IMT4203 - Critical Infrastructure Security


Examination arrangement

Examination arrangement: Aggregate score
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
Home examination 49/100 2 hours
Assignment 51/100

Course content

  • Critical Infrastructures and Information Infrastructures
  • Threat Actors and Agents in Critical Infrastructures
  • Infrastructure Modelling, Robustness, and Dependencies
  • Cyber-Physical Systems and their Security
  • Control Systems Security
  • Selected Aspects of Critical Telecommunications Infrastructure Security and Resilience
  • Selected Aspects of Power Networks and Generation Infrastructure Security and Resilience
  • Selected Aspects of Oil and Gas Infrastructure Security and Resilience
  • Selected Aspects of Transportation Infrastructure Security and Resilience

The course addresses critical infrastructure security. Critical infrastructure is defined as an asset, system, or part thereof, which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact as a result of the failure to maintain these functions. As such, the course contributes to the following SDGs:

  • achieving higher levels of economic productivity, by increasing the security of and trust in the digital transformation process, thus facilitating technological upgrading, and speeding up the innovation process (goal 8.2);
  • developing reliable and resilient infrastructure (goal 9.1).

Learning outcome

  • Knowledge
    • Advanced knowledge of core concepts of critical information infrastructures and general critical infrastructure as well as their dependencies
    • Advanced understanding of infrastructure and infrastructure robustness models
    • Advanced knowledge of cyber-physical systems and control systems security
  • Skills
    • Ability to analyse threat modelling approaches and to assess their suitability for a given set of threat sources and agents
    • Ability to critically analyse existing theories and methods for the study of cyber-physical systems security and to independently apply such methods to related problems
    • Ability to carry out research in selected areas of infrastructure security and resilience under guidance and supervision
    • Ability to identify and critically analyse primary research literature on critical infrastructure security and to apply appropriate scientific reasoning
  • General competence
    • Ability to apply knowledge of concepts and methods of analysing security and resilience of infrastructures to new fields
    • Capability to discuss academic and professional topics in the field of modelling and securing selected critical infrastructures both with a specialist and general audience
    • Critical understanding of professional and ethical, including research ethics, issues in the field of critical infrastructure security

Learning methods and activities

  • Lectures, term paper, project work, and reflection.
  • The course will be made accessible to both campus and remote students, the latter on a best-effort basis.
  • Lectures will be given on campus Gjøvik and recorded if possible with lecture notes and recordings made available via the online learning management system.
  • Candidates are expected to select a topic for a term paper and perform independent study on an active research area connected to the topics covered in the module.
  • Compulsory requirements: None

Further on evaluation

  • Re-sit:
    • If the course is to be re-sat, both elements must be re-sat.
    • Re-sit examination in August for the written exam. No re-sit in the same semester is possible, candidates must undertake both term paper and re-sit written examination.
  • Forms of assessment:
    • The written examination (2 h home exam) contributes 49% to the final result, and the term paper 51%.
    • Both term paper and examination must be passed to pass the course.
  • Retake can be carried out for some partial assessments without all partial assessments having to be taken up again.

Specific conditions

Admission to a programme of study is required:
Cyber Security and Data Communication (MTKOM)
Digital Infrastructure and Cyber Security (MSTCNNS)
Industrial Innovation and Digital Security (MIIDS)
Information Security (MIS)
Information Security (MISD)
Information Security (MISEB)
Security and Cloud Computing (MSSECCLO)

Required previous knowledge


Course materials


  1. E.D. Knapp: Industrial Network Security . Elsevier (2011)
  2. M. Newman: Networks . Oxford University Press (2010)
  3. K. Stouffer, V. Pilliteri, S. Lightman, M. Abrams, A. Hahn: NIST SP800-82Rev2: Guide to Industrial Control Systems Security . U.S. National Institute of Standards and Technology (2015)
  4. Saqib Ali, Taiseera Al Balushi, Zia Nadir, Omar Khadeer Hussain: Cyber Security for Cyber Physical Systems. Springer International Publishing (2018)
  5. Edward J. M. Colbert, Alexander Kott: Cyber-security of SCADA and Other Industrial Control Systems. Springer International Publishing (2016)
  6. G. Sorelo, M. Echols: Smart Grid Security . CRC Press, 2012
  7. Setola, Lopez, Wolthusen: Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defence . Lecture Notes in Computer Science Vol. 7130, Springer-Verlag (2012)

Credit reductions

Course code Reduction From To
IIKG6502 7.5 AUTUMN 2020
More on the course



Version: 1
Credits:  7.5 SP
Study level: Second degree level


Term no.: 1
Teaching semester:  AUTUMN 2024

Language of instruction: English

Location: Gjøvik , Trondheim

Subject area(s)
  • Information Security


Examination arrangement: Aggregate score

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn ORD Home examination 49/100 INSPERA
Room Building Number of candidates
Autumn ORD Assignment 51/100 INSPERA
Room Building Number of candidates
Summer UTS Home examination 49/100 INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU