Back to search

INTPART-International Partnerships for Excellent Education and Research

Reinforcing competence in cybersecurity of critical infrastructures: a Norway-US partnership (RECYCIN)

Alternative title: Styrking av kompetanse innen cybersikkerhet av kritisk infrastruktur: et Norge-USA partnerskap (RECYCIN)

Awarded: NOK 4.4 mill.

Cybersecurity is of national importance, as highlighted by the National Cybersecurity Strategy. Norway proposed the following strategic goals to reinforce cybersecurity in society: (i) strengthening cybersecurity competence, (ii) improving societal ability to detect and handle cyber-attacks. These strategic goals can be achievable by providing state-of-the-art research environment, cybersecurity study programmes at Universities and Colleges, professional training courses to advance current cybersecurity professionals. In addition, the strategy emphasizes on public-private partnership, civilian-military collaboration, and international cooperation. To this end, RECYCIN project proposes an international partnership between Norwegian and United States institutions that are at the forefront of research and education in cybersecurity and digital society. RECYCIN establishes and promotes a long-term strategic partnership on advancing research and education on Cybersecurity of Critical Infrastructures between the project partners: Institute for Energy Technology (IFE), Østfold University College (HiØ), Norwegian University of Science and Technology (NTNU), and Virginia Polytechnic Institute and State University (Virginia Tech). RECYCIN enables the development of cybersecurity competence through providing state-of-the-art research environments, study programmes, and industrial training courses. This collaboration also facilitates incorporating state-of-the-art research results and knowledge into educational programmes and facilities, including organizational and human factors aspects of cybersecurity that are traditionally not part of cybersecurity courses. In the realm of cybersecurity education, a gap analysis conducted within the context of RECYCIN identified a lack of courses in Norway addressing the cybersecurity of Operational Technology systems. In response, RECYCIN contributed to the development of courses such as Cyber Physical Systems Security (PhD Course – NTNU), Cybersecurity Risk Management and Incident Response, Cyber Security Governance, and Security in Information Systems and Software Engineering (Master Courses – HiØ). Recognizing the lack of easily accessible cyber-physical system testbeds for cybersecurity research and education in Norway, RECYCIN addressed this gap by developing a cyber-physical system testbed in 2021. This testbed serves as a realistic simulation platform, enabling the evaluation of cybersecurity methods, and tools, as well as conducting training and awareness programs for future cybersecurity professionals. The testbed has been utilized during student visits to IFE as part of the Master Course on Cybersecurity Risk Management and Incident Response from HiØ in 2023. To address the limitations of a one-size-fits-all approach in cybersecurity training and education, RECYCIN proposed an innovative method in 2021. This approach involves eliciting end-user preferences through surveys and organizational needs via interviews, with the aim of developing personalized and effective cybersecurity training and education. Additionally, in 2022 – 2023, the project proposed a framework to determine individual cybersecurity competence levels on different topics, assisting management in selecting appropriate and efficient training for various personnel groups. From 2021 to 2024, RECYCIN focused on promoting collaboration between institutions and building a network within cybersecurity. Between 2023 and 2024, the project organized a research visit from Virginia Tech to IFE, NTNU, and HiØ, reciprocated by several visits from IFE, NTNU, and/or HiØ to Virginia Tech. In addition, RECYCIN also organized/co-organized 4 workshops and 2 special sessions including: (i) Halden HTO Cybersecurity Workshop on “Threat Landscape for Critical Infrastructures (CIs)”, (ii) 3rd and 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS – 2022 and EnCyCriS – 2023) organized in conjunction with the International Conference on Software Engineering (ICSE – 2022 and ICSE – 2023), (iii) Special Session on "Human Factors in Cybersecurity of Cyber-Physical Systems" in conjunction with the 25th and 26th International Conference on Human-Computer Interaction (HCII – 2023 and HCI – 2024), (iv) Industrial Workshop on Cybersecurity in Digital Transformation of Healthcare and Resilient Infrastructures. The objective of these workshops was to bring together industry practitioners and academics in a joint platform nationally and internationally that provide an opportunity for sharing best practices, exchanging new ideas, networking, and identifying areas of collaboration related to Cybersecurity of Critical Infrastructures. Moreover, RECYCIN facilitated numerous joint publications among partner institutions on the theme of cybersecurity for critical infrastructures. In addition, we established collaborations with another INTPART Project, CybAlliance #337316).

Cybersecurity of critical infrastructure is of national interest and that to safeguard critical infrastructures requires a strong cybersecurity workforce. Norway and many other nations are facing challenges to produce enough cybersecurity professionals to meet the industry and public needs. The necessity for cybersecurity competence is stated as one of the strategic goals in the Norway's National Cybersecurity Strategy. In Norway, few educational institutes have comprehensive cybersecurity programmes or courses, and most available courses are within Information Technology (IT) cybersecurity and not on Industrial Control Systems (ICS) cybersecurity. Moreover, the courses offered in Norway are primarily focused on technological aspects of cybersecurity and have limited scope on organizational and human aspects of cybersecurity. The RECYCIN project will assimilate the competence and enable the Norway and US partner institutions to support the development of a state-of-the-art cybersecurity academic and research infrastructure. The project will connect education with industry needs and research institutes with higher education institutions to both provide advanced research and education in cybersecurity. The activities of RECYCIN will support the cooperation between the partners, by: 1. Establishing a roadmap for long-term partnership among the partner institutions, and promoting education, research and innovation to advance next generation cybersecurity in critical infrastructure. 2. Sharing and co-developing undergraduate and graduate course on cybersecurity of critical infrastructure. 3. Sharing and co-developing professional training materials. 4. Developing mobility stays to cross pollinate cybersecurity expertise across the partner institutions. An objective of such exchanges of researchers is to support the development of study courses within cybersecurity at HIØ, NTNU and Virginia Tech.

Publications from Cristin

No publications found

No publications found

No publications found

Funding scheme:

INTPART-International Partnerships for Excellent Education and Research