Having successfully completed the course, the participant will: • Get familiar with the most significant aspects of security of Embedded Systems (ES), mainly in the fields of: o System Security o Secure Programming o Hardware Security • For each field, get familiar with its main o Vulnerabilities o Attacks o Countermeasures; • Get familiar with some of the most famous security-oriented architectures, with built-in safety and security features, nowadays common in advanced processors; • Get familiar with the basic concepts of Design-for-Security of: o System Architecture o Software o Hardware; • Get significant hands-on experiences with the open-source security-oriented platform SEcube™.

Participants are assumed to be familiar with the basic concepts of: • C, C++ programing Languages • Assembly programing Languages • Computer Architectures • Digital System Design.

• Introduction to Cybersecurity and Cybersecurity for Embedded Systems [4.5 h] o Concepts of Vulnerability and Attack:  Hardware  Software  System Architecture • Basics of Cryptography [4.5 h] o Public and Private Key Encryption Algorithms o Cryptographic Hashes • Introduction to software security [1.5 h] o Concept of malicious execution: malwares and Arbitrary Code Execution (ACE) • System Security [7.5 h] o Concepts of OS Security o Memory Management and Protection o Hardware-based security features  Protection Rings  Trusted Execution Environments (TEE)  Roots of Trust  Proprietary solutions (e.g., ARM TrustZone®, Cisco® Trust Anchor, SEcube™, …) • Secure Coding [7.5 h] o Common weaknesses and vulnerabilities  Memory Vulnerabilities  Structured Output Generation Vulnerabilities  Race Condition Vulnerabilities  API Vulnerabilities  Information Leak Vulnerabilities • Hardware Security [10.5 h] o Hardware Vulnerabilities and Attacks Taxonomy o Side-channel Attacks o Fault Attacks o Test-infrastructure-based Attacks o Invasive Attacks o Hardware Trojans o True Random Number Generators (TRNG) o Physically Unclonable Functions (PUF) o Concept of Hardware Security Modules (HSM)  Secure Elements & Smart Cards • Cybersecurity Governance and Standards [3 h] • Presentations of some relevant case studies from industrial testimonials and researchers [6 h]

• The course includes: o Lectures o Hands-on laboratory sessions o Final project development • Students are clustered into groups of 2 or 3 people o The group composition is proposed by the students; o Each group will be rented a development kit for the SEcube™ platform; • Each group is requested to deliver, for each Lab and for the final Project: o The produced source code; o Proper technical report on the produced code.

• Copies of the teaching materials used for the lectures; • User and programming manuals of the open-source security-oriented platform SEcube™; • All the above material will be freely downloadable from the Course home page on the “Portale della Didattica”.

Exam: Compulsory oral exam; Group essay;

The final evaluation is divided into three parts:  Oral exam, 20 mins on the course theory: up to 16 points  Laboratories: up to 7 points o 1 point max for the 1st Lab o 2 points max for the 2nd Lab o 2 points max for the 3rd Lab o 2 points max for the 4th Lab  Final project: up to 10 points Deliver of laboratories and final project is mandatory to pass the exam. Since these activities are organized in groups, the evaluation is common for all the members of the group. If a student does not succeed in passing the exam, he/she can ask to keep the evaluation of the Laboratories and of the Final Project.

In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.