Faculty of Technical Sciences

Subject: Information and Operation Security in Infrastructure Systems (17.ESI127)

General information:
 
Category Professional-applicative
Scientific or art field Primenjeno softversko inženjerstvo
ECTS 6

Students learn about the application of techniques and methods for securing information and operation technologies (IT/OT). Students should apply acquired knowledge in anaysis, study and solving real problems.

Knowledge of methods and technologies for securing information and operation technologies (IT/OT). The students are able to use security methods and technologies, create a software for data protection in IT/OT system, design and implement mechanisms for authentication and access control for IT/OT systems, and to establish secure communication between IT/OT segments. The student is trained to analyze, study and solve real problems using the acquired knowledge.

Introduction to security of information and operation technologies (IT/OT): definition, basic concepts, security requirements. Threat modelling and risk analysis. Cryptography: introduction, basic concepts, cryptographic protocols, algorithms, digital signatures, digital certificates. PKI infrastructure: key management, establishment of PKI. Authentication: single-factor authentication, attacks, Kerberos, OAuth authentication. Access control: concepts, elements, mechanisms and models of access control. Application of security concepts at the operation, application and network level. Security of SCADA systems: basic concepts, components of SCADA systems, secure protocols, vulnerabilities and attacks on SCADA infrastructure, methods and technologies for protection of SCADA systems. Monitoring of IT/OT systems: logs, network traffic, security events, correlation of events, alarming and SIEM (security information and event managemen). Standards for critical infrastructure protection: NIST –800-53, NIST – 800-82, NERC-CIP, ISO 27000, ISO 27019.

Lectures. Computer practice. Consultations. The student is obliged to independently do the project and write a seminar paper.

Authors Title Year Publisher Language
William Stallings Cryptography and Network security Principles and Practice, seventh edition 2016 Pearson English
Knapp, E.D., Langill, J.T. Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems 2015 Elsevier English
Pascal Ackerman Industrial Cybersecurity: Efficiently secure critical infrastructure systems 2017 Packt Publishing English
Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A. Handbook of Applied Cryptography 1997 CRC Press, New York English
Clint Bodungen, Bryan L. Singer, Aaron Shbeeb, Kyle Wilhoit, Stephen Hilt Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions 2016 McGraw-Hill Education English
David F. Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli Role-Based Access Control, Second Edition 2007 Artech House English
Course activity Pre-examination Obligations Number of points
Term paper Yes Yes 20.00
Project Yes Yes 50.00
Theoretical part of the exam No Yes 30.00
API Image

Prof. Kupusinac Aleksandar

Full Professor

Lectures

Asst. Prof. Dalčeković Nikola

Assistant Professor

Computational classes

Assistant - Master Petrović Nikola

Assistant - Master

Computational classes

Faculty of Technical Sciences

© 2024. Faculty of Technical Sciences.

Contact:

Address: Trg Dositeja Obradovića 6, 21102 Novi Sad

Phone:  (+381) 21 450 810
(+381) 21 6350 413

Fax : (+381) 21 458 133
Emejl: ftndean@uns.ac.rs

© 2024. Faculty of Technical Sciences.