Whitacre College of Engineering PanelInterdisciplinary Cybersecurity Education

Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure

Panel Members: S. D. Urban (IE), Qing Hui (ME), Brian Nutter (EE), Sunho Lim (CS)

November 9, 2012

Support for this work was provided by the National Science Foundation’s Federal Cyber Service: Scholarship for Service (SFS) program under Award No. 1241735. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.

Course Plan

Cybersecurity Certificate and Concentration Options

Mechanical Engineering

ME 4334 Feedback Control of Dynamic Systems (D) Analysis and design of control systems, including applications

to electromechanical systems Feedback control to modify behavior of dynamic systems Change to stability, transient response, and steady-state error

through dynamic compensation Modern control through state-space models

ME/Math 5312 Control Theory I (D) First course in advanced control theory Linear systems theory Robust and optimal control Introduction to stochastic control Model reduction and control of large-scale systems

Mechanical Engineering

ME 5314 Nonlinear Dynamics (D) Analysis of complex and nonlinear dynamic systems Stability and robustness Bifurcation, catastrophe, and chaos Time-series analysis

ME 4331/5331 Networked and Industrial Control Systems (D)

Hierarchical and distributed control systems Control of stochastic systems Communication protocols Effects of communication delay and network dynamics Fault detection and recovery Cybersecurity for networked and industrial control systems

Electrical and Computer Engineering

ECE 4325/5325 Telecom Networks (D) Provides a wide breadth of practices for network engineers Network security, encryption, scrambling, reliability, spoofing Network traffic analysis and packet sniffing

ECE 4375/5375 Computer Architecture (D) Provides a wide breadth of practices for device designers Protection of intellectual property Trustworthy computing architectures

ECE 4380/5380 Embedded Systems (D) Provides a wide breadth of practices for system designers Protection of intellectual property Trustworthy computing algorithms

ECE 5331 Cybersecurity for Smartgrids (E) Risk factors for SCADA and other infrastructure elements Security methods, procedures, and vulnerabilities

Industrial Engineering

IE 4331/5331Cybersecurity for Information Systems (E/L) Provides a wide breadth of practices for information system security Covers the DHS essential body of knowledge Competencies for data security, digital forensics, enterprise

continuity, incident management, Information systems operation/maintenance, network security Personal/physical security, legal/regulatory compliance, risk

management IE 4331/5331 Software Security (D)

Address the secure software development process. Systems engineering/software interface, attack vulnerabilities Acquisition strategies for security Elicitation and analysis, design patterns, secure code, testing Dependability, reliability, software assurance, life cycle integration

Define critical infrastructure case studies for each of the above courses.

Industrial Engineering

IE 4331/5331 Cyber Attacks

Cyber attack capabilities, attack technologies, engineering attack and defense Civilian and military policy, ethics of cyber attacks, societal impacts Possibly co-taught with Dr. Vickie Sutton from the Law School

IE 5308 Risk Assessment of Human Behavior (D)

Risk calibration and analysis Multiple risk aggregation Group decisions Potential Enhancement: Define security specific modules on issues and/or

critical infrastructure case studies IE 5309 Risk Modeling and Assessment (D)

Risk analysis and management Risk analysis methods Failure consequences, data for risk management, risk communication Potential Enhancement: Define security specific modules on issues and/or

critical infrastructure case studies

Computer Science

5332 Secure Software Engineering (D) Secure requirements specifications Secure software design Validation (assessment) of security properties in requirements

modeling and design Secure programming Testing for security properties (security assurance)

4331/5331 Information Assurance and Security (D) Symmetric and public key cryptography, hash functions,

cryptanalysis Authentication, authorization, security protocols Software flaws, software malware, reverse engineering Digital rights management, trusted operating systems

Computer Science

4331/5331 Network Security (D) Network security threats and issues Cryptography and cryptographic protocol Firewall, Virtual private network (VPN), IPSec Network intrusion detection, wireless network security protocol

4331/5331 Opportunistic Mobile Networks (D) Networks architecture and protocols - ad hoc networks (MANETs), wireless

sensor networks (WSNs) focused Routing, broadcast, caching, and medium access control (MAC) protocols Potential Enhancement: Secure routing and MAC protocols

4331 Embedded Systems (D) Embedded software and hardware architecture Intel ® Atom-specific architecture and its characteristic Embedded programming Potential Enhancement: Secure embedded software and programming