Advisor:   Mark Nelson | marknels@hawaii.edu

Prerequisites:  An interest in Cybersecurity and/or SCADA systems. The following classes are beneficial, but not required:• EE 406 Intro to Computer and Network Security• EE 445 Intro to Machine Learning

Courses:  EE396 and EE496

Focus:  

Description:  
CENG/EE Majors, 2-3 Credits, Max 15 students
Format: Hybrid: 2x75-minute sessions/week - Usually online. Sessions will consist of lectures, unstructured lab time, individual feedback of work, datacenter tour and directed research.
This is a CAPSTONE project where students will: 1. Use Artificial Intelligence & Machine Learning techniques to develop an automated signature-based intrusion detection system. 2. Administer legacy SCADA equipment using Zero-Trust techniques.
One of the challenges of Operational Technology SCADA is the fact that a lot of the equipment is in the field. This presents two challenges for security professionals: 1) SCADA equipment uses unique, sometimes nonstandard protocols, that are not globally routable like the Internet; 2) Administering& monitoring remote, (somewhat) air-gapped SCADA networks.
This CAPSTONE will start with a SCADA lab in the UH ITS datacenter. Students will be given a tour of the equipment, drawings and enough access to develop & validate critical cyber terrain. Based on this analysis, students will design and deploy sensors on the remote network to flow data to a signature-based IDS (Intrusion Detection System). As a class, we will then use AI/ML techniques to automatically create both permissive and restrictive signatures on the remote SCADA network.
A second goal of this lab is to explore tools, techniques and procedures for administering legacy SCADA equipment using Zero-Trust processes. Students will learn about Zero-Trust techniques and the capabilities of the equipment in the lab. Students will be expected to propose and implement changes to the lab that bring it closer to a Zero-Trust architecture. Furthermore, they may propose changes to Zero-Trust architectures that support the unique requirements of SCADA and Operational Technology systems.