My name is Abby Magistro, and I am a rising senior in the Swanson School of Engineering and the Fredrick Honors College at Pitt. I am majoring in computer engineering, with my current interests being software development, cyber security, and robotics. Outside of classes, I am entering my fourth year on the color guard of the Pitt Marching Band, and I’m going to be a section leader this year.

This summer I have the opportunity to participate in the SHURE-Grid program with the honors college in collaboration with Idaho National Laboratory (INL), one of the Department of Energy’s 17 national labs. This program has four student teams of four from technical, policy, and media backgrounds looking at real life cyber attacks and analyzing them within the guidelines of cyber-informed engineering (CIE) principles. CIE is a fairly new concept that stems from the need to be more proactive about cyber security in a world where computers are becoming ever more prevalent and being integrated into physical systems for easier control and monitoring. This integration of technology can provide more convenience and may even provide some security and peace of mind in cases like smart homes with cloud security cameras and electronic locks on the front doors. However, connecting any system to the internet introduces vulnerabilities. CIE principles provide guidelines for a holistic approach to cybersecurity by giving direction as to how to consider cyber security from the initial concept and design phases all the way through the deployment and maintenance phases of the engineering lifecycle. This approach creates secure systems with more than just digital monitoring, like a basic antivirus software would. A CIE approach stresses utilizing physical design choices on top of traditional cybersecurity methods to reduce the ways an attack could be made on a system while also minimizing the damage that could result from an attack.

The SHURE-Grid program asks that the participants look specifically at real-world cyberattacks on critical infrastructure, like the water system and healthcare, from the news. Our team has chosen to focus our efforts on the electric grid, looking at details from the cyber-attack on the Ukraine power grid in 2015 that caused power outages to over 200,000 customers. We are analyzing the causes of this attack, and exploring how the vulnerabilities that allowed this attack to happen could be made more secure in the future. The goal of the SHURE-Grid program is to help educate people on CIE as it relates to critical infrastructure. We’ll be using the real-life example we’ve chosen to create a simpler use-case that will be used to tell a story for an educational video. These educational videos will aim to be accessible to the general public, so that anyone, regardless of if they have a technical background, will be able to digest the attack as a whole and the proposed policy and security changes. These videos will also be accompanied by simple labs to help demonstrate how an attacker could gain access to a computer system and how that access can impact the system and cause damage.

I decided to apply for and participate in this program because of the cybersecurity aspect. Not only am I getting exposure to more cybersecurity methods, which has grown to be a topic I am very interested in, but I am also getting into details of real-world examples with the aid of faculty experts and some of the most modern guidelines for cyber security. This program also includes weekly presentations and interviews with industry experts. These aspects of the program are having me practicing my public speaking skills and my communication skills as a whole. Both of these are essential to going far in any career and are often hard to practice in a traditional classroom, so I am glad that I am getting exposure to these skills in this program. I’m looking forward to seeing how the rest of my summer in this program goes, and how it will help me with my future studies and career.