Course content

- Critical Infrastructures and Information Infrastructures

- Threat Actors and Agents in Critical Infrastructures

- Infrastructure Modelling, Robustness, and Dependencies

- Cyber-Physical Systems and their Security

- Control Systems Security

- Selected Aspects of Critical Telecommunications Infrastructure Security and Resilience

- Selected Aspects of Power Networks and Generation Infrastructure Security and Resilience

- Selected Aspects of Oil and Gas Infrastructure Security and Resilience

- Selected Aspects of Transportation Infrastructure Security and Resilience

Learning outcome

Knowledge:

- Advanced knowledge of core concepts of critical information infrastructures and general critical infrastructure as well as their dependencies

- Advanced understanding of infrastructure and infrastructure robustness models

- Advanced knowledge of cyber-physical systems and control systems security

Skills:

- Ability to analyse threat modelling approaches and to assess their suitability for a given set of threat sources and agents

- Ability to critically analyse existing theories and methods for the study of cyber-physical systems security and to independently apply such methods to related problems

- Ability to carry out research in selected areas of infrastructure security and resilience under guidance and supervision

- Ability to identify and critically analyse primary research literature on critical infrastructure security and to apply appropriate scientific reasoning

General competence

- Ability to apply knowledge of concepts and methods of analysing security and resilience of infrastructures to new fields

- Capability to discuss academic and professional topics in the field of modelling and securing selected critical infrastructures both with a specialist and general audience

- Critical understanding of professional and ethical, including research ethics, issues in the field of critical infrastructure security

Learning methods and activities

• Essay
• Lectures
• Project work
• Reflection

Additional information:

• Lectures, term paper, project work, and reflection.
• The course will be made accessible to both campus and remote students, the latter on a best-effort basis. Lectures will be given on campus Gjøvik and recorded if possible with lecture notes and recordings made available via the online learning management system.
• Candidates are expected to select a topic for a term paper and perform independent study on an active research area connected to the topics covered in the module.

Compulsory requirements: None

Specific conditions

Required previous knowledge

As EVU course a Bachelor degree and 2 year relevant work experience is requiered.

Course materials

Books:

• E.D. Knapp: Industrial Network Security . Elsevier (2011)M. Newman: Networks . Oxford University Press (2010)
• K. Stouffer, V. Pilliteri, S. Lightman, M. Abrams, A. Hahn: NIST SP800-82Rev2: Guide to Industrial Control Systems Security . U.S. National Institute of Standards and Technology (2015)
• G. Sorelo, M. Echols: Smart Grid Security . CRC Press, 2012
• Setola, Lopez, Wolthusen: Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defence . Lecture Notes in Computer Science Vol. 7130, Springer-Verlag (2012)

Credit reductions