Information Sharing and Analysis Center

Facebook Twitter Youtube

Information Sharing and Analysis Center

Donate
Facebook Twitter Youtube

India's leading non-profit, solving critical problems impacting the connected, digital world on cyber security.

TACE - The Alliance for Center of Excellence

Overview

AICTE has signed an MoU with ISAC to cooperate towards enabling AICTE to achieve its goals in the areas of R&D, capacity building in Cyber Security space that would result in qualitative improvement in the technical education. Among various other activities in this regard is the establishment of Centers of Excellence (COE) in Cyber Security in select AICTE institutions across the country with the funding from the Industry.

 

In pursuance of the objective of establishing these CoEs, AICTE has taken several steps. It has framed guidelines, Scope of work, including detailed technical specifications of various components that constitute every CoE in Cyber Security that would be established with part funding from Industry. AICTE has recently released an Expression of Interest (EoI) for establishing such CoEs.

 

With the current situation of Covid-19, it is foreseen that many small and large industries will be impacted, resulting in high unemployment and decrease in overall hiring and placements in near future. At the same time, the corona pandemic as a major disruption is forcing digitalization as a tectonic shift. This will compel many organizations to adopt digital and emerging technologies to sustain their business models, marking a significant rise in demand for next generation skills.

 

It is important to create a standing mechanism to establish and operate such COEs. ISAC has evolved guidelines & specifications for the establishment of CoEs based on the broad technical parameters covered in the AICTE EOI and has constituted a standing body.

Standing Body

The Alliance for Center of Excellence (TACE) will be the standing body. Incidentally, TACE is a less common word for TASSET or a “piece of armour”. TACE is collaborative Platform from ISAC, created primarily to advance the mission of capacity building in the areas of emerging technologies through establishing multiple Centers of Excellence (COEs) across the country.

This platform, recognizing the enthusiasm of both Industry and academia, is expected to bring together stakeholders, support and facilitate capacity building by establishing COEs largely in self-funding mode with collaboration from the Industry.

TACE, to start with, shall adopt the guidelines and specifications already evolved by AICTE. However, the body would periodically review such guidelines & specifications and if need be modify/alter these in keeping with the Industry requirements.

Objectives                           

The objectives of the TACE platform is to:                                                                                  

 

  1. Create specifications in terms of technology, infrastructure, people and processes for any institutional activity to be eligible for recognition as a CoE.
  2. Motivate and Promote establishment of COEs in Institutions by self-funding or in collaboration / partnership with Industry
  3. Make available Industry sponsorship and collaboration opportunities
  4. Identify and endorse Institutional activities which meet requirements to be recognized as a COE
  5. Enable enhanced capacity building and creation of next generation workforce in Cyber Security, Artificial Intelligence, Data Science, ioT, Drones, Quantum computing and other emerging technologies.
  6. Increase Internships and job opportunities in COEs
  7. Provide opportunities for revenue generation and sustainability
  8. Support the COE in simplifying their operations
  9. Ensure proper utilization of the COE
  10. Promote development of COEs in partnership with Industry

Vision

Advance capacity building in emerging technologies and build national cyber resilience through Industry and Academia Partnership.

Mission

      Promote and facilitate establishment of 100 COEs across India by 2030

      Create 10,000 Cyber security professionals every year

Membership

The membership to TACE is free and has no charges. There are three types of members in the Alliance:

 

(a)   COE institution: Open for AICTE institutions that have opted to establish a Center of Excellence in self-funding mode or in collaboration with an Industry partner

(b)   Industry Partner: For Industry / companies who wish to support the COE by means of Sponsorship, Funding, Internship and job opportunities also benefit from its facilities by training their workforce and collaborate on various research initiatives.

(c)   Knowledge Partners: For all organizations that can support the day to day operations of COE, such as providing trainers, Industry experts, supporting clusters, facilitating hackathons, coordinating with Industry for sponsorships, Enhancing internships and placements at COE or engaging in any activities that will advance and benefit the COE.

Benefits to Institutions hosting COE

Benefits from ISAC

 

  1. Opportunity for Industry Funding towards establishing COEs

  2. Free E-Learning Access – for 100 students in the first year

  3. Free NSD Cadet Exams – for 100 students in the first year

  4. Free NSD Falcon Exams – for 100 students in the first year

  5. Free Workplace Ethics Training – Unlimited Students

  6. ISAC Internships for CERT-IN and NCIIPC activities

  7. Industry Knowledge Transfer – Sessions from Top CISOs

  8. Training participation from Industry

  9. Support for enhancing placements at campus

Criteria for COE Recognition

The following qualifications are required for recognition as a COE under the alliance. This is as per guidelines of EOI approved and published by AICTE.

Technical Setup requirements

 

SN

Component

Features

1

Cyber Physical System Simulation

a) Cyber Physical System (CPS) based Smart city simulation with different thematic  headings based on HO Scale models with minimum dimensions of 24 feet x 8 feet

b) The platform must have minimum 10 scenarios of cyber security from multiple sectors including Healthcare, Railways / Metro, Water Security, Roads and Transport, Banking and Fintech, Energy Sector etc.

c) The CPS simulation model must incorporate PLCs / SCADA devices in the scenarios

d)    The CPS simulation model must provide hands-on exposure to candidates on IOT and SCADA security and must use Industrial sensors.

2

Virtual Labs

a)    The technology platform must have minimum 150 cyber security scenarios / use cases with vulnerable systems

b)    The platform must either use virtual machines or containerization technologies.

c)    The platform must allow access to minimum 20 concurrent sessions

d)    The platform must provide vulnerable systems as well as attacker consoles with pre-installed tools

e)    The technology platform must cover scenarios for common cyber security domains such as penetration testing, digital forensics, web application exploitation, Reverse Engineering etc.

3

Hackathon Platform

a)    The hackathon platform must allow creation of standard hackathon contests

b)    The platform must provide a score-board for the participants / teams

c)    The platform must provide verification of flags as per contest

d)    The platform must provide creation of multiple levels of challenges for the contests

4

SOC Simulation platform

a)    The platform must simulate the basic environment of a Security Operations Center (SOC)

b)    The platform must utilize open source technologies

c)    The simulation must enable training of SOC analysts for minimum L1 positions

5

End Point Detection

a)    The end-point-detection must be cross-platform

b)    The simulation must provide exposure to end-point technologies to the candidates

c)    The platform must have its own dashboard

6

Training based on Mitre Att&ck Framework which is open source

a)    Solution must allow testing of attacks based on the open source Mitre Att&ck framework globally used by the Industry

b)    The solution must be cross platform.

7

Threat Intelligence

a)    Threat Intelligence feed must be provided to the COE

b)    The solution must cover minimum

(1)  blacklisted IPs

(2)  Malicious Domains

(3)  Phishing Links

c)    Threat intelligence must be accessed via an API in most of the industry standard formats like

(1)  JSON

(2)  STIX

(3)  XML

(4)  CSV

(5)  Yara Signatures

8

Cyberwarfare scenario Simulation for CXOs / Industry leaders

a)    The platform must provide various cyber security scenarios for testing of senior leadership decision making skills

b)    Must have option to add custom scenarios /  Use cases

c)    Must provide ranking of members for purposes of creation contests and assessments

09

Digital Forensics Workstation

a)    The workstation must provide basic capabilities on Forensic investigations for Mobile devices

b)    The solution must have tools that provide data recovery and data analysis

 

Infrastructure Requirements

The COE can be established either within the campus or outside the campus in collaboration with Industry Partner.

 

      Approx 1500 Sqft or more free space

      Suitable air conditioning

      Seating and logistics

      Computer systems

      Power Backup

      Projection / Audio-Visual Facilities

      Necessary associated civil works

Man-power requirements

      Professor with Cyber Security background

      Personnel for cluster management and COE utilization scheduling

Audit and Certification Process

  1. Any Institution which is willing to establish a COE in self-funding mode / with Industry partner can follow the guidelines published by TACE and request to be audited for both technical and Infrastructure compliance.
  2. Upon successful completion of Audit, a report will be given for establishment of COE
  3. COE will be established as per TACE guidelines

Mandatory Commitment from all COEs

The objectives of COE and its recognition are to promote capacity building in Cyber Security and emerging technologies. For this purpose, the alliance will only recognize the institutions as COE if they commit to the mission of capacity building. These include:

(A)        Cluster creation

1.     Each COE must form a cluster of at least 5 colleges located in proximity to the COE.

2.     The cluster will have a nomination of minimum 50 students per college to be trained in Short Term courses in emerging technologies at the COE.

3.     The programs must be nominally charged by the COE to ensure annual operational costs and sustainability requirements are met.

(B)        Clean Exit

1.     Ensure students adhere to professional ethics at the workplace and understand the importance of ethical work culture.

2.     There is no training cost to this process and will be fully funded by ISAC.

3. The Certification fee to not exceed INR 300 + taxes per student.

(C)       Hosting Events

1.     The COE must host various cyber security events from time to time every year in collaboration with Industry.

2.     Commit to host minimum 2 knowledge sessions every year organized by TACE to bring the Industry to the COE to enhance exposure of students in emerging technologies.

(D)       Participation in Hackathons

1.     The students from COE must participate in various hackathons to enhance and demonstrate their skills and knowledge.

2.     The faculty from COEs must ensure strong participation.

(E)        Offering TACE approved short term Industry courses

1.     Short term courses designed by TACE in collaboration with Industry in emerging technologies must be optionally offered as courses with credits.

2.     Embrace digital technologies / video conferencing to teach short-term courses across the cluster to reach maximum students

(F)        Adhering to Industry Sponsor Terms

1.     Meet the terms of Industry Sponsor

2.     Support vibrant Industry collaboration

 

Services of TACE

TACE does not want a situation where the COE becomes a white elephant post establishment. Not all COEs may have the skills and persistence to make the operations sustainable. It is for this reason, TACE will identify competent Industry and knowledge Partners that will help the institution in running the COE professionally. We can think of Knowledge partner services as a marketplace for COE operations.

 

Services proposed are:

 

+      Cluster Management Services

+      Training Management Services

+      Collaborative E-learning services

+      Maintenance and Upgradation of COEs

+      Utilizing the “available” slots of COEs commercially to Industry

+      Promoting Short Term courses at COEs commercially to Industry

+      Support in fund raising for R&D projects at COE

+      Run the COE professionally as Industry service

+      Support in fund raising, sponsorship for Hackathons and events

+      Generate revenue by means of innovative branding and service offerings from COE

 

The end objective is to provide all means to the COE to sustain their operations and make them self-sufficient. The COE and Knowledge Partners can directly interact with each other and jointly come up with business models. The role of TACE is to only provide a platform to connect.

Working Group from ISAC

·       ISAC will create a working group to ensure success of the TACE platform.

Advisory Committee of TACE

      5 member advisory team with representations from the Industry and the Government of India.

 

Table of Contents