|May 19 - 21, 2022|
hosted by Minnesota State University
Mankato, MN, USA
|2022 IEEE INTERNATIONAL CONFERENCE on |
Dr. Vivek Varma is a business technology professional offering over 20 years of demonstrated career success in delivering technology-enabled business transformations to Fortune clients, and federal and state governments. He possesses extensive consulting and industry experience in the delivery of digital solutions, intelligent automation, and program management for Consumer and Industrial Products, Financial Services and Power and Utilities industries. He currently focuses on managing and delivering platform data services to global clients at NielsenIQ.
He is a Senior IEEE member and has presented his work at several international conferences. He has built and worked with world-class inter-disciplinary teams across US, India, Australia and Japan. He serves on the Boards of several volunteer organizations. He holds BS and MS degrees in Engineering from the Indian Institute of Technology (IIT) Roorkee, and PhD from The University of Melbourne in building Decision Support System for Sustainable Development
Building Cloud Applications Using Distributed Architecture
Goal of the workshop is to familiarize participants with the cloud-based distributed architecture approach to build scalable and high-performance applications.
A few representative industry examples will be taken to demonstrate the practical application by utilizing market leading technology and tools.
Workshop will be of 2 hours duration and includes hands-on exercises for participants. Participants will need access to personal computer.
Basic understanding of developing software and programming concepts is necessary for full appreciation of the workshop material.
Dr. Lahdhiri received the degree of MS-EE in Communication Systems in 1990 and the PhD degree in Control Systems in 1995. Dr. Lahdhiri is currently working for General Motors LLC in Warren, Michigan, where he is holding the position of Strategy Leader for Real-Time Control Systems Simulations and Automation within the Global Validation Department.
Dr. Lahdhiri is a licensed Professional Engineer (PE) in the State of Michigan, licensed Project Management Professional (PMP) by the Project Management Institute (PMI), and Master Black Belt DFSS certified by General Motors LLC.
Dr. Lahdhiri authored and co-authored over 16 journal papers and 35 conference papers and his areas of interest include Control Systems, Systems Engineering, Real-Time Modeling and Simulation, and Engineering Management.
Dr. Lahdhiri is a Senior IEEE member and has been leading several activities within the IEEE organization. Currently, he is the IEEE Region 4 (Central USA) PACE Chair, member of the IEEE-USA Career Professional Development (CPD). Recently, Dr.Lahdhiri held the position of IEEE-USA Vice President of Career Member Services (2018-2019)
Electronic Control Units Development: V-Cycle
This workshop introduces the V-Cycle for the development of Electronic Control Units (ECU) in industrial applications. The workshop will explain the different phases of the V-cycle: Starting with the requirements, Modeling, rapid-prototyping, Code generations, Hardware-in-the-loop (HIL) testing, and calibration.
Participants will learn basic techniques and tools used in the V-cycle. The workshop will include several examples related to automotive applications.
Mariana Hentea earned her PhD and MS in Computer Science, MS in Computer Engineering, and BS in Electrical Engineering. She holds a CISSP certification from ISC2. Her current research is focused on Smart Grid and DER systems, real-time systems security and performance, network security design and architecture, and use of Artificial Intelligence techniques for information security management, security risk management, network management, and process control. As a member of IEEE Standards Association, she promotes Security and Privacy awareness to Engineers, managers, regulators, and consumers. She is a member of IEEE Smart Grid, IEEE Power & Energy Society, IEEE Computer Society, ISC2 and ISSA organizations. Her book Building an Effective Security Program for Distributed Energy Resources and Systems: Understanding Security for Smart Grid and Distributed Energy Resources and Systems was published by Wiley in April 2021.
Assessing Security Posture Using Security Metrics
Several reports describe the challenges of security metrics of the electricity sector in US. A comprehensive list includes issues such as:
Since the energy sector is facing increasing threats and protection of the power grid against cyber attacks is critical, there are needs for effective security metrics, modeling, and assessment tools that aid organizations to assess their security posture and plan for improvements to reduce the risks.
The needs for developing cybersecurity metrics for energy sector and power grid in US are recognized by organizations and DOE has been addressing these issues by promoting recommendations to implement the NIST Cybersecurity Framework and other standards.
There is a need for development of strong and consistent metrics, testing guidelines, and certification processes to create measurable successes for control system security. Clear and consistent metrics are needed for both business and control systems, and mandatory baseline security requirements should be established. In the long term, the organizations need to develop systems that automate cybersecurity state monitoring and remediation, similarly to the way in which the electricity sector currently automates and manages energy delivery operations.
Information security metrics are an important factor in making sound decisions about various aspects of security, ranging from the design of security architectures and controls to the effectiveness and efficiency of security operations.
This tutorial addresses different categories of security metrics and areas of use that could help organizations establish, assess, and maintain secure systems. Also, the tutorial identifies one important area - the collection of security measurements including challenges such as the confidence and uncertainty of derived metrics needed for the analysis of the security posture of an organization or of system implementation and operational environment.
Security events are difficult to measure in practice due to their inherent existence of uncertainty. The uncertainty can be derived from multiple reasons. First, unknown attack behaviors are hard to be accurately predicted by a defender. Second, uncertainty is often caused by estimation errors in that observed evidence does not necessarily reflect an actual system state because the observation of the security state is imperfect due to detection errors or inherent noises.
Therefore, measurable security involves many areas, at minimum includes software assurance, application security, asset management, supply chain risk management, cyber intelligence threat analysis, cyber threat information sharing, vulnerability management, patch management, configuration management, malware protection, intrusion detection, system assessment, incident coordination, enterprise reporting, remediation.
Security metrics can be an effective tool for security management to identify the effectiveness of various components of the security program, system, product or process, and the ability of security team within an organization to address security issues for which they are responsible.
Effectiveness/Efficiency metrics are very important because they are used to determine whether program level processes and system level security controls have been implemented correctly, operate as intended, and achieve their expected outcomes. Effectiveness/Efficiency metrics reflect two aspects of the results of security control implementation: the robustness of the result itself and impact to defend an asset (e.g., its effectiveness), and the timeliness of the result (e.g., efficiency).