Skip to main content

Industrial Control System Cybersecurity

Dr. Shahram Jahani

University of Central Florida

Monday, March 20, 2019
12:45PM – 13:45PM – HEC 356

Biography

Dr. Shahram Jahani holds a Ph.D. in Computer Science with a specialization in cryptography and high performance computation. Since January 2016, he has worked as an adjunct faculty in the Department of Computer Science at UCF, teaching a variety of courses in Programming, Security, Mathematics, and others. He has six years of experience in academic research as a research assistant at University of Science, Malaysia, authoring several peer-reviewed papers in high performance cryptography and number theory based cryptography. At Florida Data Analysis Services (FLDAS.com), he directed a website, consulted on research, and served as a data analyst for 4 years. Dr. Jahani also has 13 years of varied experience at BAREZ Industrial Group, Iran’s largest tire manufacturer, including positions as manager of electrical department, inspection, programming and engineering department, and vice director of the maintenance department.

Abstract

Industrial control systems (ICSs) are an essential part of critical infrastructures such as electricity, water, gas, transportation, and more. ICSs are also found in many manufacturing industries such as chemical, pharmaceutical, food, automotive, and aerospace in which they help increase the productivity, flexibility and quality of the final product while reducing the cost of production. Although ICSs can have very crucial roles in the industries, they often are not very secure. This lack of security stems from multiple factors. The main factor is that ICSs are designed with a ‘Security by Obscurity’ approach. This approach relies on the belief that the secrecy of design and implementation of the systems or components provides security. Another factor is that many industrial control systems or components in use don’t even use or have the capability of elementary security measures such as password protection and encryption. With this lack of security comes a high risk of cyber-attacks. Research has shown that companies underestimate the impact of this risk. This presentation will start with a brief overview of ICS, their applications, and also their security issues. The focus of the presentation will be on the current state of industrial cybersecurity and the strategy of “defense in depth” as a security approach against of the industrial cyber-attacks.