This page contains tentativelecture plan and the lecture slides.




Week 1

(Jan 8)


Course Introduction

Overview of Security Management and Security Planning

(Based on Chap 1 and 2 of Whitman book – notes in the reading list section)


Lecture 1




Week 2

(Jan 15)



[Continue Lecture 1]


Contingency Planning, Information Security Policy &Programs,

(Chap 3-5 of Whitman book; notes in reading list section)


Additional Reading: 

Contingency Planning Guide for Information Technology System (NIST 800-34

Generally Accepted Principles and Practices for Securing Information Technology Systems (NIST 800-14)


(Covered till Slide 13 of Lecture 2)


Lecture 2


Week 3

(Jan 22)


Continue Lecture 2


Overview of Computer Forensics

(Source: Guide to Integrating Forensic Techniques into Incident Response (NIST SP800-86) 



Lecture 3


Week 4

(Jan 29)


Class will be held at Pitt’s CSSD Unit (Bellefield Hall)

-       Overview of CSSD’s InfoSec Infrastructure/Team/Program

-       Presentation and Discussion on Pitt’s InfoSec IRP/DRP (Sean SweeneyJay Graham, CSSD)

-       Demo and some hands-on on Computer Forensics at CSSD


READ NIST DOCUMENTS LISTED ABOVE BEFORE THIS CLASS – Actively participating in the discussion about CSSD is expected


(CSSD Proprietary slides on Info Sec plan and a Computer forensics lab/case study)

Week 5

(Feb 5)



Risk Management

(Chaps on Security Management of Whitman book; notes in reading list section)

(NIST: Managing Information Security Risk: Organization, Mission, and Information System View (SP 800-39))


(Covered till Slide 13 of Lecture 4)



Lecture 4




Week 6

(Feb 12)


Week 7

(Feb 19)


Management Models/Practices

(source: Whitman book; ISO standards, NIST documents – identified in the lecture)


(Covered till Slide 23 of Lecture 5)


Lecture 5


Week 8

(Feb 26)

Cloud Computing: Security and Privacy Issues

(See Reading List)

Lecture 6


Week  9

(March 5)

Guest Lecture by Prof. Palanisamy on “Cloud Computing”

Guest Lecture


Spring Break

Week  10

(March 19)


(Finish Lecture 6)

Managing of Software/Systems Development: Process Models/Methodologies (SEI/CERT and Misc)

Supply Chain security Issues (NIST 800-61)


Project discussion


Lecture 7


Week  11

(March 26)


Insider Threat (Guest: Nathalie Baracaldo)

Security and Privacy issues in Social Networks (Guest Lecture: Lei Jin)



Insider Threats



Security/Privacy in SN


Week  12

(April 2)

Visit to Pitt’s NoC

Reading Assignments


Week 13

(April 9)



THEME: Security and Privacy in Healthcare

1.    Securing the E-Health Cloud  
Presenter: Mengqi We
Reviewer: Chao Li

2.    Protecting Health Information on Mobile Devices 
Presenter: Kayla Mormak
Reviewer: Mohamamd Karvan

3.    They Can Hear Your Heartbeats: Non-Invasive Security for Implantable Medical Devices
Presenter: Shuli Chen
Reviewer: Sriram Raghunathan


4.    A Privacy Framework for Mobile Health and Home-Care Systems
Presenter: Jirong Yang
Reviewer: Michael Marin


THEME: BigData + Policy

5.    SAFE- Secure and Big Data-Adaptive Framework for Efficient Cross-Domain Communication  
Presenter: Stephen More
Reviewer: Juntao Gu

6.    Detecting and Resolving Privacy Conflicts for Collaborative Data Sharing in Online Social Networks
Presenter: Wenjia Song
Reviewer: Adithya Uthamaraj


Week  14

(April 16)



THEME: Critical Infrastructure Protection

1.    Cybersecurity Myths on Power Control Systems: 21 Misconceptions and False Beliefs

Presenter: Michael Marin
Reviewer: Kayla Mormak

2.    Cyber security risk assessment for SCADA and DCS networks
Presenter: Sriram Raghunathan
Reviewer: Mengqi Wei

3.    SCADA security in the light of Cyber-Warfare
Presenter: Juntao Gu
Reviewer: Stephen Moore

Presenter: Mohammad Karvan
Reviewer: Sushma Anand Akoju

5.    Architecture-Driven Smart Grid Security Management
Presenter: Adithya Uthamaraj
Reviewer: Jirong Yang

6.    CyberSAVe – Situational Awareness Visualization for Cyber Security of Smart Grid Systems
Presenter: Sushma Anand Akoju


7.    A Cloud-Based Consumer-Centric Architecture for Energy Data Analytics
Presenter:Chao Li
Reviewer:Shuli Chen, Wenjia Song


Week 2

(April 23)

Project Due/Presentations/Demons