EIT 2022 - Minnesota State University, Mankato, MN, USA

Dr. Ned Mohan: Ned Mohan (LF-IEEE) joined the University of Minnesota in 1975, where he is Oscar A. Schott Professor of Power Electronic Systems and Morse-Alumni Distinguished Professor. He received his Bachelor's degree from the Indian Institute of Technology-Kharagpur in 1967. His PhD in Electrical Engineering and Master's in Nuclear Engineering are from UW-Madison. He has written six textbooks; all together, they have been translated into nine languages. He has graduated fifty PhDs. His area of research is in power electronics applied to power systems and he holds several patents.

Ned Mohan received the H.T. Morse Distinguished Teaching Award for undergraduate education from the University of Minnesota in 2007. He has received 2008 IEEE-PES Outstanding Educator Award, 2010 IEEE Undergraduate Teaching Award, 2010 UWIG Achievement Award from Utility Wind Integration Group, 2011 Distinguished Alumnus Award from IIT-Kharagpur (India), and 2012 IEEE Power & Energy Society Ramakumar Family Renewable Energy Excellence Award. In 2013, he received the Innovative Program Award from the ECE Department Heads Association made up of over 250 U.S. universities. In 2014, he received the Distinguished Graduate Teaching Award from the University of Minnesota and the IEEE Nari Hingorani FACTS Award from the IEEE Power & Energy Society.

Climate change is the gravest threat facing humanity. Power engineering and its education have an important role to at least delay, if not avert, the catastrophes ahead. However, as reported by ASEE, in the EE part of ECE, student enrollments are declining nationwide just when we need them the most.

Most young people are now very much aware of climate change and its consequences, and thus it is a great opportunity to create a pipeline of young students to recruit them into power engineering to pursue their undergraduate and graduate studies. This would require a holistic view where we integrate power systems that is needed for the delivery of power, power electronics that is ubiquitous and is used in all aspect of energy generation, transmission and end-use, and electric machines that are the primary users of electricity specially if we are to transfer as much of energy use to electricity and generate that by renewables.

Vitaly Herasevich, MD, PhD, MSc is a Professor of Anesthesiology and Medicine in the Department of Anesthesiology and Perioperative Medicine, Division of Critical Care, Mayo Clinic, Rochester, Minnesota. He has been involved in medical informatics for over 20 years, with a specific concentration on applied clinical informatics in critical care and perioperative environment.

Dr. Herasevich codirects the Clinical Informatics in Intensive Care laboratory that works to decrease complications and improve outcomes for critically ill patients through applied clinical informatics and quality improvement. He is interested in studying and developing clinical syndromic surveillance alerting systems ("sniffers"), clinical data visualization (novel patient-centered EMR), and health care predictive and prescriptive ambient intelligence. He is co-inventor of number of technologies including AWARE platform. Dr. Herasevich has coauthored over 100 articles and book Health Information Evaluation Handbook (now in second edition). He is Senior Member at IEEE, Fellow of Society of Critical Care Medicine and American Medical Informatics Association active within professional societies and served SCCM Tele-ICU committee as chair. Dr. Herasevich is also part-time CMIO of Ambient Clinical Analytics (http://ambientclinical.com) and Kardiogenics (https://kardiogenics.com/). More information at Mayo Clinic profile web page - http://www.mayoclinic.org/biographies/herasevich-vitaly-m-d-ph-d/bio-20055468

Madjid Fathi is a professor and Head of KBS & KM (Knowledge Based System & Knowledge Management) institute at the EECS Department at the University of Siegen, Germany. He obtained his M.Sc. degree in Computer Science and Ph.D. degree (Dr.-Ing.) both from the University of Dortmund, Germany, in 1986 and 1991, respectively. Accordingly, he obtained Habilitation degree (Post-Doctorate) at the University of Ilmenau, Germany, in 1998. Before he got the Professor at the Department of Electrical Engineering and Computer Science at the University of Siegen he was visiting scholar at Florida State University and from 2003 at LMM (Lab for Micromechanics - Prof. Garmestani) Georgia Institute of Technology.

Since 2004, he is in Siegen. He was Visiting Scholar with Professor Zadeh father of Fuzzy Logic at U.C. Berkeley dept. of EECS joined the BISC (Berkeley Initiative of Soft Computing) from Sep/2012 to Sept/2013. As head of KBS he leads a large academic team of researchers and educators which has, thus far, resulted in over 90 theses. His research interests are focused on AI, Knowledge Based Systems (KBS), knowledge management and their applications in medicine and engineering, knowledge transfer, organizational learning, and knowledge discovery from text (KDT).

He is the editor of "Integration of Practice-Oriented Knowledge Technology" (2013) and "Integrated Systems, Design and Technology" (2011) published by Springer, as well as three text books (the last one has been published in October 2019 with the title: Computer-Aided Writing by Springer) and five edited books. He, with his students, has published with more than 270 publications including 30 Journal publications, and obtained four paper awards. He got the European Award Cut-e prize 2015. He is a senior member of IEEE as well as member of editorial board of five respective journals. He is the founder of Alzheimer Knowledge Platform.

Knowledge Graph is a powerful tool for knowledge management, search, and information retrieval from structured and unstructured data. In industrial applications, this requires technological progress on the one side, and the skills of integration processes of document content from different areas on the other side. In addition to the content to be retrieved automatically from databases, human experience from employees, in the form of lessons learned, must also be considered. The handling of different data types, the possibility of storing larger capacities of data in the graph must be ensured and, above all, the representation of the document contents must occur in a suitable form. For the knowledge representation of knowledge graphs, the Multidimensional Knowledge Representation (MKR) technique can be used as a tool to integrate text analysis results into the knowledge graph. This approach will be presented in the talk together with other document-centric variants of knowledge graph construction and explained on the basis of different projects.

Mariana Hentea earned her PhD and MS in Computer Science, MS in Computer Engineering, and BS in Electrical Engineering. She holds a CISSP certification from ISC2. Her current research is focused on Smart Grid and DER systems, real-time systems security and performance, network security design and architecture, and use of Artificial Intelligence techniques for information security management, security risk management, network management, and process control. As a member of IEEE Standards Association, she promotes Security and Privacy awareness to Engineers, managers, regulators, and consumers. She is a member of IEEE Smart Grid, IEEE Power & Energy Society, IEEE Computer Society, ISC2 and ISSA organizations. Her book Building an Effective Security Program for Distributed Energy Resources and Systems: Understanding Security for Smart Grid and Distributed Energy Resources and Systems was published by Wiley in April 2021.

Many organizations have a limited ability to measure and assess their cybersecurity posture
Organizations lack consistent metrics or reliable tools for measuring their risks and vulnerabilities; threats, when known, are often difficult to demonstrate and quantify in terms that are meaningful for decision makers
Control systems are becoming increasingly interconnected and often operate on open software platforms with known vulnerabilities and risks
Poorly designed connections between control systems and enterprise networks introduce further security risks.

Since the energy sector is facing increasing threats and protection of the power grid against cyber attacks is critical, there are needs for effective security metrics, modeling, and assessment tools that aid organizations to assess their security posture and plan for improvements to reduce the risks.

The needs for developing cybersecurity metrics for energy sector and power grid in US are recognized by organizations and DOE has been addressing these issues by promoting recommendations to implement the NIST Cybersecurity Framework and other standards.

There is a need for development of strong and consistent metrics, testing guidelines, and certification processes to create measurable successes for control system security. Clear and consistent metrics are needed for both business and control systems, and mandatory baseline security requirements should be established. In the long term, the organizations need to develop systems that automate cybersecurity state monitoring and remediation, similarly to the way in which the electricity sector currently automates and manages energy delivery operations.

Information security metrics are an important factor in making sound decisions about various aspects of security, ranging from the design of security architectures and controls to the effectiveness and efficiency of security operations.

This tutorial addresses different categories of security metrics and areas of use that could help organizations establish, assess, and maintain secure systems. Also, the tutorial identifies one important area - the collection of security measurements including challenges such as the confidence and uncertainty of derived metrics needed for the analysis of the security posture of an organization or of system implementation and operational environment.

Security events are dif?cult to measure in practice due to their inherent existence of uncertainty. The uncertainty can be derived from multiple reasons. First, unknown attack behaviors are hard to be accurately predicted by a defender. Second, uncertainty is often caused by estimation errors in that observed evidence does not necessarily re?ect an actual system state because the observation of the security state is imperfect due to detection errors or inherent noises.

Therefore, measurable security involves many areas, at minimum includes software assurance, application security, asset management, supply chain risk management, cyber intelligence threat analysis, cyber threat information sharing, vulnerability management, patch management, configuration management, malware protection, intrusion detection, system assessment, incident coordination, enterprise reporting, remediation.

Security metrics can be an effective tool for security management to identify the effectiveness of various components of the security program, system, product or process, and the ability of security team within an organization to address security issues for which they are responsible.

Effectiveness/Efficiency metrics are very important because they are used to determine whether program level processes and system level security controls have been implemented correctly, operate as intended, and achieve their expected outcomes. Effectiveness/Efficiency metrics reflect two aspects of the results of security control implementation: the robustness of the result itself and impact to defend an asset (e.g., its effectiveness), and the timeliness of the result (e.g., efficiency).