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, US Homeland Security, 2016

Estándar ISA/IEC 62443.

https://ics-cert.us-cert.gov/


Recommendations