Educational guide | ||||||||||||||||||||||||||||||||||||||||
IDENTIFYING DATA | 2023_24 | |||||||||||||||||||||||||||||||||||||||
Subject | INDUSTRIAL CYBERSECURITY I | Code | 01747014 | |||||||||||||||||||||||||||||||||||||
Study programme |
|
|||||||||||||||||||||||||||||||||||||||
Descriptors | Credit. | Type | Year | Period | ||||||||||||||||||||||||||||||||||||
3 | Optional | First | First |
|||||||||||||||||||||||||||||||||||||
Language | ||||||||||||||||||||||||||||||||||||||||
Prerequisites | ||||||||||||||||||||||||||||||||||||||||
Department | ING.ELECTR.DE SIST. Y AUTOMATI |
|||||||||||||||||||||||||||||||||||||||
Coordinador |
|
mdomg@unileon.es mapram@unileon.es rgonh@unileon.es |
||||||||||||||||||||||||||||||||||||||
Lecturers |
|
|||||||||||||||||||||||||||||||||||||||
Web | http:// | |||||||||||||||||||||||||||||||||||||||
General description | ||||||||||||||||||||||||||||||||||||||||
Tribunales de Revisión |
|
|||||||||||||||||||||||||||||||||||||||
Competencies |
Type A | Code | Competences Specific |
A18816 | ||
Type B | Code | Competences Transversal |
B5729 | ||
B5730 | ||
B5731 | ||
B5732 | ||
B5740 | ||
Type C | Code | Competences Nuclear |
C2 | ||
C4 | ||
C5 |
Learning aims |
Competences | |||
Knowing threats and vulnerabilities that are specific to industrial environments and critical infrastructures. | A18816 |
B5730 B5740 |
C2 C4 |
Knowing the main security initiatives, programs and procedures focused on systems, networks and applications in industrial environments. | A18816 |
B5729 B5731 B5732 |
C2 C4 C5 |
Contents |
Topic | Sub-topic |
I. Specific security issues of industrial control systems | T1 Introduction T2 Architectures and technologies |
II. Threats and vulnerabilities on industrial control systems and critical infrastructures | T3. Threats. T4. Vulnerabilities. T5. Impact. Risk. |
III. Initiatives and standards | T6. European and Spanish Law. Important entities and sources of recommendations and information. T7. Standards. IEC-62443. |
IV. A critical review of relevant incidents | T8. Incidents. |
V. Introduction to security procedures in the field of industrial control systems | T9. Introduction to security procedures |
Planning |
Methodologies :: Tests | |||||||||
Class hours | Hours outside the classroom | Total hours | |||||||
Practicals using information and communication technologies (ICTs) in computer rooms | 10 | 18 | 28 | ||||||
Personal tuition | 1 | 0 | 1 | ||||||
Presentations / expositions | 2 | 13 | 15 | ||||||
Lecture | 10 | 20 | 30 | ||||||
Objective multiple-choice tests | 1 | 0 | 1 | ||||||
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students. |
Methodologies |
Description | |
Practicals using information and communication technologies (ICTs) in computer rooms | Hands-on tasks |
Personal tuition | Personal attention |
Presentations / expositions | Course project and its exposition |
Lecture | Lecture |
Personalized attention |
|
|
Assessment |
Description | Qualification | ||
Presentations / expositions | Course project and its exposition | 20% | |
Practicals using information and communication technologies (ICTs) in computer rooms | Evaluation of hands-on tasks | 20% | |
Objective multiple-choice tests | The exam covers theoretical and practical concepts. | 60% | |
Other comments and second call | |||
In order to pass the course, it is necessary to reach at least 3 out of 6 in the written exam, 1 out of 2 in the hands-on tasks, and a total grade of 5 points out of 10.
SECOND CALL: Written exam: 60% Hands-on tasks: 20% Project: 20% |
Sources of information |
Access to Recommended Bibliography in the Catalog ULE |
Basic | |
Industrial Network Security, Second Edition: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Eric Knapp, Joel Thomas Langill. Syngress, 2014. Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. Eric Knapp, Raj Samani, Joel Thomas Langill. Syngress, 2013. Guide to industrial control systems (ICS) security. Keith Stouffer, Joe Falco, Karen Scarfone. National Institute of Standards and Technology, 2015. Informe de Amenazas CCN-CERT IA-04/16. Amenazas y análisis de riesgos en Sistemas de Control Industrial (ICS). Centro Criptológico Nacional, 2016 |
|
Complementary | |
Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, US Homeland Security, 2016 Estándar ISA/IEC 62443. https://ics-cert.us-cert.gov/ |
Recommendations |