A. Describe the security problem under investigation.
1. Explain the importance of the security problem, including background information and the environment in which the problem exists.
2. Provide documentation related to the security problem demonstrating the need for a solution, referencing applicable white papers or articles.
3. Summarize each root cause of the problem in the identified environment where the security problem is situated, including supporting evidence, if applicable.
B. Summarize each internal and external project stakeholder role by including each of the following:
• individual stakeholder implementation involvement and associated individual needs
• how the security problem affects the stakeholder
• stakeholder influence on the projects’ objectives and outcomes
C. Describe the historical data used to support decision-making throughout the project (e.g., vulnerability scans, penetration testing, testing or validation scenarios, audit results, etc.).
D. Provide a detailed explanation of the project requirements to implement the solution.
1. Describe the industry-standard methodologies guiding the solution’s design and development.
2. Describe the project launch, including all phases of the rollout, the criteria used to determine the conclusion of implementation, and the project management methodology for implementation.
3. Describe the likelihood of all implementation risks and their impact on the project.
E. Describe the training approach, including the audience, delivery, content, and duration.
F. Describe the required resources necessary to execute each project phase, and provide sources for all costs.
G. Describe all final project deliverables associated with the design and development of the technology solution.
1. Estimate the projected timeline, including each of the following:
• each milestone and its duration
• start and end dates
• resources assigned to each task
H. Detail the project evaluation approach that will be used to assess the project, addressing the following:
1. Describe the formative and summative test plans for the solution, including all required procedures and tools.
2. Describe the minimal acceptance criteria and key performance indicators for project acceptance as they align with your formative and summative test plans.
3. Justify the test cases and scenarios in the environment of the security problem being addressed.
4. Explain how you will analyze your results.
I. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
DDN1: Capstone Topic Approval and Release Forms
Cybersecurity Graduate Capstone
Topic Approval Form
The purpose of this document is to help you clearly state the research question for this capstone project, as well as your project’s scope and timeline, to ensure these align with your degree emphasis. While you may not have a complete and realistic overview of your project at this time, the acceptability of your project for the purposes of this course cannot be accurately assessed without clearly defining each of these areas. Many students use a project they have already completed within the past two years. If you choose a finished project, you will write the proposal as if the project is not yet complete. Then, when you report on your project, use your complete after-implementation report.
If you have not yet started your project, this document can help ensure the scope is in the acceptable range for this capstone. An instructor must approve this form before you submit your capstone for evaluation. The task will not be evaluated without an instructor’s signature. The instructor may ask for additional information before approving the form.
Capstone Project Name: Evaluating Compensating Controls for Insecure SCADA Protocols
Project Topic: Assessing the security risks of legacy SCADA protocols and proposed mitigations
Summary of the Problem: Supervisory Control and Data Acquisition, otherwise known as SCADA, systems are the primary source of technology that manages sensitive and critical infrastructure such as power generation, oil/gas operations, water treatment, and many manufacturing applications. It is extremely common to see the use of legacy and insecure communication protocols such as Modbus and DNP3. When initially designed, security was not taken in to consideration so commonly lack authentication, encryption, and data integrity verification. If these protocols were used freely in modern systems, they would be prone to man-in-the-middle attacks, tampering, and even unintended command execution. Being a multibillion-dollar industry, this could be a prime target vector for malicious threat actors. Risk rapidly increases as interconnectedness and remote access become more and more prevalent. Across the U.S., there have been countless incidents involving SCADA systems including the Colonial Pipeline Ransomware Attack, Bowman Dam, and several water sector intrusions. It is extremely paramount that proper security measures are in place to mitigate, as much as possible, the possibility of disrupting our critical infrastructure.
Outline of a Technology-Supported Security Solution: Using network segmentation with the Purdue Model as a framework, deployment of industrial firewalls capable of deep packet inspection (NGFWs), intrusion detection systems, continuous monitoring, and implementing VPN solutions for remote access.
Context: Explain why the situation or question would benefit from your security solution. The dated protocols are an absolute requirement for some of these SCADA systems to functions correctly. The implementation of a new technology often isn’t immediately possible so compensating controls must be put in place to optimize the strength of cybersecurity. Since systems must be run and technology can’t be altered, defense in depth is best practice.
Stakeholders: Identify the project stakeholders. Stakeholders include SCADA operators, SCADA owners, SCADA engineers, IT, incident response teams, C-suite personnel, and risk management
Project Plan: Describe the project plan, scope, goals, and objectives. Project plan: Describe SCADA systems and where they are used, identify security weaknesses, risks associated with the weaknesses, introduce technologies and strategical compensating controls, describe defense in depth/how it reduces attack surface/status of residual risk
Methodology: Outline the project approach. Research current accepted strategies/best practices and examine case studies where failures have occurred. Use threat modeling to assess attack vectors specifically in ICS systems.
Implementation Plan: Identify the project phases. Collect data on SCADA protocols, identify vulnerabilities and impact to the CIA triad, threat model, discuss the most practical defense strategy, evaluate how well the mitigations reduce risk, document findings
Project Outcomes: List the key anticipated project outcomes and deliverables in 500 words or less. Expected outcomes from this capstone include a detailed analysis of security risks from SCADA/ICS systems, threat modeling with an emphasis on SCADA systems, best practice mitigation strategies, residual risk within specific SCADA systems, failures of the past, and a framework of what can be done by current systems without needing to completely replace technology/infrastructure
Sources: Include a list for all references and citations that support the summaries above and are used in-text and as outside sources. NIST SP 800-82, CISA ICS Advisories, MITRE ATT&CK framework for ICS systems, case studies relevant to SCADA systems, previous SCADA attacks
2
