Servizi per la didattica
PORTALE DELLA DIDATTICA

Cybersecurity for Embedded Systems

01UDNOV

A.A. 2019/20

Course Language

Inglese

Course degree

Master of science-level of the Bologna process in Ingegneria Informatica (Computer Engineering) - Torino

Course structure
Teaching Hours
Lezioni 30
Esercitazioni in aula 30
Teachers
Teacher Status SSD h.Les h.Ex h.Lab h.Tut Years teaching
Prinetto Paolo Ernesto Professore Ordinario ING-INF/05 30 16 0 0 4
Teaching assistant
Espandi

Context
SSD CFU Activities Area context
ING-INF/05 6 C - Affini o integrative Attività formative affini o integrative
2019/20
The course is taught in English and it aims at presenting the most significant aspects of security of Embedded Systems (ES), Cyber Physical Systems (CPS), and Internet of Things (IoT) devices. The most widely used security-oriented architectures are then introduced, with a particular emphasis on the open-source security-oriented platform SEcube™, via significant hands-on experiences. Security-by-Design basic concepts are eventually provided. The course is going to be enriched with presentations of relevant case studies from industrial testimonials and researchers.
The course is taught in English and it aims at presenting the most significant aspects of security of Embedded Systems (ES), presenting both hardware and software security issues related to embedded devices and possible mitigations and remediations. The course is divided in a theoretical part made of frontal lectures and some laboratories focused on programming security-oriented platforms, with a particular emphasis on the open-source security-oriented platform SEcube™, via significant hands-on experiences. The work of the course will be completed with a final project, where students will be invited to choose among different examples of hardware or software security projects and to develop them. The course is going to be enriched with presentations of relevant case studies from industrial testimonials and researchers.
Having successfully completed the course, the participant will: • Getting familiar with the most significant aspects of security of Embedded Systems (ES), Cyber Physical Systems (CPS), and Internet of Things (IoT) devices, including: -- Vulnerabilities -- Attacks -- Countermeasures; • Getting familiar with the most widely used security-oriented architectures, including built-in safety and security hardware features available in today advanced processors; • Getting familiar with the basic concepts of Security-by-Design of: -- Hardware -- Software -- Communication protocol -- System Architecture; • Getting significant hands-on experiences with the open-source security-oriented platform SEcube™.
Having successfully completed the course, the participant will: • Get familiar with the most significant aspects of security of Embedded Systems (ES), mainly in the fields of: o System Security o Secure Programming o Hardware Security • For each field, get familiar with its main o Vulnerabilities o Attacks o Countermeasures; • Get familiar with some of the most famous security-oriented architectures, with built-in safety and security features, nowadays common in advanced processors; • Get familiar with the basic concepts of Design-for-Security of: o System Architecture o Software o Hardware; • Get significant hands-on experiences with the open-source security-oriented platform SEcube™.
Participants are assumed to be familiar with the basic concepts of: • C, C++ programing Languages • Assembly programing Languages • Computer Architectures • Digital System Design.
Participants are assumed to be familiar with the basic concepts of: • C, C++ programing Languages • Assembly programing Languages • Computer Architectures • Digital System Design.
• Introduction to Cybersecurity (0.3 CFU) • Security of Embedded Systems (ES), Cyber Physical Systems (CPS), and Internet of Things (IoT) devices, including (0.6 CFU): -- Vulnerabilities and Attacks: °° Hardware °° Software °° Communication Protocols °° System Architecture -- Countermeasures; • Security-oriented architectures, including: (0.3 CFU) -- Proprietary solutions (e.g., ARM TrustZone®, Cisco® Trust Anchor, SEcube™, …) -- Built-in safety/security hardware features available in today advanced processors; • Security-by-Design of: (0.6 CFU) -- Hardware, including Physically Unclonable Functions (PUFs) -- Software, including software design rules for ES’s -- Communication protocols -- System Architectures; • The open-source security-oriented platform SEcube™ (0.3 CFU): -- Hardware Architecture -- Open-source software stack; • Hands-on experiences with the open-source security-oriented platform SEcube™ (3 CFU); • Presentations of some relevant case studies from industrial testimonials and researchers (0.9 CFU).
• Introduction to Cybersecurity and Cybersecurity for Embedded Systems [4.5 h] o Concepts of Vulnerability and Attack:  Hardware  Software  System Architecture • Basics of Cryptography [4.5 h] o Public and Private Key Encryption Algorithms o Cryptographic Hashes • Introduction to software security [1.5 h] o Concept of malicious execution: malwares and Arbitrary Code Execution (ACE) • System Security [7.5 h] o Concepts of OS Security o Memory Management and Protection o Hardware-based security features  Protection Rings  Trusted Execution Environments (TEE)  Roots of Trust  Proprietary solutions (e.g., ARM TrustZone®, Cisco® Trust Anchor, SEcube™, …) • Secure Coding [7.5 h] o Common weaknesses and vulnerabilities  Memory Vulnerabilities  Structured Output Generation Vulnerabilities  Race Condition Vulnerabilities  API Vulnerabilities  Information Leak Vulnerabilities • Hardware Security [10.5 h] o Hardware Vulnerabilities and Attacks Taxonomy o Side-channel Attacks o Fault Attacks o Test-infrastructure-based Attacks o Invasive Attacks o Hardware Trojans o True Random Number Generators (TRNG) o Physically Unclonable Functions (PUF) o Concept of Hardware Security Modules (HSM)  Secure Elements & Smart Cards • Cybersecurity Governance and Standards [3 h] • Presentations of some relevant case studies from industrial testimonials and researchers [6 h]
• The course includes: -- Lectures -- Hands-on sessions -- Team activities aimed at developing SEcube™ based solutions for CPS’s or ES’s • Students are clustered into groups of 2 or 3 people, supervised by a mentor: -- The group composition is proposed by the students; -- The mentor offers advice, monitors progress, and marks reports; it is not her/his job to give technical advice, nor to lead or manage the group; -- Identification of roles inside each group, as well as their allocation, is up to the group members; -- Each group will be rented a development kit for the SEcube™ platform; • Each group is requested to deliver: -- A technical oral presentation -- Proper technical report(s) on the developed item/product.
• The course includes: o Lectures o Hands-on laboratory sessions o Final project development • Students are clustered into groups of 2 or 3 people o The group composition is proposed by the students; o Each group will be rented a development kit for the SEcube™ platform; • Each group is requested to deliver, for each Lab and for the final Project: o The produced source code; o Proper technical report on the produced code.
• Copies of the teaching materials used for the lectures and the presentations; • User and programming manuals of the open-source security-oriented platform SEcube™; • All the above material will be freely downloadable from the Course home page on the Politecnico Teaching Portal.
• Copies of the teaching materials used for the lectures; • User and programming manuals of the open-source security-oriented platform SEcube™; • All the above material will be freely downloadable from the Course home page on the “Portale della Didattica”.
Modalità di esame: Prova orale obbligatoria; Elaborato scritto prodotto in gruppo;
Exam: Compulsory oral exam; Group essay;
The course exam will consist in: • final assessment of the delivered item/product provide by each group (70% of the overall evaluation) • oral exam with questions on the topics covered in the course (30% of the overall evaluation).
Gli studenti e le studentesse con disabilità o con Disturbi Specifici di Apprendimento (DSA), oltre alla segnalazione tramite procedura informatizzata, sono invitati a comunicare anche direttamente al/la docente titolare dell'insegnamento, con un preavviso non inferiore ad una settimana dall'avvio della sessione d'esame, gli strumenti compensativi concordati con l'Unità Special Needs, al fine di permettere al/la docente la declinazione più idonea in riferimento alla specifica tipologia di esame.
Exam: Compulsory oral exam; Group essay;
The final evaluation is divided into three parts:  Oral exam, 20 mins on the course theory: up to 16 points  Laboratories: up to 7 points o 1 point max for the 1st Lab o 2 points max for the 2nd Lab o 2 points max for the 3rd Lab o 2 points max for the 4th Lab  Final project: up to 10 points Deliver of laboratories and final project is mandatory to pass the exam. Since these activities are organized in groups, the evaluation is common for all the members of the group. If a student does not succeed in passing the exam, he/she can ask to keep the evaluation of the Laboratories and of the Final Project.
In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.
Esporta Word


© Politecnico di Torino
Corso Duca degli Abruzzi, 24 - 10129 Torino, ITALY
Contatti