Can Cyber-Informed Engineering Secure the Nation’s Critical Infrastructure?

September 11, 2024
Can Cyber-Informed Engineering Secure the Nation’s Critical Infrastructure?

The digital landscape has irreversibly permeated every sector of our modern life, bringing with it both unprecedented advantages and daunting challenges. One of the most pressing issues today is ensuring the cybersecurity of our nation’s critical infrastructure. This concern came into stark focus after a recent cyberattack on a small water authority near Pittsburgh. This incident, perpetrated by an international terrorist group, is a glaring reminder of our vulnerabilities and the urgent need for advanced protective measures. The recent attack is not an isolated event but part of a growing trend where critical systems such as water utilities, power grids, and communication networks are increasingly being targeted by malicious actors.

The Growing Threat to Critical Infrastructure

Cyber threats targeting critical infrastructure are on the rise, as evidenced by the attack on the Municipal Authority of Aliquippa. Though the assailants targeted a local entity, the potential ramifications were far-reaching, affecting thousands of residents and businesses. This incident has underscored the susceptibility of such systems and the pressing need for innovative cybersecurity solutions. Protecting these vital systems from malicious intent has never been more urgent. The risks associated with cyberattacks on critical infrastructure go beyond mere inconvenience; they pose significant threats to public safety and national security. Therefore, it is imperative to fortify these systems against potential breaches.

The severity of the risks necessitates a multi-faceted approach to cybersecurity, which includes both technological advancements and strategic measures. The interconnected nature of modern infrastructure means that a breach in one sector can have cascading effects on others, amplifying the impact of such attacks. For instance, a compromised power grid can disrupt communication networks, hinder emergency services, and even paralyze critical healthcare facilities. Therefore, the stakes are high, and the solutions need to be robust and comprehensive to mitigate these threats effectively.

Introducing SHURE-Grid: A Collaborative Solution

Recognizing the critical need for enhanced cybersecurity measures, the University of Pittsburgh launched the SHURE-Grid program. SHURE-Grid, which stands for the Summer Honors Undergraduate Research Experience in Electric Grid, aims to tackle these challenges head-on. This program is a synergistic initiative involving the David C. Frederick Honors College, the Swanson School of Engineering, Pitt’s Office of Research, and the Idaho National Laboratory. For 12 weeks each summer, 16 interdisciplinary students work collaboratively to develop cyber-informed engineering (CIE) solutions to secure critical infrastructure. The program seeks to amalgamate expertise from various fields to create a more holistic approach to engineering and cybersecurity.

The SHURE-Grid program is not just an academic exercise; it serves as a practical platform for developing real-world solutions to pressing cybersecurity issues. The collaborative nature of the program ensures that students from diverse academic backgrounds can bring their unique perspectives to the table, fostering innovative solutions. The involvement of industry experts and site visits further enrich the students’ learning experience, providing them with invaluable insights into the practical applications of their theoretical knowledge.

What is Cyber-Informed Engineering?

At the heart of SHURE-Grid lies the concept of cyber-informed engineering, a framework designed by the U.S. Department of Energy in 2022. CIE integrates cybersecurity considerations into the very fabric of the engineering lifecycle, from the initial conception through to the operational phase. This proactive approach ensures that cybersecurity is not an afterthought but a foundational element in the design and operation of energy systems. Emphasizing security at every stage can significantly enhance the resilience of our critical infrastructure. By embedding cybersecurity into the core of engineering practices, the framework aims to create inherently secure systems that are more resistant to cyber threats.

Cyber-informed engineering is a forward-thinking approach that aligns with the evolving landscape of cybersecurity threats. Unlike traditional methods that treat cybersecurity as a separate entity, CIE advocates for a seamless integration of security considerations into all engineering processes. This paradigm shift is essential for building robust systems that can withstand the sophisticated cyberattacks of today and tomorrow. The framework not only focuses on technological solutions but also emphasizes the importance of a secure engineering culture, where every stakeholder is aware of the cybersecurity implications of their actions.

Emphasizing Interdisciplinary Collaboration

A key strength of the SHURE-Grid program is its emphasis on interdisciplinary collaboration. Students from various fields, including electrical and computer engineering, computing and information sciences, film and media studies, neurology, and political science, come together to tackle complex problems. This blend of diverse academic backgrounds fosters a richer educational experience and leads to more comprehensive and innovative solutions. Rob Cunningham, Pitt’s vice chancellor for research infrastructure, stresses the importance of engaging interdisciplinary groups to draw on their collective expertise. This collaborative approach not only enhances the quality of the research but also prepares students for the complexities of real-world challenges.

The interdisciplinary nature of the SHURE-Grid program mirrors the multifaceted nature of cybersecurity threats. By bringing together students from different fields, the program encourages a holistic approach to problem-solving. Each participant contributes their unique perspective, creating a more nuanced understanding of the challenges and potential solutions. This collaborative environment not only benefits the students but also enriches the overall outcomes of the program, leading to more effective and innovative cybersecurity solutions.

Real-World Application and Industry Engagement

SHURE-Grid is not confined to theoretical learning. The program includes practical, hands-on experiences that bridge the gap between academic knowledge and real-world application. Students work on case studies addressing specific vulnerabilities, such as those found in circuit breakers. They also engage in site visits and industry meetings. For instance, a visit to Mitsubishi Electric allowed students to observe the manufacturing process of circuit breakers. These experiences provide invaluable insights into how theoretical vulnerabilities can be practically addressed in industry settings. This practical exposure is essential for understanding the complexities of real-world systems and the challenges involved in securing them.

The hands-on experiences are a critical component of the SHURE-Grid program, providing students with a deeper understanding of the practical aspects of cybersecurity. These interactions with industry experts and site visits help students connect their theoretical knowledge with real-world applications, making their learning experience more comprehensive. The insights gained from these practical experiences are invaluable, equipping students with the skills and knowledge needed to develop effective cybersecurity solutions for critical infrastructure.

Broadening the Curriculum

In its second year, SHURE-Grid has expanded to include students from more than just engineering and computer science backgrounds. This diversification aims to provide a more holistic understanding of cybersecurity issues. By involving students from 10 different majors, the program encourages a multifaceted approach to problem-solving, acknowledging that the complexities of cyber threats require a comprehensive understanding that spans multiple disciplines. This broader curriculum aims to equip students with a diverse skill set, enabling them to tackle cybersecurity challenges from various angles.

The inclusion of students from different academic backgrounds enriches the SHURE-Grid program, fostering a more comprehensive approach to cybersecurity. By bringing together students from fields as diverse as film and media studies to political science, the program encourages a broader perspective on the issues at hand. This diversity in academic backgrounds not only enhances the quality of the solutions developed but also prepares students for the interdisciplinary nature of real-world cybersecurity challenges.

Understanding Organizational Culture and Policy

Recognizing that technology alone isn’t enough, SHURE-Grid also focuses on organizational culture and policy. Ravi Madhavan from the Katz Graduate School of Business leads discussions on these themes, helping students grasp how organizational dynamics can significantly impact technology implementations. This holistic approach ensures that the cybersecurity solutions developed are not only technically sound but also practically viable within organizational contexts. Understanding the interplay between technology and organizational culture is crucial for developing effective cybersecurity strategies.

The focus on organizational culture and policy is a unique aspect of the SHURE-Grid program, highlighting the importance of a comprehensive approach to cybersecurity. By understanding the organizational dynamics that influence technology implementations, students can develop more effective and sustainable solutions. This focus on the non-technical aspects of cybersecurity is essential for creating a comprehensive understanding of the challenges and solutions, preparing students for the complexities of real-world scenarios.

Educational Outcomes and Industry Impact

The digital revolution has forever changed every aspect of our modern lives, offering both groundbreaking benefits and significant obstacles. One of the most urgent concerns today is securing the cybersecurity of our nation’s key infrastructure. This issue came into sharp focus following a recent cyberattack on a small water authority near Pittsburgh. Carried out by an international terrorist group, this attack serves as a stark reminder of our vulnerabilities and the critical need for advanced protective measures.

This recent cyberattack is only one of many, illustrating a disturbing trend where essential systems, including water utilities, power grids, and communication networks, are increasingly targeted by malicious actors. These attacks highlight a growing threat to our critical infrastructure, posing potential risks not only to national security but also to public safety and economic stability. Addressing this pressing issue requires a multi-faceted approach, including stronger cybersecurity policies, advanced technologies, and greater collaboration between public and private sectors to safeguard our critical systems.

Subscribe to our weekly news digest.

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for Subscribing!
We'll be sending you our best soon!
Something went wrong, please try again later