Educational guide | ||||||||||||||||||||||||||||||||||||||||
IDENTIFYING DATA | 2020_21 | |||||||||||||||||||||||||||||||||||||||
Subject | SECURITY OF CYBER-PHYSICAL SYSTEMS II | Code | 01733117 | |||||||||||||||||||||||||||||||||||||
Study programme |
|
|||||||||||||||||||||||||||||||||||||||
Descriptors | Credit. | Type | Year | Period | ||||||||||||||||||||||||||||||||||||
6 | Optional | Second | First |
|||||||||||||||||||||||||||||||||||||
Language | ||||||||||||||||||||||||||||||||||||||||
Prerequisites | ||||||||||||||||||||||||||||||||||||||||
Department | ING.ELECTR.DE SIST. Y AUTOMATI |
|||||||||||||||||||||||||||||||||||||||
Coordinador |
|
mapram@unileon.es mdomg@unileon.es dperl@unileon.es |
||||||||||||||||||||||||||||||||||||||
Lecturers |
|
|||||||||||||||||||||||||||||||||||||||
Web | http:// | |||||||||||||||||||||||||||||||||||||||
General description | ||||||||||||||||||||||||||||||||||||||||
Tribunales de Revisión |
|
|||||||||||||||||||||||||||||||||||||||
Competencies |
Type A | Code | Competences Specific |
A17091 | ||
A17092 | ||
Type B | Code | Competences Transversal |
B5220 | ||
B5221 | ||
B5222 | ||
B5223 | ||
B5224 | ||
B5225 | ||
Type C | Code | Competences Nuclear |
C1 | ||
C2 | ||
C3 | ||
C4 | ||
C5 |
Learning aims |
Competences | |||
A17091 |
B5224 B5225 |
C1 C2 C4 C5 |
|
A17092 |
B5224 B5225 |
C1 C2 C4 C5 |
|
B5220 B5221 B5222 B5223 |
C3 |
Contents |
Topic | Sub-topic |
I. Security and resilience in critical infrastructures and industrial control systems. | T1 Introduction T2 Architectures and technologies T3 Threats and vulnerabilities of the industrial control systems T4 Review of relevant incidents |
II. Initiatives and standards | T5 European and Spanish Law. Important entities and sources of recommendations and information T6 Standards. IEC-62443 |
III. Security, planning and design. | T7 Measures and procedures T8 Zones and conducts model T9 Technologies applied to cybersecurity in control systems |
IV. Design and evaluation of security programmes. | T10 National schema of industrial cybersecurity. Capacity assessment T11 Operator security plans. Specific Protection Plans |
V. Incident management in critical infrastructures | T12 Incident response |
Planning |
Methodologies :: Tests | |||||||||
Class hours | Hours outside the classroom | Total hours | |||||||
Laboratory practicals | 18 | 44 | 62 | ||||||
Other methodologies | 6 | 14 | 20 | ||||||
Lecture | 23 | 45 | 68 | ||||||
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students. |
Methodologies |
Description | |
Laboratory practicals | Application of the theoretical concepts to solve problems related to real practice. |
Other methodologies | Project. Workshops. |
Lecture | Lectures |
Personalized attention |
|
|
Assessment |
Description | Qualification | ||
Lecture | Written exam | 50% | |
Laboratory practicals | Written exam | 20% | |
Other methodologies | Project | 30% | |
Other comments and second call | |||
The written exam can include both theoretical and practical questions. In order to pass the course, it is necessary to reach at least 3.5 out of 7 in the written exam, 1.5 out of 3 in the project, and a total grade of 5 points out of 10. SECOND CALL: Written exam: 70% Project: 30% On-line students also need to take a mandatory on-site written exam. |
ADDENDUM |
Contingency plan due to COVID-19 emergency conditions that prevents from presence based teaching |
COVID-19 Teaching Guide Addendum Access Link |
Sources of information |
Access to Recommended Bibliography in the Catalog ULE |
Basic | |
Industrial Network Security, Second Edition: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Eric Knapp, Joel Thomas Langill. Syngress, 2014. Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. Eric Knapp, Raj Samani, Joel Thomas Langill. Syngress, 2013. Guide to industrial control systems (ICS) security. Keith Stouffer, Joe Falco, Karen Scarfone. National Institute of Standards and Technology, 2015. Informe de Amenazas CCN-CERT IA-04/16. Amenazas y análisis de riesgos en Sistemas de Control Industrial (ICS). Centro Criptológico Nacional, 2016 |
|
Complementary | |
Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, US Homeland Security, 2016 Estándar ISA/IEC 62443. https://ics-cert.us-cert.gov/ |
Recommendations |