The power of hands-on exercises in SCADA cyber security education
Date
2013
Authors
Sitnikova, E.
Foo, E.
Vaughn, R.B.
Editors
Jr, R.C.
Futcher, L.
Futcher, L.
Advisors
Journal Title
Journal ISSN
Volume Title
Type:
Conference paper
Citation
IFIP Advances in Information and Communication Technology, 2013 / Jr, R.C., Futcher, L. (ed./s), vol.406, pp.83-94
Statement of Responsibility
Conference Name
8th IFIP WG 11.8 World Conference on Information Security Education (8 Jul 2013 - 10 Jul 2013 : Auckland, New Zealand)
Abstract
For decades Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) have used computers to monitor and control physical processes in many critical industries, including electricity generation, gas pipelines, water distribution, waste treatment, communications and transportation. Increasingly these systems are interconnected with corporate networks via the Internet, making them vulnerable and exposed to the same risks as those experiencing cyber-attacks on a conventional network. Very often SCADA networks services are viewed as a specialty subject, more relevant to engineers than standard IT personnel. Educators from two Australian universities have recognised these cultural issues and highlighted the gap between specialists with SCADA systems engineering skills and the specialists in network security with IT background. This paper describes a learning approach designed to help students to bridge this gap, gain theoretical knowledge of SCADA systems’ vulnerabilities to cyber-attacks via experiential learning and acquire practical skills through actively participating in hands-on exercises.
School/Discipline
Dissertation Note
Provenance
Description
Access Status
Rights
Copyright 2013 IFIP International Federation for Information Processing