CS6263 - Introduction to Cyber-Physical Systems Security

Introduction to Cyber-Physical Systems Security (ECE 8813) - Fall 2018

Instructor: Dr. Raheem Beyah
Office	Klaus 2308
Office hours	Friday, 10am or By appointment
Email

Head Teaching Assistant: Tohid Shekari
Email

The course covers introductory topics in cyber-physical systems security. The goal is to expose students to fundamental security primitives specific to cyber-physical sysytems and to apply them to a broad range of current and future security challenges. Much of the course is taught with the focus on one instance of cyber-physical sytems - Industrial Control Systems (CPSs). However, students will be expected to generalize the concepts for other cyber-physical systems.

Students will work with various tools and techniques used by hackers to compromise computer systems or otherwise interfere with normal operations. Students will also use tools that are uniques to interacting with cyber-physical systems. The purpose of the class is NOT to teach you how to be a hacker, but rather to teach you the approaches used by hackers so you can better defend against them. Students will be graded based upon exams and completion of assignments

Policy on Commenting Software:
Fully commenting code, even code that you were given as a starting point is mandatory. This is one of the instructor's pet peeves. You must fully comment all code you turn in and must include comments to explain all of the code you turn in. (Even those parts of the code you did not write but were given as a starting point). You must include in the comments an explanation of what the purpose of the code is, the date the code was originally written, and the date the code was last modified must be in the comments. The last date modified must be correct and in the comments.

Policy on Handouts:
The handouts can be downloaded from the Canvas which requires authentication. Handouts with proprietary or copyrighted material will be put on the protected page and should not be made publicly available by students.

Prerequisites: computer networking class, information security class, and programming experience.

There are two required textbooks. We cover lots of really good material and no one textbook has it all. These are excellent references and will serve you well in future jobs or research projects. We will also occasionally review conference and journal publications.

Text One: Required

Industrial Network Security, Second Edition: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems (2nd Edition), by Eric D. Knapp and Joel Thomas Langill, ISBN: 978-0124201149

Text Two: Required

Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure (1st Edition), by Eric D. Knapp and Raj Samani, ISBN: 978-1597499989

Grading
Mini Projects	60%
Final Project	30%
Paper Presentation	10%
Total	100%

Grading Scale
90% - 100%	A
80% - 89%	B
70% - 79%	C
60% - 69%	D
< 60%	F

Responsibility for Material:
Students are responsible for all material in assigned sections of texts and other materials, even if not explicitly covered in lecture. Students are also responsible for all material covered in lecture.

Paper Presentation:
In order to get on the cutting-edge research, you must keep up with recently published papers. To achieve this goal, each student will present a paper in the class. Each Thursday, we will have three presentations. You can either choose your paper from the spreadsheet or find your favorite paper from top security conferences. Looking at the related work section of the recommended papers is a good way to find other papers. Everyone should sign up for presentation. Each presentation should take 20-25 minutes and the relevant discussions/questions will continue on piazza. In order to get the full credit of this section, each student should actively participate in the presentation discussions on piazza as well as giving his/her own presentation. If you could not find any free time slot for your presentation in the spreadsheet, you need to prepare a YouTube video containing your presentation and post its link to piazza before the begining of December.

Final Project:
In this semester, each student will involve in a research project, which should focus on solving open problems in the field of CPS security. Team projects are allowed; but they should have relatively large contributions. The deadline for submitting your project proposal (maximum two pages) is November 1st. You will present the final results of your research work in the last two weeks of the class. Also, you need to submit a final report of your project before December 12th. The best among these projects will likely lead to publications (I will help this happen). You will hear more on this later in the class.

Late Turn-in and Re-grading:
Assignments can be turned in two days after the due date and will be subject to a 20% penalty. The grade for the assignment will be zero after this window. Exams and projects will not be considered for re-grading later than 48 hours after they are returned (or grades released). Re-grading requests should be submitted in writing with a specific explanation of the possible grading error.

Academic Honesty:
Although students are encouraged strongly to communicate with each other to assist in learning the course material, all students are expected to complete course work individually (unless instructed otherwise), following all instructions stated in conjunction with exams and assignments. All conduct in this course will be governed by the Georgia Tech honor code. Additionally, it is expected that students will respect their peers and the instructor such that no one takes unfair advantage of any other person associated with the course. Any suspected cases of academic dishonesty will be reported to the Dean of Students for further action. Please see the school's full policy in here.

Excused Absence Policy
Link

Disability Services Statement
If needed, we will make classroom accommodations for students with documented disabilities. These accommodations must be arranged in advance and in accordance with the Office of Disability Services Link

Link to class Piazza site

A tentative schedule of lectures (subject to change) is provided below.

Class Deliverables

Mini Project 1 (Topic: Design and Implementation of Control Systems) - Assigned: September 16th, Due: September 29th 10pm EST
Mini Project 2 (Topic: PLC Programming - Ladder Logic) - Assigned: September 30th, Due: October 13rd 10pm EST
Mini Project 3 (Topic: Industrial Control Systems Protocols) - Assigned: October 14th, Due: October 27th 10pm EST
Mini Project 4 (Topic: Vulnerability Exploitation and Reconnaissance Tools) - Assigned: November 4th, Due: November 17th 10pm EST
Final Project - Proposal Due: November 1st, 10 pm EST, Presentations Start: November 27th 10pm EST, Final Report Due: December 12th 10 pm EST

Week 1, Aug 21 (Lecture), Aug 23 (Paper Presentation)

Topic(s)/Lecture(s):

L1 - Introduction to Cyber-Physical Systems
L2 - Overview of CPS

Required Readings/Activities:

None

Recommended Readings/Activities:

Olkan Gunes, Steffen Peter, Tony Givargis, and Frank Vahid. A Survey on Concepts, Applications, and Challenges in Cyber-Physical Systems. KSII Transactions on Internet and Information Systems, vol. 8, num. 12, pp. 4242-4268, 2014.
Alvaro Cardenas, Saurabh Amin, Bruno Sinopoli, Annarita Giani, Adrian Perrig, Shankar Sastry. Challenges for Securing Cyber Physical Systems. Workshop on Future Directions in Cyber-physical Systems Security, DHS, July 23, 2009.

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Tohid Shekari
Presentation #2 (3:25pm - 3:50pm): Qinchen Gu
Presentation #3 (3:50pm - 4:15pm): Sizhuang Liang

Week 2, Aug 28 (Lecture), Aug 30 (Paper Presentation)

Topic(s)/Lecture(s):

L3a - Background - Networking
L3b - Background - Information Security
L3c - Background - Control Systems

Required Readings/Activities:

None

Recommended Readings/Activities:

None

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 3, Sep 4 (Lecture), Sept 6 (Paper Presentation)

Topic(s)/Lecture(s):

L4 - Industrial Networks

Required Readings/Activities:

Knapp and Langill (Chapters 1, 2)

Recommended Readings/Activities:

None

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 4, Sep 11 (Lecture), Sep 13 (Paper Presentation)

Topic(s)/Lecture(s):

L5 - Industrial Cyber Security History and Threats

Required Readings/Activities:

Knapp and Langill (Chapters 3)

Recommended Readings/Activities:

None

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 5, Sep 18 (Lecture), Sep 20 (Paper Presentation)

Topic(s)/Lecture(s):

L6 - Introduction to Industrial Control Systems And Operations

Required Readings/Activities:

Knapp and Langill (Chapters 4)

Recommended Readings/Activities:

None

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 6, Sep 25 (Lecture), Sep 27 (Paper Presentation)

Topic(s)/Lecture(s):

L7 - Ladder Logic Demo

Required Readings/Activities:

None

Recommended Readings/Activities:

Various ladder logic tutorials on the web

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 7, Oct 2 (Lecture), Oct 4 (Paper Presentation)

Topic(s)/Lecture(s):

L8 - Industrial Network Design and Architecture

Required Readings/Activities:

Knapp and Langill (Chapters 5)

Recommended Readings/Activities:

None

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 8, Oct 9 (No class - Fall Break), Oct 11 (Paper Presentation)

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 9, Oct 16 (Lecture), Oct 18 (Paper Presentation)

Topic(s)/Lecture(s):

L9 - Industrial Network Protocols

Required Readings/Activities:

Knapp and Langill (Chapters 6)

Recommended Readings/Activities:

Aurabind Pala and Roma Dash. A Paradigm Shift in Substation Engineering: IEC 61850 Approach

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 10, Oct 23 (Lecture), Oct 25 (Paper Presentation)

Topic(s)/Lecture(s):

L10 - Power Delivery Systems (Example Industrial Control System)

Required Readings/Activities:

Knapp and Samani (Chapters 1, 2)

Recommended Readings/Activities:

None

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 11, Oct 30 (Lecture), Nov 1 (Paper Presentation)

Topic(s)/Lecture(s):

L11 - Hacking Industrial Control Systems

Required Readings/Activities:

Knapp and Langill (Chapter 7), Knapp and Samani (Chapter 3)
A. Selcuk Uluagac, Venkatachalam Subramanian, and Raheem Beyah. Sensory Channel Threats to Cyber Physical Systems: A Wake-up Call. IEEE Conference on Communications and Network Security (CNS), October 2014.
Robert M. Lee, Michael J. Assante, and Tim Conway (working with E-ISAC). Analysis of the Cyber Attack on the Ukrainian Power Grid, March 2016.
Stuxnet Video 1
Stuxnet Video 2
Ukraine Video

Recommended Readings/Activities:

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 12, Nov 6 (Lecture), Nov 8 (Paper Presentation)

Topic(s)/Lecture(s):

L12 - Securing Industrial Control Systems

Required Readings/Activities:

Knapp and Langill (Chapter 9), Knapp and Samani (Chapter 6)
Chuck McParland, Sean Peisert, and Anna Scaglione. Monitoring Security of Networked Control Systems: It's the Physics. In the IEEE Security and Privacy Magazine.
David Formby, Preethi Srinivasan, Andrew Leonard, Jonathan Rogers, and Raheem Beyah. Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems. In the Proceedings of the Network and Distributed System Security (NDSS) Symposium, February 2016.
Samuel Litchfield, David Formby, Jonathan Rogers, Sakis Meliopoulos, and Raheem Beyah. Rethinking the Honeypot for Cyber-Physical Systems. In the IEEE Internet Computing Magazine - Special Issue on Cyber-Physical Security and Privacy.

Recommended Readings/Activities:

Specification-based IDS

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 13, Nov 13 (Lecture), Nov 15 (Paper Presentation)

Topic(s)/Lecture(s):

L13 - Privacy in Cyber-Physical Systems

Required Readings/Activities:

Knapp and Samani (Chapter 4)
Mikhail A. Lisovich, Deirdre K. Mulligan, and Stephen B. Wicker. Inferring Personal Information from Demand-Response Systems. IEEE Security and Privacy, Vol. 8(1), pp. 11-20, January 2010.

Recommended Readings/Activities:

Ann Cavoukian, Jules Polonetsky, and Christopher Wolf. Smart Privacy for the Smart Grid: Embedding Privacy Into the Design of Electricity Conservation. Identity in the Information Society, Vol 3., 275-294, 2010.
Jairo Giraldo, Alvaro Cardenas, Eduardo Mojica-Nava, Nicanor Quijano, Roy Dong. Delay and Sampling Independence of a Consensus Algorithm and its Application to Smart Grid Privacy. Proceedings of the 53th Conference on Decision and Control, 2014.
Xiaojing Liao, Preethi Srinivasan, David Formby, and Raheem A. Beyah. Di-PriDA: Differentially Private Distributed Load Balancing Control for the Smart Grid. Xiaojing Liao, Preethi Srinivasan, David Formby, and Raheem Beyah. "Di-PriDA: Differentially Private Distributed Load Balancing Control for the Smart Grid." To appear in the Transactions on Dependable and Secure Computing, 2017.

Paper Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 14, Nov 20 (Lecture), Nov 22 (No class - Thanksgiving day)

Topic(s)/Lecture(s):

L14 - Threats to Cyber-Physical Systems in Other Domains

Required Readings/Activities:

Chen Yan, Wenyuan Xu, David Formby, and Jianhao Liu. Can You Trust Autonomous Vehicles: Contactless Attacks against Sensors of Self-Driving Vehicles. White Paper, 2016.
Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, and William H. Maisel. Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. IEEE Security and Privacy (Oakland), 2008.

Recommended Readings/Activities:

None

Week 15, Nov 27 (Final Project Presentation), Nov 29 (Final Project Presentation)

Tuesday Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Thursday Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3

Week 16, Dec 4 (Final Project Presentation)

Tuesday Presentations:

Presentation #1 (3:00pm - 3:25pm): Student1
Presentation #2 (3:25pm - 3:50pm): Student2
Presentation #3 (3:50pm - 4:15pm): Student3