Sergei Petrenko - Developing a Cybersecurity Immune System for Industry 4.0

RIVER PUBLISHERS SERIES IN SECURITY AND DIGITAL FORENSICS

Series Editors:

WILLIAM J. BUCHANAN

Edinburgh Napier University, UK

ANAND R. PRASAD

wenovator, Japan

R. CHANDRAMOULI

Stevens Institute of Technology, USA

ABDERRAHIM BENSLIMANE

University of Avignon France

Indexing: All books published in this series are submitted to the Web of Science Book Citation Index (BkCI), to SCOPUS, to CrossRef and to Google Scholar for evaluation and indexing.

The River Publishers Series in Security and Digital Forensics is a series of comprehensive academic and professional books which focus on the theory and applications of Cyber Security, including Data Security, Mobile and Network Security, Cryptography and Digital Forensics. Topics in Prevention and Threat Management are also included in the scope of the book series, as are general business Standards in this domain.

Books published in the series include research monographs, edited volumes, handbooks and textbooks. The books provide professionals, researchers, educators, and advanced students in the field with an invaluable insight into the latest research and developments.

Topics covered in the series include, but are by no means restricted to the following:

• Cyber Security
• Digital Forensics
• Cryptography
• Blockchain
• IoT Security
• Network Security
• Mobile Security
• Data and App Security
• Threat Management
• Standardization
• Privacy
• Software Security
• Hardware Security

For a list of other books in this series, visit www.riverpublishers.com

Sergei Petrenko

Innopolis University

Russia

Published 2020 by River Publishers

River Publishers

Alsbjergvej 10, 9260 Gistrup, Denmark

www.riverpublishers.com

Distributed exclusively by Routledge

4 Park Square, Milton Park, Abingdon, Oxon OX14 4RN

605 Third Avenue, New York, NY 10017, USA

Developing a Cybersecurity Immune System for Industry 4.0 / by Sergei Petrenko.

2020 River Publishers. All rights reserved. No part of this publication may be reproduced, stored in a retrieval systems, or transmitted in any form or by any means, mechanical, photocopying, recording or otherwise, without prior written permission of the publishers.

Routledge is an imprint of the Taylor & Francis Group, an informa business

ISBN 978-87-7022-188-7 (print)

While every effort is made to provide dependable information, the publisher, authors, and editors cannot be held responsible for any errors or omissions.

Dear Readers!

The modern development level of information and communication technologies (ICT) realizes the opportunity to take industrial production and scientific research in information security to a fundamentally higher plane, but the effectiveness of such a transition directly depends on the availability of highly qualified specialists. About 5,000 Russian information security specialists graduate every year, whereas the actual industrial demand is estimated at 21,000 per year until 2025. For this reason, the Russian Ministry of Education and Science, along with executive governmental bodies, created a high-level training program, which they continually develop, for the State information security employees. This initiative includes 170 universities, 40 institutions of continuing education, and 50 schools of secondary vocational training. In evaluating the universities performance over 30 academic disciplines, information security has scored the highest for three consecutive years on the Russian Unified State Examination. In addition, employee training subsystems operating in the framework of the Russian Federal Security Service, the Russian Ministry of Defense, the Russian Federal Protective Service, Russian Federal Service for Technical and Export Control, and the Russian Emergencies Ministry of Emergency Situations are similar to the general system for training the information security specialists at the Russian Ministry of Education and Science, which trains personnel according to the concrete needs of individual departments.

Yet, there remains the well-known problem that the vast majority of educational programs in Information security struggle to keep pace with the rapid development in the ICT sphere, where significant changes occur every 6 months. As a result, the existing curricula and programs do not properly train graduates for the practical reality of what it means to efficiently solve modern information security problems. For this reason, graduates often find themselves lacking the actual skills in demand on the job market. In order to ensure that education in this field truly satisfies modern industrial demands, Innopolis University students and course participants complete actual information security tasks for commercial companies as well as governmental bodies (e.g., for the universitys over 100 industrial partners).

Also, Innopolis University students participate in domestic and international computer security competitions, e.g., the game Capture the Flag (CTF), considered to be among the most authoritative in the world.

Currently, Innopolis University trains information security specialists in Computer Science and Engineering (MA program in Secure Systems and Network Design). The program is based on the University of Amsterdams System and Network Engineering program with its focus on information security. In 2013, it was ranked as the best MA program for IT in the Netherlands (Keuzegids Masters 2013), and in 2015 it won the award for the best educational program (Keuzegids Masters 2015). The University of Amsterdam is one of the Innopolis Universitys partners and is included in the Top 50 universities of the world (QS World University Rankings, 2014/2015).

An essential feature of this program is that Innopolis University students take part in relevant research and scientific-technical projects from the beginning of their studies. In solving computer security tasks, students have access to the scientific-technical potential of 3 institutes, 14 research laboratories, and 5 research centers engaged in advanced IT research and development at Innopolis University. This partnership also extends to Innopolis Universitys academic faculty, both pedagogic and research-oriented, which numbers more than 100 world-class specialists. The information security education at Innopolis University meets the core curriculum requirements set out in the State Educational Standards for Higher Professional Education 075 5000 Information Security in the following degrees: Computer Security, Organization and Technology of Information Security, Complex Software Security, Complex Information Security of Automated Systems, and Information Security of Telecommunication Systems. At the same time, high priority is given to the practical security issues of high industrial relevance; however, given the relative novelty of these needs, they remain insufficiently addressed in the curricula of most Russian universities and programs. These issues include the following: