TY - GEN
T1 - The Power of Hands-On Exercises in SCADA Cyber Security Education
AU - Sitnikova, Elena
AU - Foo, Ernest
AU - Vaughn, Rayford B.
PY - 2013
Y1 - 2013
N2 - For decades Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) have used computers to monitor and control physical processes in many critical industries, including electricity generation, gas pipelines, water distribution, waste treatment, communications and transportation. Increasingly these systems are interconnected with corporate networks via the Internet, making them vulnerable and exposed to the same risks as those experiencing cyber-attacks on a conventional network. Very often SCADA networks services are viewed as a specialty subject, more relevant to engineers than standard IT personnel. Educators from two Australian universities have recognised these cultural issues and highlighted the gap between specialists with SCADA systems engineering skills and the specialists in network security with IT background. This paper describes a learning approach designed to help students to bridge this gap, gain theoretical knowledge of SCADA systems' vulnerabilities to cyber-attacks via experiential learning and acquire practical skills through actively participating in hands-on exercises.
AB - For decades Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) have used computers to monitor and control physical processes in many critical industries, including electricity generation, gas pipelines, water distribution, waste treatment, communications and transportation. Increasingly these systems are interconnected with corporate networks via the Internet, making them vulnerable and exposed to the same risks as those experiencing cyber-attacks on a conventional network. Very often SCADA networks services are viewed as a specialty subject, more relevant to engineers than standard IT personnel. Educators from two Australian universities have recognised these cultural issues and highlighted the gap between specialists with SCADA systems engineering skills and the specialists in network security with IT background. This paper describes a learning approach designed to help students to bridge this gap, gain theoretical knowledge of SCADA systems' vulnerabilities to cyber-attacks via experiential learning and acquire practical skills through actively participating in hands-on exercises.
KW - Critical infrastructure
KW - Curriculum
KW - Cybersecurity
KW - Experiential learning
KW - Industrial control systems
KW - Scada
KW - Security laboratory
UR - http://www.scopus.com/inward/record.url?scp=84890723458&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-39377-8_9
DO - 10.1007/978-3-642-39377-8_9
M3 - Conference contribution
AN - SCOPUS:84890723458
SN - 9783642393761
T3 - IFIP Advances in Information and Communication Technology
SP - 83
EP - 94
BT - Information Assurance and Security Education and Training
A2 - Dodge Jr., Ronald C.
A2 - Futcher, Lynn
T2 - 8th IFIP WG 11.8 World Conference on Information Security Education, WISE 8
Y2 - 8 July 2013 through 10 July 2013
ER -