T7. Cyber-Physical Systems Security

This class covers the security of cyber-physical critical infrastructure systems (such as transportation networks, oil pipelines, and the power grid) from a multidisciplinary point of view, from computer science security research for critical infrastructure, to public-policy, the Executive Order 13636, risk-assessment, business drivers, and control-theory methods to reduce the cyber risk to critical infrastructures.

Prerequisites. None.

Outline:

1. Introduction (1:00 hour)

   Cyberconflict: (0:30 mins) The first part will consist on the definition of the problem, and will look at a multidisciplinary view of potential attacks to cyber-physicial critical infrastructures. The first 30 minutes will define what cyberconflict is (including Cyber-Activism, Espionage, Terrorism, and War), and the different interpretations.

   Business Case (0:30 mins) The second part of the introduction session will also be 30 minutes, and will discuss some of the difficulties for securing our critical infrastructures, including the business cases and the recent Executive Order 13636 and the Cyber-Framework. (Note that the 4th Cyber-Framework Workshop will be hosted at the institution of the course instructor.)

2. Security of CPS systems (1:30 hours)

   The second part of the course will discuss the security of different cyber-physical systems including transportation networks, air-traffic control, building automation and HVAC, smart grids, and SCADA security.

3. Hands on lab. (0:30 mins)

   The final part of the course will be 30 mins and will give hands-on experience to students on a practical tool. It can be a physical simulation tool such as GridLAb, or it can be a discussion of SCADA Systems Connected to the Internet and some small experiments with SHODAN

About the Instructor:

Dr. Alvaro A. Cárdenas is an Assistant Professor at the University of Texas at Dallas. He holds M.S. and Ph.D. degrees from the University of Maryland, College Park under the advise of John Baras, and a B.S. from Universidad de los Andes. Prior to joining UT Dallas he was a research staff with Fujitsu Laboratories of America in Sunnyvale, CA, where he did research in Trusted Computing, Big Data, and Smart Grids; and prior to Fujitsu, he was a postdoctoral scholar at the University of California at Berkeley under the advise of Shankar Sastry and Doug Tygar, doing research in cyber-physical systems security and applications of Machine Learning to Intrusion Detection.

He has also been an invited visiting professor at the University of Cagliari in Italy where he taught a class on machine learning and game theory for security, an Intern working on discriminatory Bayesian networks at INRIA-LORIA in France, and a SCADA intern, working on ladder logic to replace old relay boxes in Occidental Petroleum Corporation in Caño Limón, Cobeñas, Colombia. He has received numerous awards for his research including a best paper award from the U.S. Army Research Office, a best presentation award from the IEEE, a graduate school fellowship from the University of Maryland, and a Distinguished Assistantship from the Institute of Systems Research.