Educational guide | ||||||||||||||||||||||||||||||||||||||||
IDENTIFYING DATA | 2023_24 | |||||||||||||||||||||||||||||||||||||||
Subject | INDUSTRIAL CYBERSECURITY II | Code | 01747020 | |||||||||||||||||||||||||||||||||||||
Study programme |
|
|||||||||||||||||||||||||||||||||||||||
Descriptors | Credit. | Type | Year | Period | ||||||||||||||||||||||||||||||||||||
3 | Optional | First | Second |
|||||||||||||||||||||||||||||||||||||
Language |
|
|||||||||||||||||||||||||||||||||||||||
Prerequisites | ||||||||||||||||||||||||||||||||||||||||
Department | ING.ELECTR.DE SIST. Y AUTOMATI |
|||||||||||||||||||||||||||||||||||||||
Coordinador |
|
mapram@unileon.es dperl@unileon.es jrodo@unileon.es |
||||||||||||||||||||||||||||||||||||||
Lecturers |
|
|||||||||||||||||||||||||||||||||||||||
Web | http:// | |||||||||||||||||||||||||||||||||||||||
General description | ||||||||||||||||||||||||||||||||||||||||
Tribunales de Revisión |
|
|||||||||||||||||||||||||||||||||||||||
Competencies |
Type A | Code | Competences Specific |
A18816 | ||
Type B | Code | Competences Transversal |
B5729 | ||
B5730 | ||
B5731 | ||
B5732 | ||
B5740 | ||
Type C | Code | Competences Nuclear |
C2 | ||
C4 | ||
C5 |
Learning aims |
Competences | |||
Knowing the main initiatives, programs and procedures of security focused to systems, networks and applications in industry environments. | A18816 |
B5730 B5731 B5740 |
C2 C4 |
Knowing the main security techniques in industrial control systems. | A18816 |
B5729 B5730 B5732 B5740 |
C2 C4 C5 |
Contents |
Topic | Sub-topic |
I. Security in depth. | T1. Policies and procedures. Privileges and authentication. T2. Host security. T3. Network security. Perimeter defense and network segmentation. Zones and conduits model. |
II. Technologies on industrial cybersecurity. | T4. Technologies. T5. Protocol filtering. T6. Intrusion detection. |
III. Detection and response to incidents in industrial environments. | T7. Security information and event monitoring. T8. Forensic analysis and incident response. |
IV. Security programs in critical infrastructures. | T9. National schema of industrial cybersecurity. Capacity assessment. T10. Operator security plans. Specific Protection Plans. |
Planning |
Methodologies :: Tests | |||||||||
Class hours | Hours outside the classroom | Total hours | |||||||
Presentations / expositions | 2 | 13 | 15 | ||||||
Practicals using information and communication technologies (ICTs) in computer rooms | 10 | 18 | 28 | ||||||
Personal tuition | 1 | 0 | 1 | ||||||
Lecture | 10 | 20 | 30 | ||||||
Objective multiple-choice tests | 1 | 0 | 1 | ||||||
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students. |
Methodologies |
Description | |
Presentations / expositions | Course project and its exposition |
Practicals using information and communication technologies (ICTs) in computer rooms | Hands-on tasks |
Personal tuition | Personal attention |
Lecture | Lectures |
Personalized attention |
|
|
Assessment |
Description | Qualification | ||
Presentations / expositions | Course project and its exposition | 20% | |
Practicals using information and communication technologies (ICTs) in computer rooms | Evaluation of hands-on tasks | 20% | |
Objective multiple-choice tests | The exam covers theoretical and practical concepts. | 60% | |
Other comments and second call | |||
In order to pass the course, it is necessary to reach at least 3 out of 6 in the written exam, 1 out of 2 in the hands-on tasks, and a total grade of 5 points out of 10.
SECOND CALL: Written exam: 60% Hands-on tasks: 20% Project: 20% |
Sources of information |
Access to Recommended Bibliography in the Catalog ULE |
Basic | |
Industrial Network Security, Second Edition: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Eric Knapp, Joel Thomas Langill. Syngress, 2014. Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. Eric Knapp, Raj Samani, Joel Thomas Langill. Syngress, 2013. Guide to industrial control systems (ICS) security. Keith Stouffer, Joe Falco, Karen Scarfone. National Institute of Standards and Technology, 2015. Informe de Amenazas CCN-CERT IA-04/16. Amenazas y análisis de riesgos en Sistemas de Control Industrial (ICS). Centro Criptológico Nacional, 2016 |
|
Complementary | |
Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, US Homeland Security, 2016 Estándar ISA/IEC 62443. https://ics-cert.us-cert.gov/ |
Recommendations |
Subjects that it is recommended to have taken before | ||
|