Educational guide
IDENTIFYING DATA 2023_24
Subject INDUSTRIAL CYBERSECURITY I Code 01747014
Study programme
1746 - Máster Universitario de Investigación en Ciberseguridad (OL)
Descriptors Credit. Type Year Period
3 Optional First First
Language
Castellano
Prerequisites
Department ING.ELECTR.DE SIST. Y AUTOMATI
Coordinador
DOMÍNGUEZ GONZÁLEZ , MANUEL
E-mail mdomg@unileon.es
mapram@unileon.es
rgonh@unileon.es
Lecturers
DOMÍNGUEZ GONZÁLEZ , MANUEL
PRADA MEDRANO , MIGUEL ANGEL
GONZALEZ HERBON , RAUL
Web http://
General description
Tribunales de Revisión
Tribunal titular
Cargo Departamento Profesor
Presidente ING.ELECTR.DE SIST. Y AUTOMATI BLAZQUEZ QUINTANA , LUIS FELIPE
Secretario ING.ELECTR.DE SIST. Y AUTOMATI MARCOS MARTINEZ , DAVID
Vocal ING.ELECTR.DE SIST. Y AUTOMATI ALAIZ MORETON , HECTOR
Tribunal suplente
Cargo Departamento Profesor
Presidente ING.ELECTR.DE SIST. Y AUTOMATI ALAIZ RODRIGUEZ , ROCIO
Secretario ING.ELECTR.DE SIST. Y AUTOMATI FOCES MORAN , JOSE MARIA
Vocal ING.ELECTR.DE SIST. Y AUTOMATI GARCIA RODRIGUEZ , ISAIAS

Competencies
Type A Code Competences Specific
  A18816
Type B Code Competences Transversal
  B5729
  B5730
  B5731
  B5732
  B5740
Type C Code Competences Nuclear
  C2
  C4
  C5

Learning aims
Competences
Knowing threats and vulnerabilities that are specific to industrial environments and critical infrastructures. A18816
 B5730
B5740
 C2
C4
Knowing the main security initiatives, programs and procedures focused on systems, networks and applications in industrial environments. A18816
 B5729
B5731
B5732
 C2
C4
C5

Contents
Topic Sub-topic
I. Specific security issues of industrial control systems T1 Introduction
T2 Architectures and technologies
II. Threats and vulnerabilities on industrial control systems and critical infrastructures T3. Threats.
T4. Vulnerabilities.
T5. Impact. Risk.
III. Initiatives and standards T6. European and Spanish Law. Important entities and sources of recommendations and information.
T7. Standards. IEC-62443.
IV. A critical review of relevant incidents T8. Incidents.
V. Introduction to security procedures in the field of industrial control systems T9. Introduction to security procedures

Planning
Methodologies  ::  Tests
  Class hours Hours outside the classroom Total hours
Practicals using information and communication technologies (ICTs) in computer rooms 10 18 28
 
Personal tuition 1 0 1
Presentations / expositions 2 13 15
 
Lecture 10 20 30
 
Objective multiple-choice tests 1 0 1
 
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies
Methodologies   ::  
  Description
Practicals using information and communication technologies (ICTs) in computer rooms Hands-on tasks
Personal tuition Personal attention
Presentations / expositions Course project and its exposition
Lecture Lecture

Personalized attention
 
Personal tuition
Description
The students can receive personal or group attention that should be requested in advance by e-mail.

Assessment
  Description Qualification
Presentations / expositions Course project and its exposition 20%
Practicals using information and communication technologies (ICTs) in computer rooms Evaluation of hands-on tasks 20%
Objective multiple-choice tests The exam covers theoretical and practical concepts. 60%
 
Other comments and second call

In order to pass the course, it is necessary to reach at least 3 out of 6 in the written exam, 1 out of 2 in the hands-on tasks, and a total grade of 5 points out of 10.

 

SECOND CALL:

Written exam: 60%

Hands-on tasks: 20%

Project: 20%

Sources of information
Access to Recommended Bibliography in the Catalog ULE

Basic

Industrial Network Security, Second Edition: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Eric Knapp, Joel Thomas Langill. Syngress, 2014.

Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. Eric Knapp, Raj Samani, Joel Thomas Langill. Syngress, 2013.

Guide to industrial control systems (ICS) security. Keith Stouffer,  Joe Falco, Karen Scarfone. National Institute of Standards and Technology, 2015.

Informe de Amenazas CCN-CERT IA-04/16. Amenazas y análisis de riesgos en Sistemas de Control Industrial (ICS). Centro Criptológico Nacional, 2016
Complementary
Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, US Homeland Security, 2016

Estándar ISA/IEC 62443.

https://ics-cert.us-cert.gov/

Recommendations