Intelligent Automation for Cyber Ready Industrial Control Systems Training Program for Safe and Secure Shipbuilding Operations

Researchers will develop experiential learning modules to aid in the implementation of Hybrid Intelligent Automation (HIA) to protect Industrial Control Systems (ICS). Taurus TeleSys will provide hardware and software support for a digital twin+ emulator for industrial control systems to fine-tune performance and ensure cybersecurity.

Funded by the CCI Hub

Project Investigators

• Principal Investigator (PI): Sachin Shetty, Old Dominion University (ODU) Virginia Modeling, Analysis, and Simulation Center (VMASC)
• Co-PI: Md Shirajum Munir, ODU School of Cybersecurity 
• Co-PI: Le Thanh Tan, Hampton University Department of Electrical and Computer Engineering

Rationale and Background

Secure ICS (SICS) have a tremendous impact in commercial, government, and military sectors due to advances in machine learning, Internet of Things, and autonomy technologies. 

The shipbuilding industry needs efficient methods to protect sensitive data and prevent malicious attacks. Another challenge is ensuring the security of cyber-infrastructure within interconnected systems that improve operational efficiency but increase potential entry points for attacks. 

Successful cyber-attacks on processes underpinning ICS can create severe disruptions in all aspects of shipbuilding operations.

Methodology

Learning modules will teach students to create a robust cybersecurity monitoring response capability for Secure ICS. 

Researchers will:

• Design learning modules in a spiral process and provide hands-on training. 
• Develop an Application Whitelisting (AWL) strategy to detect and prevent attempted execution of malware uploaded by adversaries for a secure ICS. 
• Design course content of adversary-target unpatched systems for configuration/patch management. 
• Design a best practice guideline to reduce the scope of attack surface in ICS of shipbuilding operations. 
• Design guidelines to limit damage from network perimeter breaches. 
• Develop a mandatory best practice checklist to manage authentication of ICS services and usage. 
• Develop a best practice guideline to secure remote access of ICS.
• Design a learning module describing a monitoring and response strategy to secure ICS of shipbuilding operations.

Projected Outcomes

Researchers will develop learning modules to support training undergraduate students and Newport News Shipbuilding personnel, who will:

• Gain hands-on skills for safe and secure shipbuilding operations toward an intelligent cyber-ready ICS.
• Understand the process of applying the Cybersecurity compliance process in Industrial Control Systems.
• Gain insights into conducting cybersecurity compliance in a confidential and air-gapped process.
• Understand the impact of exploiting vulnerabilities in Industrial Control systems to NNS operations.
• Learn the cybersecurity workflow process for ICS.
• Identify best practices for securing ICS in NNS.
• Augment NNS operation standards with cybersecurity processes. 

As a result, the current 12-month timeline to achieving Authority to Operate (ATO) will be drastically reduced with an operationalized HIA capability.