IIK8010 - Cyber Physical Systems Security


Examination arrangement

Examination arrangement: Assignment
Grade: Passed / Not Passed

Evaluation Weighting Duration Grade deviation Examination aids
Assignment 100/100

Course content

Topics covered in the course are: Characteristics of CPS; Security and Privacy Concerns; Risk assessment for CPSs; Attacks Against CPSs; High-Profile, Real-World Attacks Against CPSs; Preventing Attacks; Detecting Attacks; Mitigating Attacks; Combined safety and security analysis of cyber-physical systems; Policy and Political Aspects of CPS Security; Industry Practices and Standards; the IEC 62443 standard; Security for specific CPS classes: Industrial Control Systems, Electric Power Grids, Transportation Systems and Autonomous Vehicles, Robotics and Advanced Manufacturing, Medical Devices, The Internet of Things.

Cyber physical systems are in the core of critical infrastructure. Critical infrastructure is defined as an asset, system, or part thereof, which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact as a result of the failure to maintain these functions. As such, the course contributes to the following SDGs:

  • achieving higher levels of economic productivity, by increasing the security of and trust in the digital transformation process, thus facilitating technological upgrading, and speeding up the innovation process (goal 8.2);
  • developing reliable and resilient infrastructure (goal 9.1).

Learning outcome

Having successfully completed the course, the students should have gained:


  • Advanced knowledge of core concepts of cyber physical systems
  • Advanced knowledge of the concepts of risk and risk assessment and how these apply to cybersecurity of cyber physical systems
  • Advanced knowledge of technical, management, and policy issues in cyber physical systems security and safety
  • Advanced knowledge of security and privacy issues in several application domains that incorporate cyber physical systems


  • Ability to assess and use attack modelling approaches to analyze attacks against cyber physical systems
  • Ability to critically analyze existing theories and methods for the study of cyber physical systems security and to independently apply such methods to related problems
  • Ability to jointly analyze the security and safety of cyber physical systems, based on risk assessment and the use of barriers/countermeasures
  • Ability to carry out independent research in selected areas of cyber physical systems security
  • Ability to identify and critically analyze primary research literature on cyber physical systems security and to apply appropriate scientific reasoning

General competence

  • Ability to apply knowledge of concepts and methods of analyzing the security of cyber physical systems to new fields
  • Ability to present, assess and discuss the research results of others.
  • Ability to discuss academic and professional topics in the field of modelling and securing cyber physical systems in selected domains both with a specialist and general audience
  • Critical understanding of professional and ethical, including research ethics, issues in the field of cyber physical systems security

Learning methods and activities

Colloquia/interactive lectures, where it is expected that the students have familiarized themselves with the topic beforehand. Optional assignments.

Further on evaluation

The assessment is based on a final report. The grading rule is pass/fail. The minimum passing grade is 70/100 points (70%).

The re-sit exam, if there is one, will be a report.

Specific conditions

Admission to a programme of study is required:
Information Security and Communication Technology (PHISCT)

Course materials

  • Journal and conference papers, etc. Announced at the beginning of the term.
  • K. Stouffer, V. Pilliteri, S. Lightman, M. Abrams, A. Hahn: NIST SP800-82Rev2: Guide to Industrial Control Systems Security. U.S. National Institute of Standards and Technology (2015)
  • Saqib Ali, Taiseera Al Balushi, Zia Nadir, Omar Khadeer Hussain: Cyber Security for Cyber Physical Systems. Springer International Publishing (2018)
  • Rausand, M. and Haugen, S. Risk Assessment: Theory, Methods, and Applications. Available at Wiley online Chapters 1, 2, 3.1-3.2 and 14.1-14.7, 17.

More on the course



Version: 1
Credits:  7.5 SP
Study level: Doctoral degree level


Term no.: 1
Teaching semester:  SPRING 2024

Language of instruction: English

Location: Gjøvik

Subject area(s)
  • Information Security
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of Information Security and Communication Technology


Examination arrangement: Assignment

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Spring ORD Assignment 100/100 INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU