ENGIN 444: Cyber-Physical Systems Security (Spring 2026)

Course Description

This course delves into the intricate realm of security within Cyber-Physical Systems (CPS), focusing particularly on energy systems. It provides a comprehensive understanding of security fundamentals spanning across the physical layer as well as the intricate cyber layer of CPS. Through a blend of theoretical foundations and practical applications, students will explore the critical interplay between physical infrastructure and digital systems, gaining insight into the unique security challenges that arise in this domain. Emphasis will be placed on practical applications and hands-on lab exercises will be utilized to complement the lecture material.

The course is structured to provide a progressive learning experience, beginning with foundational cybersecurity concepts and gradually advancing to more complex topics. The curriculum encompasses a mix of lectures, interactive weekly discussions, case studies, and practical take-home assignments to cater to diverse learning styles.

Credit Hours: 3

Class Meetings: The class meets twice per week for 75 minutes

Prerequisites

CS 240 or CS 109, and ENGIN 344 or ENGIN 342 (pre- or co-requisite), or permission of the instructor

The course is mostly self-contained and will present the essential technologies needed to gain a qualitative comprehension of the security environment within industrial Cyber-Physical Systems, prioritizing breadth of understanding over quantitative analyses. It is assumed that the students are familiar with and have a good background using at least one programming language, such as C, C++, Python, or MATLAB.

Course Objectives

This course will provide:

  • An introduction to Cyber-Physical Systems (CPS) and their significance for critical infrastructure operations.
  • An overview of security principles and challenges in CPS, with a focus on energy systems.
  • Essential tools for the analysis of attack vectors and vulnerabilities in industrial CPS processes.
  • Strategies for risk assessment, threat modeling, and security architecture design in CPS.
  • Survey of regulatory frameworks and standards governing CPS security.
  • Hands-on laboratory exercises utilizing ethical hacking and reverse-engineering tools for security investigations.
  • A presentation of case studies and real-world examples to illustrate key concepts and security best practices. What are Cyber-Physical Systems and their significance for critical infrastructure operations

Student Outcomes

By the end of the course, students will emerge with a robust understanding of CPS security principles, equipped to address the evolving challenges in safeguarding critical infrastructure against cyber threats. Specifically, students:

  • will develop an understanding of the complexities involved in designing, analyzing, and securing CPS, including inherent challenges, common security practices, and distinctions from traditional enterprise systems, while also cultivating the ability to apply engineering design to produce solutions meeting specified security needs, considering public safety, privacy, as well as global, social, and economic factors.
  • will investigate system design, monitoring, scheduling, management, and control challenges across the entire lifecycle of CPS implementations.
  • via weekly discussions, will acquire expertise in proficiently communicating with various cybersecurity professionals and diverse audiences creating a collaborative and inclusive environment.
  • will engage with CPS components and protocols, conduct vulnerability assessments on mission-critical CPS systems, and formulate resilient CPS architectures capable of withstanding potential attacks, demonstrating an ability to identify, formulate, and solve complex engineering problems through the application of principles from engineering, science, and mathematics.
  • via hands-on lab assignments, will gain the capacity to employ newly acquired knowledge, facilitate and execute experiments, analyze and interpret data, and utilize engineering judgment to deduce conclusions pertaining to the cybersecurity and resilience of the fundamental critical systems under scrutiny.

Resources and Other Requirements

  • Instructor’s lecture notes and handouts
  • A number of relevant papers from recent journal publications and conference proceedings
  • A desktop or laptop computer is required

There is no mandated textbook. Recommended books include:

  • "Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT" by C. J. Brooks and P. A. Craig
  • "Cybersecurity of Industrial Systems (Systems and Industrial Engineering)" by J. M. Flaus
  • "Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems" by E. D. Knapp and J. T. Langill
  • "Cyber-Physical Attacks: A Growing Invisible Threat" by G. Loukas
  • "Industrial Cybersecurity: Efficiently monitor the cybersecurity posture of your ICS environment" by P. Ackerman.
Ioannis (Yannis) Zografopoulos

Assistant Professor
University of Massachusetts (UMass) Boston

zografop [at] gmail [dot] com

i [dot] zografopoulos [at] umb [dot] edu

Google Scholar
Scopus
ORCID
Publons
DBLP
ArXiv
Twitter
LinkedIn
ResearchGate
ResearchID