The role of cyber-security in information technology education

Rowe, Dale C.; Lunt, Barry M.; Ekstrom, Joseph J.

doi:10.1145/2047594.2047628

Cited by 74 publications

(35 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Rowe et al discuss the role of cybersecurity in IT education [15]. Raj et al emphasize on increasing cybersecurity awareness by pushing security concepts in education [16].…”

Section: Previous Educational Workmentioning

confidence: 99%

See 1 more Smart Citation

A hands-on modular laboratory environment to foster learning in control system security

Deshmukh

Patterson

Baumann

2016

2016 IEEE Frontiers in Education Conference (FIE)

View full text Add to dashboard Cite

Cyber-Physical Systems (CPSes) form the core of Industrial Control Systems (ICSes) and critical infrastructure. These systems use computers to control and monitor physical processes in many critical industries including aviation, industrial automation, transportation, communications, waste treatment, and power systems. Increasingly, these systems are connected with corporate networks and the Internet, making them susceptible to risks similar to traditional computing systems experiencing cyber-attacks on a conventional Information Technology (IT) network. Furthermore, recent attacks like the Stuxnet worm have demonstrated the weaknesses of CPS security, which has prompted increased effort to develop more effective security mechanisms. While this remains an important topic of research, often CPS security is not given much attention in undergraduate programs. There can be a significant disconnect between control system engineers with CPS engineering skills and network engineers with an IT background.This thesis describes hands-on courseware to help students bridge this gap. This courseware incorporates cyber-physical security concepts into effective learning modules that highlight real-world technical issues. A modular learning approach helps students understand CPS architectures and their vulnerabilities to cyber-attacks via experiential learning, and acquire practical skills through actively participating in the hands-on exercises. The ultimate goal of these lab modules is to show how an adversary would break into a conventional CPS system by exploiting various network protocols and security measures implemented in the system. A mock testbed environment is created using commercial-off-the-shelf hardware to address the unique aspects of a CPS, and serve as a cybersecurity trainer for students from control system or IT backgrounds. The modular nature of this courseware, which uses an economical and easily replicable hardware testbed, make this experience uniquely available as an adjunct to conventional embedded system, control system design, or cybersecurity courses. To assess the impact of this courseware, an evaluation survey is developed to measure the understanding of the unique aspects of CPS security addressed. These modules leverage the existing academic subjects, help students understand the sequence of steps taken by adversaries, and serve to bridge theory and practice. A Hands-on Modular Laboratory Environment to Foster Learning inControl System Security Pallavi Prafulla Deshmukh GENERAL AUDIENCE ABSTRACT Cyber-Physical Systems (CPSes) use computers to control and monitor physical processes in domains such as aviation, industrial automation, transportation, communication, water distribution, waste treatment, and power systems. These systems are increasingly connected with both private and public networks, making them susceptible to disruption or destruction by adversaries anywhere in the world. Stuxnet worm was a prime example of a sophisticated attack that managed to infiltrate and damage centrif...

show abstract

“…Rowe et al discuss the role of cybersecurity in IT education [15]. Raj et al emphasize on increasing cybersecurity awareness by pushing security concepts in education [16].…”

Section: Previous Educational Workmentioning

confidence: 99%

“…Howles et al discuss a holistic, modular approach to infusing cybersecurity in undergraduate degree programs [17]. Although modules have been a common pedagogical platform for cybersecurity [15][16][17][18][19], these do not highlight the real-world security issues in CPSes.…”

Section: Previous Educational Workmentioning

confidence: 99%

A hands-on modular laboratory environment to foster learning in control system security

Deshmukh

Patterson

Baumann

2016

2016 IEEE Frontiers in Education Conference (FIE)

View full text Add to dashboard Cite

show abstract

“…However, organizations need to identify the risks associated to IT (information technology) usage, especially with this strong dependency to information systems and IT in both public and private organizations. In recent years, cybersecurity has been the subject of serious discussion on IT integration in different organization's processes (Rowe, Lunt, & Ekstrom, 2011), because information safety and security are a key element to get the benefit from IT usage. In this context and according to (Elkhannoubi & Belaissaoui, 2015) cybersecurity isn't a matter of technological choice; it affects legal, organizational and technological directions of enterprises or administrations.…”

Section: Introductionmentioning

confidence: 99%

User's Behaviors Influence on Cybersecurity Strategy Effectiveness

Elkhannoubi¹,

Belaïssaoui²

2016

IJAERS

View full text Add to dashboard Cite

show abstract

“…Recent research shows a huge shortage (20,000 to 30,000) of qualified cyber security specialists [1] in the United States, while networking giant CISCO in its report predicts the shortage of more than a million security specialists all around the globe [2]. Following the growing need for skilled InfoSec personnel, many universities offer graduate-level programs in information security to distance students.…”

Section: Introductionmentioning

confidence: 99%