Servizi per la didattica
PORTALE DELLA DIDATTICA

Cybersecurity and National Defence (Grandi Sfide - Digitale)

01DEHOA, 01DEHJM, 01DEHLH, 01DEHLI, 01DEHLM, 01DEHLN, 01DEHLP, 01DEHLS, 01DEHLU, 01DEHLX, 01DEHLZ, 01DEHMA, 01DEHMB, 01DEHMC, 01DEHMH, 01DEHMK, 01DEHMN, 01DEHMO, 01DEHMQ, 01DEHNX, 01DEHOD, 01DEHPC, 01DEHPI, 01DEHPL, 01DEHPM, 01DEHPW, 01DEHTR

A.A. 2023/24

Course Language

Inglese

Course degree

1st degree and Bachelor-level of the Bologna process in Ingegneria Informatica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Meccanica (Mechanical Engineering) - Torino
1st degree and Bachelor-level of the Bologna process in Design E Comunicazione - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Dell'Autoveicolo (Automotive Engineering) - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Informatica (Computer Engineering) - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Dell'Autoveicolo - Torino
1st degree and Bachelor-level of the Bologna process in Electronic And Communications Engineering (Ingegneria Elettronica E Delle Comunicazioni) - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Dei Materiali - Torino
1st degree and Bachelor-level of the Bologna process in Architettura (Architecture) - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Elettrica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Aerospaziale - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Biomedica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Chimica E Alimentare - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Civile - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Edile - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Energetica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Meccanica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Per L'Ambiente E Il Territorio - Torino
1st degree and Bachelor-level of the Bologna process in Matematica Per L'Ingegneria - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Elettronica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Fisica - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Del Cinema E Dei Mezzi Di Comunicazione - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Gestionale - Torino
1st degree and Bachelor-level of the Bologna process in Ingegneria Gestionale - Torino
1st degree and Bachelor-level of the Bologna process in Architettura - Torino
1st degree and Bachelor-level of the Bologna process in Pianificazione Territoriale, Urbanistica E Paesaggistico-Ambientale - Torino
1st degree and Bachelor-level of the Bologna process in Civil And Environmental Engineering - Torino

Course structure
Teaching Hours
Teachers
Teacher Status SSD h.Les h.Ex h.Lab h.Tut Years teaching
Teaching assistant
Espandi

Context
SSD CFU Activities Area context
*** N/A ***
ING-INF/05
3,6
2,4
D - A scelta dello studente
D - A scelta dello studente
A scelta dello studente
A scelta dello studente
Valutazione CPD 2022/23
2021/22
The first part of the course is common to all the courses set up within the “Grandi Sfide” project. It then presents some basic concepts related to cybersecurity: after a general introduction to the concept of security, it introduces the most relevant sources of vulnerabilities, targeting three different domains (organizational, technical, and human) and analyses some of the most widely adopted solution to overcome them. The course then focuses on the most relevant frameworks of laws, regulations, and standards established at National, European, and International level. From an operative point of view, attendees will then be invited to set up groups of 4-5 people and each group will have to carry on a research project work, whose topic will be freely selectable from a portfolio of proposed ones. Attendees will be asked to fill an assessment test (i.e. survey) both at the beginning and at the completion of the course. The questionnaire is guaranteed to be fully anonymous and is prepared by the CINI Cybersecurity National Laboratory (https://cybersecnatlab.it) within the project CyberReadiness.IT.
Technology always plays a key role in the great challenges that are currently facing humanity. Talking about digital, energy, mobility, climate, health or humanity in general, technology is mostly at the core. However, nowadays challenges cannot be reduced to a mere technical data, either analysing or designing possible solutions. To comprehend and face them successfully, all forms of knowledge are essential, from the techno-scientific field to the human, social and artistic ones. The “Big Challenges” courses are an opportunity to examine with interdisciplinary lens a number of relevant topics concerning humanity, focusing on technology and its key role on human living. In this framework, all the courses will address the UN Sustainable Development Goals, a global initiative aimed at renewing local and international policy. In particular, the present course aims at presenting some basic concepts related to cybersecurity: after a general introduction to the concept of security, it introduces the most relevant sources of vulnerabilities, targeting three different domains (organizational, technical, and human) and analyses some of the most widely adopted solution to overcome them. The course then focuses on the most relevant frameworks of laws, regulations, and standards established at National, European, and International level. From an operative point of view, attendees will then be invited to set up groups of 4-5 people and each group will have to carry on a research project work, whose topic will be freely selectable from a portfolio of proposed ones. Attendees will be asked to fill an assessment test (i.e. survey) both at the beginning and at the completion of the course. The questionnaire is guaranteed to be fully anonymous and is prepared by the CINI Cybersecurity National Laboratory (https://cybersecnatlab.it) within the project CyberReadiness.IT.
At the completion of the course, attendees: • will be aware of the very basic concepts related to security in general and to cybersecurity in particular, including several taxonomies; • will know about the main pillars of security and get a wide overview of the most significant weaknesses, vulnerabilities, and attacks in different fields and domains; • will be informed about the most significant set of laws, regulations, and standards adopted at National, European, and International level; • will experience the completion of a simple multidisciplinary research project work on a hot topic in the current cybersecurity field.
At the completion of the course, attendees: • will get knowledge of UN SDGs, understanding of the processes constituting the given global challenges (environmental costs, circular health, ecosystem services and biodiversity, technological solutions). They will acquire the basic elements of the scientific method (falsifiability, repeatability, models, science dissemination), and general knowledge of major technical elements related to the challenge Digital. • will be aware of the very basic concepts related to security in general and to cybersecurity in particular, including several taxonomies; • will know about the main pillars of security and get a wide overview of the most significant weaknesses, vulnerabilities, and attacks in different fields and domains; • will be informed about the most significant set of laws, regulations, and standards adopted at National, European, and International level; • will experience the completion of a simple multidisciplinary research project work on a hot topic in the current cybersecurity field.
None.
None.
Lectures & Syllabus The course will include 40 hours of lectures, whose syllabus is detailed in the sequel. • CS_00 – CyberReadiness Pre-course assessment test • CS_01 – Security – An Introduction ◦ Introduction ◦ Safety ◦ Security ◦ Cybersecurity ◦ Dependability • CS_02 – Cybersecurity – Definition & relevance ◦ Cybersecurity ◦ Cyberspace ◦ Threat Chain ◦ Why attacks are possible ◦ Possible fallouts ◦ Side aspects ◦ Conclusions • CS_03 – Security Pillars ◦ Basic pillars ◦ Examples of triad attacks ◦ Additional pillars • CS_04 – Cybersecurity – Vulnerabilities ◦ Weakness vs. Vulnerability ◦ Vulnerability Taxonomy • CS_06 - Security vs Safety ◦ The concept of Failure ◦ Different “perceptions” ◦ Safety vs. Security • CS_07 - Security – The role of Hardware ◦ Introduction ◦ Hardware Security ◦ Hardware-based Security ◦ Hardware Trust • CS_08 - Social Engineering – Attack Vectors ◦ Phishing ◦ Spear Phishing ◦ Whaling ◦ Vishing ◦ Via social ◦ Impersonation ◦ Do ut des ◦ Quid pro Quo ◦ Baiting ◦ Dumpster Diving ◦ Piggybacking o Shoulder Surfing ◦ Physical Access ◦ Hoaxing ◦ Fake news ◦ Fake software & Trojans • CS_09 - Social Engineering – Prevention ◦ Training and Education ◦ Cyber Hygiene ◦ Assessment Tools ◦ Continuous Education ◦ Certifications ◦ Awareness ◦ Policies ◦ Third-party support • OSInt & SocMInt • CS_10 – Ethics and legal aspects ◦ Regulatory frameworks in cybersecurity: from a technical to a legal point of view ◦ Comparative analysis on cybersecurity legal aspects ◦ Cybersecurity policies, legal and social implications ◦ The role of Ethic in cybersecurity • CS_11 – The new Italian Cybersecurity National Architecture ◦ The Italian cybersecurity National Architecture: Historical approach ◦ The National Legal and Regulatory framework on cybersecurity ◦ Italian cybersecurity governance between public and private roles ◦ The Italian public-private partnership approach on cybersecurity ◦ The new Italian Cybersecurity National Architecture: from the perimeter to the National Cybersecurity Agency • CS_12 – European Laws ◦ The European Union approach on cybersecurity ◦ The EU Cybersecurity Strategy ◦ The EU legal framework: NIS Directive, GDPR and Cybersecurity Act ◦ The EU operative approach on cybersecurity: the role of ENISA ◦ The EU standard setting approach • CS_13 – International standards ◦ Comparative analysis of relevant standards in cybersecurity ◦ The NIST Standards ◦ The National Framework on Cybersecurity and Data Protection ◦ The ISO standard ◦ The Common criteria standard ◦ The EU Standards • CS_14 – CyberReadiness Post-course assessment test.
Lectures & Syllabus The course will include 40 hours of lectures, whose syllabus is detailed in the sequel. • A first introduction to all the “Big Challenges” courses (11,5 hours) will consist of: ◦ the UN Sustainable Development Goals (SDGs) ◦ four samples of global challenges needing an integrated approach: 1) Climate Change and the definition of Anthropocene; 2) One Health (i.e.: pandemics and ecology); 3) Biodiversity crisis (Sixth Extinction model); 4) Beyond Problem Solving: global crisis and the evolution of technologies. • The specific challenge Digital will then be detailed analysing the technical elements of greatest social relevance (3 hours); the following 24 hours of lectures will be structured as follows: • CS_00 – CyberReadiness Pre-course assessment test • CS_01 – Security – An Introduction ◦ Introduction ◦ Safety ◦ Security ◦ Cybersecurity ◦ Dependability • CS_02 – Cybersecurity – Definition & relevance ◦ Cybersecurity ◦ Cyberspace ◦ Threat Chain ◦ Why attacks are possible ◦ Possible fallouts ◦ Side aspects ◦ Conclusions • CS_03 – Security Pillars ◦ Basic pillars ◦ Examples of triad attacks ◦ Additional pillars • CS_04 – Cybersecurity – Vulnerabilities ◦ Weakness vs. Vulnerability ◦ Vulnerability Taxonomy • CS_06 - Security vs Safety ◦ The concept of Failure ◦ Different “perceptions” ◦ Safety vs. Security • CS_07 - Security – The role of Hardware ◦ Introduction ◦ Hardware Security ◦ Hardware-based Security ◦ Hardware Trust • CS_08 - Social Engineering – Attack Vectors ◦ Phishing ◦ Spear Phishing ◦ Whaling ◦ Vishing ◦ Via social ◦ Impersonation ◦ Do ut des ◦ Quid pro Quo ◦ Baiting ◦ Dumpster Diving ◦ Piggybacking o Shoulder Surfing ◦ Physical Access ◦ Hoaxing ◦ Fake news ◦ Fake software & Trojans • CS_09 - Social Engineering – Prevention ◦ Training and Education ◦ Cyber Hygiene ◦ Assessment Tools ◦ Continuous Education ◦ Certifications ◦ Awareness ◦ Policies ◦ Third-party support • OSInt & SocMInt • CS_10 – Ethics and legal aspects ◦ Regulatory frameworks in cybersecurity: from a technical to a legal point of view ◦ Comparative analysis on cybersecurity legal aspects ◦ Cybersecurity policies, legal and social implications ◦ The role of Ethic in cybersecurity • CS_11 – The new Italian Cybersecurity National Architecture ◦ The Italian cybersecurity National Architecture: Historical approach ◦ The National Legal and Regulatory framework on cybersecurity ◦ Italian cybersecurity governance between public and private roles ◦ The Italian public-private partnership approach on cybersecurity ◦ The new Italian Cybersecurity National Architecture: from the perimeter to the National Cybersecurity Agency • CS_12 – European Laws ◦ The European Union approach on cybersecurity ◦ The EU Cybersecurity Strategy ◦ The EU legal framework: NIS Directive, GDPR and Cybersecurity Act ◦ The EU operative approach on cybersecurity: the role of ENISA ◦ The EU standard setting approach • CS_13 – International standards ◦ Comparative analysis of relevant standards in cybersecurity ◦ The NIST Standards ◦ The National Framework on Cybersecurity and Data Protection ◦ The ISO standard ◦ The Common criteria standard ◦ The EU Standards • CS_14 – CyberReadiness Post-course assessment test.
4 Course organization The course includes 3 main parts: • The part common to all the courses set up within the “Grandi Sfide” project • The Lectures • The Research Project work based on practical case study. 4.1 Common Part It will include 12 hours of lectures. 4.2 Lectures & Syllabus Il will include 40 hours of lectures, whose syllabus is detailed above. 4.3 Project works Attendees will then be invited to set up groups of 4-5 people and each group will have to carry on a research project work, whose topic will be freely selectable from a portfolio of proposed ones. During the development of its project, each group will be actively and effectively tutored. Each group will be asked to deliver a final project report, whose implementation and delivery details will be included in the project specifications.
4 Course organization The course includes 3 main parts: • The part common to all the courses set up within the “Grandi Sfide” project • The Lectures • The Research Project work based on practical case study. 4.1 Common Part It will include 12 hours of lectures, as detailed above. 4.2 Lectures & Syllabus Il will include 40 hours of lectures, whose syllabus is detailed above. 4.3 Project works Attendees will then be invited to set up groups of 4-5 people and each group will have to carry on a research project work, whose topic will be freely selectable from a portfolio of proposed ones. During the development of its project, each group will be actively and effectively tutored. Each group will be asked to deliver a final project report, whose implementation and delivery details will be included in the project specifications.
5 Teaching materials Attendees will be provided, via the dedicated Dropbox directory: • copies of all the slides used during the lectures; • Additional teaching materials; • Additional suggested readings. No textbook is required.
Teaching materials PIEVANI: Books: - Jared Diamond, 1997, Armi, acciaio e malattie, Einaudi, Torino, 1998 (+ nuove edizioni) - Simon L. Lewis, Mark A. Maslin, 2018, Il pianeta umano, Einaudi, Torino, 2019. Articles (available on Politecnico Library System website, https://www.biblio.polito.it/): - David Morens, Anthony Fauci, 2020, “Emerging Pandemic Diseases: How We Got to COVID-19”, in Cell, 182: 1077-1092. - Emily Elhacham, Liad Ben-Uri, Jonathan Grozovski, Yinon M. Bar-On & Ron Milo, 2020, “Global human-made mass exceeds all living biomass”, in Nature, 588: 442-444. Attendees will be provided, via the dedicated Dropbox directory: • copies of all the slides used during the lectures; • Additional teaching materials; • Additional suggested readings. No textbook is required.
Modalità di esame: Test informatizzato in laboratorio; Elaborato scritto prodotto in gruppo;
Exam: Computer lab-based test; Group essay;
Gli studenti e le studentesse con disabilità o con Disturbi Specifici di Apprendimento (DSA), oltre alla segnalazione tramite procedura informatizzata, sono invitati a comunicare anche direttamente al/la docente titolare dell'insegnamento, con un preavviso non inferiore ad una settimana dall'avvio della sessione d'esame, gli strumenti compensativi concordati con l'Unità Special Needs, al fine di permettere al/la docente la declinazione più idonea in riferimento alla specifica tipologia di esame.
Exam: Computer lab-based test; Group essay;
The final evaluation includes three contributions, one for each part of the course, and namely: • Common part (15%): • Lectures (50%): the exam will consist in answering a set of questions covering the complete syllabus and delivered as multiple choice closed answers via the Politecnico Exam platform; • Research Project report evaluation (35%).
In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.
Esporta Word


© Politecnico di Torino
Corso Duca degli Abruzzi, 24 - 10129 Torino, ITALY
Contatti