Education

The dynamics of change in security threats are the public concerns and the utilities aim to be the forefront in anticipating the imminent attacks. Typically, an organization has established their Information Technology (IT) business management and standards. However, complying North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards has always been a challenge as it requires an ongoing update of best practice for utility’s engineering workforce to understand residual cyber risks and potential impacts of a catastrophic incident. Cross-training cultivation among the two professional groups is becoming an important subject in compliance. The aim is to (i) establish ongoing cybersecurity training for cross-domain interdisciplinary knowledge of cyber-physical systems (CPS) security; (ii) understand cyber risks and potential impacts on the physical network with quantifiable metrics, which promote common language in communication between the IT specialists and control engineers in terms of compliance and effective implementation of security protection; and (iii) extract anomalous statistics that can be discerned as part of the mean-time-to-compromise (MTTC) determination.

Courseware Modules

The following courseware is offered via Michigan Tech:

  1. Electric Circuit I (EE2111)
  2. Electric Circuit II (EE2112)
  3. Power System Analysis II (EE4222)
  4. Distribution Engineering I (EE5250)
  5. Distribution Engineering II (EE5251)
  6. Energy Control Center Application (EE5900-01)
  7. Power System Dynamics and Stability (EE6210)


NERC CIP TRAINING

The team evangelizes the security importance of quantitative tutorials for critical infrastructure protection to present the cases of network architecture and how an appropriate security technology is needed for in-depth defense. We have the strong establishment in research on the aspects of power grid operation where it can be very useful in planning in terms of investment priority and strategic defense against cyber manipulation. We also establish a new program on insurance estimate where evaluate the cyber-physical health of a supervisory control and data acquisition (SCADA) network and residual risks associated with the critical cyber assets of IP-based substations and control center.