UNIK4750 - Measurable Security for the Internet of Things

From its-wiki.no

Jump to: navigation, search

UNIK4750 - Measurable Security for the Internet of Things


UNIK4750
News Lectures on Thursdays 0900-1600h, starting from 19Jan2017. The course is given at ITS (UNIK), Room 401. This year we go with double lectures, so the course will finish early in the semester. Who can not attend on the afternoon sessions, are offered personal contact hours every second week.
Organisation UiO
by György Kálmán
UNIK4750.png
Keywords


Abstract The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.
Objective (max 350 words) After completing the course you will be able to:
  • Describe application-driven security and establish challenges of sensor-driven systems
  • Provide industrial examples, e.g. Smart Grid and automatic meter readings
  • Establish application-driven security goals as well as the semantics of your system
  • Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security
  • Analyse application goal versus system security and suggest improvements
Keywords Security, Network Security, Sensor Security, Sensor networks
Research Area(s) Security
Type of course Master

Edit the page by Special:FormEdit/Course/UNIK4750.


To add new lectures, use: Add a lecture

Info - 2017

  • This course is a combined masters and Phd course (UNIK9750), in 2017 all the lectures will be presented by Gyorgy Kalman.
  • The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is still available.
  • We'll have video streaming: mms://lux.unik.no/401
  • Evaluation is based on a presentation of topics and the implementation of your scenario.

Lectures in UNIK4750 - 2017

19Jan - L1: Introduction - Handouts Media:UNIK4750-L1-Introduction-2017.pdf

26Jan - L2: Internet of Things - Handouts Media:UNIK4750-L2-Internet_of_Things-2017.pdf

02Feb - L3: Security of the Internet of Things - Handouts Media:UNIK4750-L3_Security in the Internet of Things - 2017.pdf

09Feb - L4: Smart Grid, Automatic Meter Readings (AMR) - Handouts Media:UNIK4750-L4-Automatic_Meter_Readings-2017_examples.pdf

09Feb - L5: Service implications on functional requirements - Handouts Media:UNIK4750-L5-Service_Implications-2017.pdf

16Feb - L6: Technology Mapping - Handouts Media:UNIK4750-L6-Technology_mapping-2017.pdf

16Feb - L7: Security Semantics - Handouts Media:UNIK4750-L7-Security_semantics-2017.pdf

23Feb - Vinterferie

02March - L8-9 Paper presentations 1

09March - L10-11 Paper presentations 2

16March - L12: Multi-Metrics method for measurable security - Handouts Media:UNIK4750-L12_Multi-Metrics.pdf

16March - L13: System Security and Privacy analysis - Handouts Media:UNIK4750-L13_System_Security_Privacy.pdf

23March - L14: Weighting in Multi-Metrics Method Media:UNIK4750-L11_Weighting_AMR.pdf - Lecture Notes L11

23March - L15: Real-world examples (Guest lecture by Mohammad Chowdhury) - Media:UNIK4750-Guest-Lecture_ABB_Chowdhury.pdf

30March - no lecture

06April - L16: Group work presentation

06April - L17: wrap-up, Media:UNIK4750-L17 Wrap Up.pdf Media:Questions_UNIK4750_2017_students.pdf

13April - Easter holiday

20April - Exam

  • Group work

Please see the description from 2016: UNIK4750 presentation of your Group Work - (suggestions and criteria) For this year, I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. Examples:

  • AMS
  • Smart home, home automation
  • smart car, vehicle-to-vehicle communication, autopilot
  • train control from timetables on tablet to predicting power consumption to order power supply for next month
  • ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise

and so on. A good (A) delivery from last year: Media:good_example_group_work.pdf


It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.


Security, privacy and dependability functionality
read more IoTSec:Security_and_Privacy_Functionality

Introduction into Internet of Things (IoT)

This first part will provide the introduction into the Internet of Things (Lecture 1 - 2), with industrial examples

  • Smart Grid and automatic meter system (AMS)
  • Smart Homes with sensors
  • Autonomous cars
  • Cloud technologies

The part will further address potential security threats (L3), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented.

SmartGrid future.png

The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in L4 to address the security and privacy challenges.

The final part of this first block is addressed through lectures L5 and L6, and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - can somebody see from my meter reading if I'm at home - towards technology parameters like how often are values read and published.

Machine-readable Descriptions

The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies.

  • Establish system description examples of systems,
  • Describing Security and Security Functionality in a semantic way

Application-driven security goals

This block will develop the security goals resulting from applications.

  • From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms
  • From the functional requirements, select the security and privacy relations
  • Establish application-driven security goals as well as the semantics of your system

Perform Multi-Metrics Analysis

This last block will analyse industrial examples based on the multi-metrics analysis.

  • Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security
  • Analyze application goal versus system security and suggest improvements


Info - 2016

  • This course is a Master course. Please visit UNIK9750 for the PhD version of the course.
  • The course takes place on Thursdays, 0900-1200h at UNIK. A video communication is available to Ifi, Room Scheme@Ifi.UiO.no (room 1251), see check: Video_conference
  • We'll have video streaming: mms://lux.unik.no/401
  • Evaluation is based on a presentation of topics and the implementation of your scenario.

Lectures in UNIK4750 - 2016

21Jan - L1: Introduction G,J - Handouts Media:UNIK4750-L1-Introduction.pdf

28Jan - L2: Internet of Things J - Handouts Media:UNIK4750-L2-Internet_of_Things.pdf

4Feb - L3: Security in IoT G - Paper selection - Handouts Media:UNIK4750-L3-Security_IoT.pdf

11Feb - L4: Smart Grid, Automatic Meter Readings (AMR) G - Handouts Media:UNIK4750-L4-Automatic_Meter_Readings.pdf

18Feb - L5: Service implications on functional requirements G,(J) - Handouts Media:UNIK4750-L5-Service_Implications.pdf

3Mar - L6: Technology mapping G,(J) - Handouts Media:UNIK4750-L6-Technology_mapping.pdf,

10Mar - L7: UNIK4750 Paper analysis with 15-20 min presentation, evaluation criteria

17Mar - L8: Security Semantics J - Handouts Media:UNIK4750-L8-Security_Semantics.pdf

31Mar - L9: Logical binding - industrial example J, Guest lecturer: Mushfiq Chowdhury - Handouts: Media:UNIK4750-L9-handouts.pdf

7Apr - L10: Multi-Metrics Method for measurable Security J - Handouts Media:UNIK4750-L10-Multi-Metrics.pdf,

14Apr - L11: Multi-Metrics Weighting of an AMR sub-system J - Handouts L11 Media:UNIK4750-L11-AMR-weight.pdf

21Apr - L12: System Security and Privacy analysis J - Handouts L12 Media:UNIK4750-L12-Security-Privacy_classes.pdf

28Apr - L13: Intrusion-detection in industrial environments - G - Handouts L13 Media:UNIK4750-L13-Intrusion_detection.pdf

12May - L14: Real world examples - IoTSec infrastructure J - - Handouts L14 Media:UNIK4750-L14-IoTSec_infrastructure.pdf

19May - L15: Real world IoT service evaluation; UNIK4750 presentation of your Group Work - (suggestions and criteria)


26May - time for exam preparation (no lecture)

Thursday 2Jun or Wednesday 8Jun - Exam G,J

Introduction into Internet of Things (IoT)

This first part will provide the introduction into the Internet of Things (Lecture 1 - L2), with industrial examples

  • Smart Grid and automatic meter system (AMS)
  • Smart Homes with sensors
  • Wireless System upgrade of cars

The part will further address potential security threats (L3), here given for the future smart grid.

SmartGrid future.png

When the future Smart Grid consists of Prosumers (Consumers, who might also be Producers) with different energy sources, the grid will become more unstable. We will use an example of an automatic meter reading (AMR) and -system (AMS) in L4 to address the security and privacy challenges.

The final part of this first block is addressed through lectures L5 and L6, and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - can somebody see from my meter reading if I'm at home - towards technology parameters like how often are values read and published.

Machine-readable Descriptions

The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies.

  • Establish system description examples of systems,
  • Describing Security and Security Functionality in a semantic way

Application-driven security goals

This block will develop the security goals resulting from applications.

  • From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms
  • From the functional requirements, select the security and privacy relations
  • Establish application-driven security goals as well as the semantics of your system

Perform Multi-Metrics Analysis

This last block will analyse industrial examples based on the multi-metrics analysis.

  • Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security
  • Analyze application goal versus system security and suggest improvements

Lecture overview with keywords

this section is automatically filled in based on the information on this MediaWiki