https://its-wiki.no/api.php?action=feedcontributions&user=Josef.Noll&feedformat=atomits-wiki.no - User contributions [en]2024-03-29T13:34:28ZUser contributionsMediaWiki 1.23.3https://its-wiki.no/wiki/DigI:TZ-Hackathon_Feb2020DigI:TZ-Hackathon Feb20202024-03-21T09:45:55Z<p>Josef.Noll: </p>
<hr />
<div>{{Meeting<br />
|Title=DigI Hackathon in Dar es Salaam, Feb2020<br />
|Place=MUHAS@DarEsSalaam<br />
|Date=2020/02/27<br />
|Duration=-28Feb2020<br />
|Organiser=Catherine R. Kimambo, Felix Sukums,<br />
|User=Asanali Msangi, Joseph Bishi, Catherine R. Kimambo, Addisalem Genta Gemiya, Felix Sukums, Eden Wanyimba, Rashid Ally, Felix Sukums, Matogoro Jabera, Joseph Bishi, Christine Holst, Julius Peter, Josef Noll, Peter Mmbando, Barrack Otieno, Robert Owino,<br />
|Project=DigI, BasicInternet,<br />
|Keywords=School Connectivity, Hackathon, InfoSpots,<br />
}}<br />
[[File:DigI_Hackathon_Feb2020zoom.jpg|970px|thumb|center|''DigI Hackathon Feb2020 at MUHAS'']]<br />
<br />
<br />
= Objectives = <br />
This 1,5 day hackathon will be performed to <br />
* teach on how to "test and measure" prior to installing an information spot - ''Catherine''<br />
* share information amongst the groups - ''each participant''<br />
* perform a hackathon ("how to install") - an information spot - ''Addisalem''<br />
<br />
One day: Members of the DigI Hackathon had a Panel Discussion on Approaches, Challenges, and Sustainability of Community Networks.<br />
<br />
In addition, we had a 2h [[DigI:TZ-Sustainability_SchoolConnectivity_Feb2020|Workshop and Panel with and governmental representatives]] to address sustainability in school connectivity<br />
<br />
== Main Take-away ==<br />
The Hackathon on building information spots on 27-28Feb2020 comprised community members from 5 countries, and focused on the technical understanding on establishing information spots with Internet Lite. <br />
* Given the [[DigI:Villages|'''success of village/school/health facility connectivity''']] through the DigI project, we created the ''[[BasicInternet:How_To|walk through]]'' on how to establish the Information Spots.<br />
* '''Knowledge transfer and collaboration''' between Norway and the participating countries was agreed to ensure local competence in establishing, operating and maintaining the information spots.<br />
* [[Catherine R. Kimambo|Catherine]] presented the work by [[African Child]] in '''empowering women and girls''', pointing out the need for training in addition to creating the information spots <br />
* Given the success of the first 3 information spots, [[AHERI]] in Kenya asked for establishing 1.500 sites <br />
* [[BOACSE]] has successfully connected two schools, and envisions to connect another 130 schools in the area of Mbeya in Tanzania.<br />
<br />
= Venue =<br />
The meeting will take place from Thursday 27 Feb 2020, 09:00h until Friday 28 Feb 2020 14:40h at [[MUHAS@DarEsSalaam]] in the MUHAS Harvard Room at MUHAS HD-CHPE Building, 2nd Floor.<br />
<br />
Hotel: Cate Hotel, Dange, Dar es Salaam, http://www.catehotel.co.tz/, [[Asanali Msangi]] performs the booking<br />
<br />
== Participants ==<br />
'''Registration is closed ''' <br />
<br />
{{#widget:Iframe<br />
|url=https://docs.google.com/spreadsheets/d/e/2PACX-1vTo1FhTfYG8q3OGCl9rRdPp0Tk_xdkwDbDPedJNxdIOe-pnTqCpUhVYH1J-0mKTHIgzF4RvDGssO1Xo/pubhtml?gid=417841625&amp;single=true&amp<br />
|width=700<br />
|height=300<br />
|border=0<br />
}}<br />
<br />
<!---<br />
Please register for the '''DigI Hackathon''' on how to build an information spot<br />
{{#widget:Iframe<br />
|url=https://docs.google.com/forms/d/e/1FAIpQLSc078qdvtlPxWysIcUvg0RRd_ir4a3-iQUnStgs541YXg9ylQ/viewform<br />
|width=640<br />
|height=700<br />
|border=0<br />
}} ---><br />
<br />
Invited:<br />
* MUHAS: Felix, Asanali<br />
* African Child/Basic Internet TZ: Catherine, Ben<br />
* UDESO: Eden Wanyimba<br />
* BOACSE: Rashid Ally<br />
* Ministry of Health/University of xxx: n.n. (Student of Elibariki)<br />
* Joseph Bishi (Zimbabwe)<br />
* Ethiopia: Addisalem (Univ Ambo)<br />
* Univ Dodoma: Matogoro Jabera and colleague(?)<br />
* University of Oslo/Basic Internet: Christine, Josef<br />
* Ministry of Education (Uganda): Julius Peter (tbc)<br />
* Kenya - AHERI: Barrack (tbc) <br />
* Rwanda: Benjamin Manirafasha<br />
* UCSAF: Albert Richard<br />
* Internet Society: Peter Mmbando <br />
<br />
<br />
<!--- Click to download: [[Media:DigI_Hackathon_Invitation_Letter.pdf|Invitation letter for DigI Hackathon (.pdf)]] ---><br />
<br />
= Agenda =<br />
== Thursday, 27Feb2020 ==<br />
[[File:Panel_DigI_Hackathon.jpg|650px|right|Members of the DigI Hackathon in a Panel Discussion o Approaches, Challenges, and Sustainability of Community Networks]] <br />
: 09:00 Registration<br />
: 09:30 Welcome (Felix Sukums)<br />
: 09:45 Table Round<br />
<br />
== Community Connectivity & Sustainability - Workshop & Panel ==<br />
* 10:00-12:30 [[DigI:TZ-CommunityConnectivity_Feb2020]]<br />
:: visit to read Main take-away and Recommendations<br />
<br />
:: ''12:30 - 13:15'' Lunch break<br />
<br />
== Thursday, Reporting from Community Members ==<br />
: 13:15 '''Reports/Experiences from installations and usage''' - '''15 min''' (+5 min discussion)<br />
:: ''presentation by each partner'' on challenges and best praxis in deployment<br />
: 10:10 MUHAS (Felix/Asanali) on DigI connectivity<br />
: 10:30 African Child (Catherine/Ben)<br />
:: ''10:50 Break''<br />
: 11:05 BOACSE (Rashid)<br />
: 11:25 AHERI (Barrack)<br />
: 11:45 tzCNA (Matogoro)<br />
: 13:20 Zimbabwe Community Networks (Joseph)<br />
: 13:40 Comments by IGF (Peter)<br />
:: ''13:50-14:20 Break (with ongoing discussions)''<br />
: 14:00 - 14:45 '''[[Media:202002_5G_IoT_Sustainability_Noll.pdf|Digital transformation, Internet of Things (IoT) and Industry 4.0]]''' (public lecture) <br />
: 14:45 '''[[Media:202002_BasicInternet_Infrastructure.pdf|Infrastructure for Basic Internet]]''' (Josef) 10'+5'<br />
:: Voucher platform<br />
:: Internet Lite filtering, e.g. AMP protocol<br />
:: Yeboo village server<br />
: 18:00 End of day 1<br />
<br />
: '''19:00h Dinner at Brake Point Pub, Kinondoni Rd, Dar es Salaam (tbc)'''<br />
{{Show_Presentation|+|27 Feb 2020}}<br />
<br />
== Friday 28Feb2020 ==<br />
:09:00 Summary/Open Issues from day 1<br />
:09:40 Ideas for school/education/digital health platform<br />
: open platform (open source) <br />
: partnership<br />
: National Knowledge Portal for Tanzania (Josef) - ''see .mp4 https://owncloud.basicinternet.org/index.php/s/gfyTAbyhLifvyja''<br />
:: ''10:45-10:55 Break''<br />
:10:55 How to engage communities<br />
:: content creation <br />
:: value for the society (''a valuable Internet'')<br />
::''11:45 - 12:30 lunch''<br />
: 12:30 '''Configuration of devices - Hands-on''' (<s>Addisalem Genta</s>)<br />
: <br />
<br />
:: ''''' ''Please bring your Laptop and install winbox.exe'''''''<br />
: https://vimeo.com/354375901 - Video with Wisam to show on how to connection<br />
<br />
: 13:30 Error handling - ''what happens in the field''<br />
: 14:00 '''Concluding discussions''', incl. recommendations from the meeting<br />
: 14:40 End of Hackathon - further discussions<br />
<br />
''Note: Departure to Airport 14:40h, arrival 15:15h, flight departure (Brenda, Christine, Josef) 17:55''<br />
<br />
{{Add_Presentation|28 Feb 2020}}<br />
<br />
=== Background Material===<br />
* Sustainable Business Models for Access and Content creation - <br />
https://docs.google.com/document/d/1wm5YE_XLQfJsi_aJUpPoIsRwc7k5GVl4vv_c_pUSbfw/edit?usp=sharing<br />
* National knowledge portal - https://owncloud.basicinternet.org/index.php/s/gfyTAbyhLifvyja</div>Josef.Nollhttps://its-wiki.no/wiki/File:TEK5530-Gruppearbeid-ideer.pdfFile:TEK5530-Gruppearbeid-ideer.pdf2024-03-19T11:04:13Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-19T11:03:51Z<p>Josef.Noll: /* L10-L15 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24update.pdf]] '''updated 19Mar2024'''<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10-L15 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS) - [[Media:TEK5530-L10-MobileSecurity_h24.pdf]]<br />
** [[Media:TEK5530-Gruppearbeid-ideer.pdf]] Ideer om gruppearbeid, fokus på sikkerhetsarkitetur i strømkontrolle hos en kommune<br />
** relatert til L8 (protection) og L10 slide 34 "assume zero-security infrastructure"<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 Zero-trust architecture<br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/File:TEK5530-L8_Impact-Exposure-Risk_h24update.pdfFile:TEK5530-L8 Impact-Exposure-Risk h24update.pdf2024-03-19T08:12:58Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-19T08:12:46Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24update.pdf]] '''updated 19Mar2024'''<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10-L15 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS) - [[Media:TEK5530-L10-MobileSecurity_h24.pdf]]<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 Zero-trust architecture<br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/File:TEK5530-L10-MobileSecurity_h24.pdfFile:TEK5530-L10-MobileSecurity h24.pdf2024-03-19T07:27:41Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-19T07:27:25Z<p>Josef.Noll: /* L10-L15 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10-L15 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS) - [[Media:TEK5530-L10-MobileSecurity_h24.pdf]]<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 Zero-trust architecture<br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/HSIL:Multisportuka_erfaringerHSIL:Multisportuka erfaringer2024-03-14T17:42:27Z<p>Josef.Noll: /* Checkliste Multisportuka */</p>
<hr />
<div>= Checkliste Multisportuka =<br />
{{TOCright}}<br />
August året før:<br />
* Halle, samarbeid basket - ikke lenger<br />
<br />
Uke før: 5Aug2022<br />
* Nærbakst - brød til 220 personer (Tiril)<br />
* Rema 1000 - Jørgen (bestillingsliste?) - melk, jus, saft... pålegg<br />
* T-shirts bestilling (Josef med Øivind) <br />
Status: 14Mar2024<br />
* Str 8(128) - 34<br />
* Str 10(140) - 23<br />
* Str S - 13<br />
* Str M - 33<br />
* Str L - 23<br />
<br />
<br />
Grilling (Jørgen)<br />
* 300 burger, xx pølser, <br />
* lompe, pølsebrød, hamburger brød<br />
* <br />
<br />
Inviter samarbeidspartnere<br />
* Skyting<br />
* bryting<br />
* o-rientering, løipe sykkel<br />
* kano (Apaløkka)<br />
<br />
Inviter foreldre<br />
* 1 hver dag lunsj, 1100-1300<br />
* Torsdag: sykling 0930-1400 (de som har lyst)<br />
* Torsdag: grilling 1100-1500 (2 voksne)<br />
<br />
Sponsor?<br />
[[Media:Checklist_Multisportuka_2022.pdf]]<br />
<br />
= Multisportuka 2022 = <br />
Tirill & Jørgen Lindvik er med fra Lillomarka Ski. Tirill er kontakt. Forberedelsesmøte 8Jun2022 kl 2000 i Arena<br />
<br />
* Jørgen hører med Andreas og Joar om "hvor mange instruktører trenger vi"<br />
* "Hvilken jente kan vi flytte opp til å bli med i sportslig ledelse?" @Joar<br />
*<br />
<br />
Økter: 1,5 timer er for lang for de yngste (og noen andre)<br />
* aktivitetsleder (turn, skyting, bryting) fungerer fint<br />
* kjøpe utstyr for å holde lek oppe <br />
<br />
Myr - nytt myrområdet, ikke så gjørmet<br />
<br />
* Avis Groruddalen - "takk Gudbrand"<br />
<br />
Mat til instruktører/foreldre i Arena <br />
* Brød fra Nærbakst (til 220 personer)<br />
* Rema 1000 for alt annet<br />
<br />
Samarbeidspartner<br />
* Bryting - Oslo bryteklubb (Ali, Hjalmar)<br />
* skyting, <br />
* o-løp, <br />
* Apaløkka skole (kanon, redningsvester), <br />
<br />
Sanitær<br />
* 3 toaletter i huset (instruktører) <br />
* ekstern dusj - skyll ut<br />
* 1. hjelp: jenter som hjelper jenter, gutter som hjelper gutter<br />
* utvask etter endt Multisportuka<br />
<br />
Politiattester - ber om å søke<br />
* Tirill skaffer skriv til å gå gjennom<br />
<br />
Telt fra Bydelsen<br />
* langbord for spising - benker (Bankål)<br />
<br />
= Multisportuka 2021 = <br />
{{TOCright}}<br />
Hennie og Selma som instruktører - aktiv på rulleski - '''Joar''' snakker med jentene<br />
* Liv Kvanvik stiller opp på Mandag kl 1100-1300<br />
== Ansvar Multisportuka 2021 ==<br />
* Ungene ønsker T-shirt som synlig bevis for deltagelse (''Josef: ordentlig kvalitet, ikke plast'') - '''Gudbrand''' henter inn tilbud<br />
* Alt foregår i Lillomarka arena<br />
* Mat fra instruktører/foreldre i Arena - '''Gudbrand''' fikser brød, Rema 1000, ....<br />
* drikke: '''deltager ha med drikkeflaske''', stativ med kraner,<br />
* Instruktører: Vi tar de med som er på listen - totalt 26-30 personer - '''Joar og Andreas''' ordner<br />
* '''Gudbrand''' hører med Magnus som lege under arrangement<br />
* Telt - '''Gudbrand''' hører med bydelen<br />
* Dovogn - '''Joar''' bestiller<br />
* Livredningskurs: - 1. uke i August (torsdag?) - '''Josef''' hører med Sørumsand<br />
<br />
Aktiviteter: <br />
* '''Andreas''' og '''Joar''' fikser aktivitetsplanen<br />
* '''Joar''' hører med Vidar for o-løp (onsdag), sykkelkart, fredag stafett<br />
* '''Andreas''' hører med skyting, og kjøper mer utstyr (hører med Stian)<br />
* '''Gudbrand''' fikser kano, onsdag - fredag (fra bydelen, da trenger vi ikke Kolbotn1 Speidere)<br />
* turn? tilgang til utstyr - <br />
* Bryting (to brytetrener: Hjalmar og Ali) - '''Josef fikser'''<br />
<br />
Smittevernplanen - vi kjører samme konsept som i 2020 (hvis nødvendig) - foreldreinformasjon ligger på Multisportuka.no, basert på bryting<br />
<br />
Fra ''2020'':<br />
* hva skjedde med midler fra Gjensidige Stiftelse (60 kNOK)?<br />
<br />
Alle skal ha med:<br />
* ekstra skift hver eneste dag - <br />
* Drikkeflaske merket med navn<br />
* Kombisko (ikke klassisk skisko) på onsdag - ''bare en dag?''<br />
<br />
= Erfaringer fra tidligere år = <br />
== Erfaringer Multisportuka 2020 ==<br />
* Ungene ønsker T-shirt som synlig bevis for deltagelse (''Josef: ordentlig kvalitet, ikke plast'')<br />
* <br />
* bra inndeling i grupper med eget telt: gjerne sorter etter alder (alle 2008 i et området)<br />
* utmerket med grilling - veldig bra organisert<br />
<br />
Øvelser<br />
* Klar instruks til instruktører hva de skal gjøre (ved turn, skyting, ...)<br />
* '''Sykling''': Inndeling basert på prøveløype i arena (tid?, stigning?)<br />
* Kart over gruppeplassering (for de som søker en gruppe)<br />
* '''Skyting''': begynner med 10 år? (hva gjør vi med 9-åringer?), sprer over to dager? Deltagelse fra instruktører<br />
<br />
Kommunikasjon<br />
* heng opp øvelser per gruppe man-ons<br />
* bra: høytaler ved starten<br />
*<br />
<br />
= Multisportuka 2020 =<br />
* Vi tar utgangspunkt: '''Man-Tirs''' Apaløkka - '''Ons-Fre''' Lillomarka arena<br />
* '''Gudbrand''' - Apaløkka/Ammerudskole ikke avklart - må avklares med BYM <br />
* Mat laging fra i lunsjpakker fra Linderud (cost: 10.000 NOK for 3 dager x 3-4 brødskiver x 200 deltager) - vi vurderer når vi får beskjed om Apaløkka skole<br />
* små drikkepakker - '''Gudbrand''' hører med Tine++ - '''Josef''' hører med Stian om "gratis mat/drikke"<br />
* Instruktører: Vi tar de med som er på listen - totalt 26-30 personer<br />
* Penger på konto: Josef sjekker med BLOC (som fikk inn penger for de som meldte seg på gjennom Lillomarka arena)<br />
* Pannebånd - er bestilt<br />
* '''Gudbrand''' hører med Magnus som lege under arrangement<br />
<br />
Aktiviteter: <br />
* '''Joar''' hører med Vidar for o-løp (onsdag), sykkelkart, fredag stafett<br />
* '''Andreas''' hører med skyting, og kjøper mer utstyr (hører med Stian)<br />
* '''Josef''' har fikset kano, <br />
* turn? tilgang til utstyr - eller to grupper med bryting (to brytetrener: Hjalmar og Ali)<br />
<br />
Søknader til a) Gjensidige Stiftelse (60 kNOK) og b) Grorud bydel <br />
<br />
Smittevernplanen - '''Gudbrand''' hører med bydelsleger - '''Josef''' lager utkast og foreldreinformasjon, basert på bryting<br />
<br />
Alle skal ha med:<br />
* ekstra skift hver eneste dag - <br />
* Drikkeflaske merket med navn<br />
* Kombisko (ikke klassisk skisko) på onsdag<br />
<br />
= Multisportuka 2019 = <br />
* OK - det blir Apalløkka som før. Vi får hallen i første etg. mandag og tirsdag, på onsdag hallen i 2.etasje. Har sagt at vi har oppmøte på torsdag på Apalløkka, men rydder og flytter i løpet av to. formiddag<br />
* OK - foreslår at vi rigger som vanlig søndag ettermiddag, dvs. den 11.8.<br />
* OK - jeg fikser mat via Rema som vanlig<br />
<br />
* foreslår at vi dropper t-trøyer i år men kjøper inn pannebånd med multisportuka og våre logoer. Har fått pristilbud. OK eller ? - "ikke plast" <br />
* jeg bestiller gratis brød mv. på vanlig måte for mandag-torsdag<br />
<br />
Sponsor?<br />
* bydelene<br />
* Nærbakst<br />
* ...<br />
<br />
==Aktiviteter==<br />
* Man-Ons byggetrinn 3 skal foregå i arenaen utover sommer/høst. Jeg har bedt om at man søker å unngå å stenge skytebanen de dagene vi har behov. <br />
* '''Andreas''' tar kontakt Oslo skiskyterlag - 2 dager (man-tir eller tirs-ons)<br />
<br />
* den ytre delen av rulleskiløypa regner vi med vil være intakt i hele byggeperioden. <br />
<br />
* klubbhuset med lager vil vi kunne bruke under multisport (tenker bla.på rulleski, sko osv)<br />
<br />
Torsdag: avslutning kl 17<br />
* Start og Mål i Arena - foreslår grill i arenaen når man kommer inn fra sykkeltur torsdagen<br />
<br />
* vi bør minst ha et par voksne pr dag fra kl. kl 0930 ma-ons ifbm lunsjen fram til ca 13-1330. Også hjelp på torsdag ettermiddag kunne være greit. Jeg tar kontakt internt i Lillomarka - (2 voksne)<br />
<br />
<br />
Fredag: <br />
* start fra Arena<br />
<br />
Kano - '''Josef bestiller'''<br />
* Torsdag ettermiddag og fredag<br />
<br />
Foreldrehjelp:<br />
* Doodle - fungerte ikke<br />
* '''Josef og Gudbrand''' henter foreldre (2 hver dag, torsdag: 3 x rigging, foreldre skifte slanger)<br />
<br />
* '''Andreas''' tar kontakt med Vidar om oppdatert kart<br />
<br />
* Josef - bryting?<br />
* Josef - Sverre - 5,6, eller 7Aug2019<br />
<br />
= Checkliste Multisportuka =<br />
Aug året før:<br />
* Halle, samarbeid basket<br />
<br />
Sponsor<br />
* Nærbakst, Intersport<br />
* t-shirts bestilling<br />
* <br />
<br />
* Skyting<br />
* bryting<br />
* o-rientering, løipe sykkel<br />
* kano (1kolbotn.no kanoutleie - Robert Engels)<br />
<br />
Tips for Kano:<br />
# rette opp kano etter den er veltet ved hjelp av et annen kano<br />
# fester luftballoner på hver kano, og la ungene dreper med en kvist. Siste båt med ballon vinner<br />
<br />
= Erfaringer/Tilbakemeldinger Multisportuka 2018 =<br />
* Logistikk - kjøring, utstyr<br />
<br />
Instruktører:<br />
* godt med ekstra premering <br />
* økes til 200?<br />
* 2010 yngst - rekrutering<br />
<br />
Onsdag<br />
* kort runde først for å lære (med prøveark)<br />
* raske tid<br />
<br />
Budskap<br />
* avmelding: 10 Aug (minus 100 kr administrasjonsgebyr), etter det avmelding bare:: sykemelding <br />
* jeg er innforstått at gruppeinndeling med navnet til mitt barn blir brukt på FB<br />
* gjelder trening, mye aktivitet og gjennomføre en treningsuke<br />
* [ ] jeg vil utforske sport - [ ] jeg vil trene - (kryss av hva som passer for deg)<br />
<br />
Melding<br />
* startsider for hver gruppe<br />
<br />
Foreldre påmelding:<br />
* facebook med påminnelse, flere foreldre på sykkeltur<br />
* Start og grilling - kl 12 på torsdag, 1 fra kl 10 for handling<br />
* “ta en fin sykkeltur” sammen med ungene<br />
* 2 voksne<br />
<br />
Rulleski i arena? - samkjøring: skyting og rulleski<br />
* Gudbrand har brukt flere dager med utstyr<br />
* Utstyr - logistikk - blir transportert (Josef bill - søndag og torsdag)<br />
* Tenke på?<br />
* Rekrutierung: mobil hoppbakke,<br />
<br />
= Erfaringer Multisportuka 2017 =<br />
* mye bedre konkurranse enn tidligere (mindre venting, bedre flyt). '''Informasjon var ikke godt nok i forkant, alt for mange kommet uten skift (og uten sko til veksling)'''<br />
* Nye instruktører må få bedre innstruks, planlegging skal skje tidligere (prøv å ha logistikk for hele uken klar)<br />
* Innsamling av erfaringer hver dag<br />
* eget utstyr til den øvre hallen<br />
* spør om nøkkelen for utstyrsrommet (Sportslærer Kamal?) for mandag til onsdag<br />
* ... ''har dere mer, send mail til Josef (josef@jnoll.net)<br />
<br />
= Erfaringer Multisportuka 2016 =<br />
* http://multisportuka.jnoll.net - denne siden med oppsamling av alle ideer<br />
* Multisport Admin på Facebook: https://www.facebook.com/groups/1866795836881279/<br />
* [[HSIL:Kjoreplan]] for oss som organiserer 2016<br />
* [[HSIL:InstruktorlisteMorgen]]<br />
* [[HSIL:InstruktorlisteKveld]]<br />
<br />
==Lessons learned 2016 ==<br />
Noe innspill fra foreldre:<br />
* "Tror opplegget dere hadde var veldig bra. Det kunne kanskje vært mulig å satt av en til to voksne som var litt på vakt ved oppmøtested/inngangen den første og andre dagen og fanget opp de som vegret seg for å gå inn. Det vil alltid være litt skummelt for de yngste når de møter så mange nye fjes."<br />
* "Det tok to dager før en epost ble besvart" - (hvordan kan vi ha bedre kommunikasjonsrutiner)? Det er klart at når jeg sender ut epost, så svare folk på epost. Alt A) "no reply", Alt B) post@multisportuka.no, Alt C) ....<br />
<br />
= To Do=<br />
Invitasjon<br />
* Josef til å lagre "gøy" invitasjon<br />
* Invitasjon skal deles ut: <br />
** ved skolene<br />
** ved idrettsanlegg<br />
** send til klubbene<br />
** heng ut i butikkene<br />
** send ut via bydelene<br />
** ber foreldre til å skrive ut og dele ut<br />
<br />
Hjemmeside og flyer (er flyttet til Facebook)<br />
* OK - Gudbrand til å la hjemmeside peke til Facebook (evtl. å lage en wordpress side som er enkelt å administrere)<br />
* Attach:FlyerMultisportUka_low.pdf (900 kB) Attach:FlyerMultisportUka.pdf (9 MB)<br />
<br />
Sponsorer<br />
* Flere foreldre som kan skaffe: http://doodle.com/poll/4qap3rhepkpemcwr<br />
* Josef til å sette sammen bilder til sponser<br />
* Jeg har allerede snakket med Intersport, Linderud. De skaffer trøyer. Jeg har bedt om samme pris som i fjor. Jeg bestiller ca. 150stk og med samme logo og påskrift. Jeg tar ellers opp dette med å få butikken til å stille på sykkeldagen slik som i fjor<br />
<br />
Gudbrand tar ellers ansvaret for å kontakte:<br />
* Bydel Grorud med tanke på å låne 4 ungdommer kl.1000-1330 hver dag mandag-torsdag<br />
* Nærbakst for gratis brød og boller mandag-fredag<br />
* BAMA for levering av gratis frukt<br />
* REMA 1000 på Ammerud for daglig levering av pålegg, melk osv.<br />
<br />
<br />
<br />
Andre aktiviteter<br />
* Gudbrand involvere bydelen Grorud<br />
* Gudbrand har invitert Vidar Benjaminsen til bistand slik som før<br />
* Josef involvere bydelen Stovner (via Aasmund Gylder)<br />
* Josef snakker med Truls Wagner om livredningskurs, evtl. rett før multisportuka<br />
* Josef lager en invitasjon til foreldrene<br />
** hent kano på mandag (diskutere med Jan Erik)<br />
** bruk doodle for dugnat<br />
** skriv ut invitasjon og dele med andre<br />
* Josef til å kontakte Harald (dobbelbetaling Hammer)<br />
Framtidens oppgave<br />
* Sette opp draft aktivitetsplan (Katrine, Andreas)<br />
* <br />
* sikring av kano (stålwire?) eller rulle inn i idrettshallen<br />
<br />
<br />
Dokumenter<br />
* [[HSIL:Kjoreplan]] for aktiviteter 2016<br />
* [[HSIL:InfobrevForesatte]] <br />
* [[HSIL:InstruktorlisteMorgen]]<br />
* [[HSIL:InstruktorlisteKveld]]<br />
* [[HSIL:Sykling]]<br />
<br />
!! Multisportuka 10.-14.Okt2015<br />
http://multisportuka.jnoll.net inneholder informasjon om driften<br />
<br />
* Tidspunkt: 10.-14.august (Uke 33)<br />
* Vi starter hver morgen kl. 09.00, Det blir servert lunsj mellom øktene. Aktivitetene avsluttes kl. 16.00.<br />
* Prisen pr. deltaker er kr. 1500,- som betales ved påmelding. På grunn av logistikk og instruktører er det satt et tak på 200 deltakere.<br />
* PÅMELDING: https://www.deltager.no/Multisportuka2015<br />
<br />
Spørsmål kan rettes til<br />
* Lillomarka skiklubb Høybråten og Stovner IL<br />
* Gudbrand Bakke (95872800) Jan Erik Moe (990 92 341)<br />
<br />
!!! Ukeplan<br />
* '''Andreas''' og '''Katrine''' tar ansvar for ukeplanen<br />
<br />
Mandag 10Aug2015<br />
*<br />
<br />
Tirsdag<br />
<br />
Onsdag<br />
<br />
Torsdag 0800(0900)-1830(?)<br />
* 08:00 Sykkelverksted<br />
* 09:00 Sykkeltur<br />
* Grilling?<br />
<br />
Fredag 0900-1600<br />
* <br />
<br />
===Møtenotat 14Jun2015===<br />
Deltager: Jan Erik, Gudmund, Andreas, Katrine, Morten, Josef<br />
<br />
Websiden<br />
* vi konsentrerer oss om facebook siden: https://www.facebook.com/multisportsuka, og legger en forward fra multisportuka.no<br />
* '''Gudmund''' skaffer tilgangsdata hos Domeneshop.no, slik at multisportuka.no og multisportsuka.no blir vidresendt til Facebook<br />
* '''Jan Erik''' gir adgang på Facebook til Katrine, Andreas og Josef - ''Note:'' hva gjør vi med Multisportsuka (nå) og Multisportuka (ønsket)? Sette opp nytt side hvis vi ikke kan forandre?<br />
<br />
Deltagere<br />
* Vi ønsker å satse på 150+ deltager. Dermed starter vi enda en runde med invitasjoner<br />
* Lørenskog sykkel - '''Morten'''<br />
* HSIL fotball - '''Josef'''<br />
* HSIL friidrett - '''Jan Erik'''<br />
* HSIL hovedsiden - '''Jan Erik'''<br />
* HSIL triatlon - '''Morten'''<br />
* Lillomarka Orienteering - '''Terje Blindheim''' (via Gudmund)<br />
* Østmarka Orienteering - '''Terje Blindheim''' eller '''Vidar''' (via Gudmund)<br />
* Grei/Grorud/Bjerke - '''Gudmund'''<br />
* Akers Avis - '''Gudmund'''<br />
* Rustad - '''Andreas'''<br />
* Kjelsås - '''Andreas'''<br />
* ... - ''send meg info om flere''<br />
<br />
Overnatting<br />
* trekker sikkert flere, men må forberedes bedre. Dermed blir det ikke overnatting i 2015<br />
* Alternativer er Lillomarka arena eller Høybråten gresssletta (med bruk av menighetshuset)<br />
<br />
Dugnad<br />
* 4 personer fra bydelen hjelper - '''Gudmund''' tar ansvar<br />
* '''Jan Erik''' sender invitasjonen til dugnad <br />
* ''Note:'' hvor mange personer trenger vi på de forskjellige dager<br />
<br />
Instruktørene<br />
* '''Katrine''' og '''Andreas''' inviterer<br />
<br />
Sponsorer<br />
* Bama - ''bekreftet'' (Gudmund)<br />
* Tine - ?? ('''Jan Erik'''), <br />
* Krigsskolen - ?? ('''Jan Erik''')<br />
* Rossignol - ?? - '''Gudmund'''<br />
* ASKO/Norgesgruppen - '''Jan Erik via Stian'''<br />
* Intersport Linderud - ''Sykkelverksted på torsdag kl 0800-0900'' - '''Gudmund'''<br />
<br />
Landslagsdeltager eller andre høyprofilerte idrettsutøver<br />
* '''Jan Erik''' hører med ASKO om de kan sende noen kjente<br />
<br />
Kommunikasjon og møter<br />
* vi bruker epost for oppdatering<br />
* resultater blir dokumentert på http://multisportuka.jnoll.net<br />
<br />
Regnskap<br />
* føres av Harald (Lillomarka)</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:51:08Z<p>Josef.Noll: /* Timeline v24 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10-L15 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:50:48Z<p>Josef.Noll: /* L10 - L15 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10-L15 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:50:36Z<p>Josef.Noll: /* L10 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10 - L15 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:50:12Z<p>Josef.Noll: /* Timeline v24 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
== L1-L3 ==<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:49:45Z<p>Josef.Noll: /* L10 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:49:23Z<p>Josef.Noll: /* L10 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
* 7May2024 L15 Rehearsel and questions to course<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
<!--- <br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2''' ---><br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-14T12:46:23Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
== L10 ==<br />
* 19Mar2024 L10 Key exchange and authentication in mobile systems (GSM, UMTS)<br />
<br />
* 26Mar2024 - Påskeferie<br />
<br />
* 2Apr2024 L11 <br />
<br />
* 9apr2024 L12 Gruppearbeid - (ingen forelesning)<br />
<br />
* 16apr2024 L13<br />
<br />
* 23Apr2024 L14 (conflict for Josef?)<br />
<br />
* 30Apr2024 L15 Presentation of group work<br />
<br />
<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T11:15:38Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T11:12:49Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|300px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T11:12:17Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|350px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T11:11:45Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|400px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/File:TEK5530_security_checklist.pngFile:TEK5530 security checklist.png2024-03-12T11:11:15Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T11:10:47Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
[[File:TEK5530_security_checklist.png|550px|right|thumb|''Security processes and assessment criteria'']]<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T11:06:11Z<p>Josef.Noll: /* Exam 2024 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 will be performed as an oral exam,<br />
Please '''use frameadate https://framadate.org/TEK5530-exam to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T08:26:11Z<p>Josef.Noll: /* Exam 2024 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 (alt: Tor 23May2024) will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T08:25:22Z<p>Josef.Noll: /* Exam 2024 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on Tir 21May2024 (alt: Tor 23May2024/ Tir 11Jun2024) will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-12T08:23:41Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
* 9apr2024 - Gruppearbeid - ingen forelesning<br />
<br />
* 30Apr2024 - Presentation of group work<br />
<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
Eksamen: Tir 21May2024 (alt: Tor 23May2024)<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on xxx will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-07T16:45:12Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the security classification model at the PhD of [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on xxx will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-03-07T16:44:45Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
:: read more about the model at [[Manish_Shrestha]], or register at https://light-sc.tech to gain access<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on xxx will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/Manish_ShresthaManish Shrestha2024-03-07T16:41:26Z<p>Josef.Noll: </p>
<hr />
<div>{{User<br />
|Prename=Manish<br />
|Name=Shrestha<br />
|Mobile=+47 4512 5072<br />
|Email=manish.shrestha@prosa.no<br />
|Partner=ESmart Systems, Prosa,<br />
|Headline=Security Researcher at Prosa, ex PhD researcher at eSmart Systems & UiO<br />
|Keywords=Measurable Security,<br />
}}<br />
[[File:Security_Classification.png|450px|right|thumb|''Preview of the 1-pager [[Media:SecurityClassification_1pager.pdf]]'']]<br />
<br />
PhD of Manish:[[Media:PhD_Manish_Shresta.pdf]]<br />
<br />
One pager as an introduction to Security Classification [[Media:SecurityClassification_1pager.pdf]]<br />
<br />
The work resulted in an assessment tool for measurable security. Register at https://light-sc.tech to use<br />
<br />
[[File:Manish_MeasurableSecurityPortal.png|600px|center|thumb|''Measurable Security Portal'']]</div>Josef.Nollhttps://its-wiki.no/wiki/File:Security_Classification.pngFile:Security Classification.png2024-03-07T16:40:16Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/PhD_DSO_SecurityPhD DSO Security2024-03-07T16:39:52Z<p>Josef.Noll: /* Documents */</p>
<hr />
<div>{{Project<br />
|ShortTitle=DSO_Security<br />
|Title=Measurable Security for DSO services on the Smart Grid<br />
|Project leader=Manish Shrestha<br />
|Project Participant=Manish Shrestha, Davide Roverso, Christian Johansen, Josef Noll,<br />
|StartDate=2016/07/01<br />
|Due_date=2019/06/30<br />
|Partner=NFR<br />
|Objective=During this industrial PhD, Manish will analyse the security implications when moving the control of the distribution grid into the cloud<br />
|Research_Domain=Internet - IoPTS<br />
|Keywords=Cloud security, SCADA, AMS, Smart grid,<br />
}}<br />
=Documents=<br />
[[File:Security_Classification.png|450px|right|thumb|''Preview of the 1-pager [[Media:SecurityClassification_1pager.pdf]]'']]<br />
PhD of Manish:[[Media:PhD_Manish_Shresta.pdf]]<br />
<br />
One pager as introduction to Security Classification [[Media:SecurityClassification_1pager.pdf]]<br />
<br />
Please register at https://light-sc.tech to be able to use the tool<br />
<br />
= Open Action Items =<br />
{{#ask: [[Category:ActionItem]] [[Status::Open]] [[Project::{{PAGENAME}}]]| ?Due date= | ?User= for | format=ul<br />
| intro='''Open Action Items'''&#10;<br />
}}<br />
<br />
=Meetings =<br />
<!-- Meetings --><br />
{{#ask: [[Project::{{PAGENAME}}]] [[Category:Meeting]]| ?Date=on | format=ul |sort=Date | sep=', |order=desc<br />
| limit=5<br />
| intro='''{{PAGENAME}} related Meeting(s):'''&#10;<br />
}}</div>Josef.Nollhttps://its-wiki.no/wiki/PhD_DSO_SecurityPhD DSO Security2024-03-07T16:36:22Z<p>Josef.Noll: /* Documents */</p>
<hr />
<div>{{Project<br />
|ShortTitle=DSO_Security<br />
|Title=Measurable Security for DSO services on the Smart Grid<br />
|Project leader=Manish Shrestha<br />
|Project Participant=Manish Shrestha, Davide Roverso, Christian Johansen, Josef Noll,<br />
|StartDate=2016/07/01<br />
|Due_date=2019/06/30<br />
|Partner=NFR<br />
|Objective=During this industrial PhD, Manish will analyse the security implications when moving the control of the distribution grid into the cloud<br />
|Research_Domain=Internet - IoPTS<br />
|Keywords=Cloud security, SCADA, AMS, Smart grid,<br />
}}<br />
=Documents=<br />
PhD of Manish:[[Media:PhD_Manish_Shresta.pdf]]<br />
<br />
[[Media:SecurityClassification_1pager.pdf]]<br />
<br />
= Open Action Items =<br />
{{#ask: [[Category:ActionItem]] [[Status::Open]] [[Project::{{PAGENAME}}]]| ?Due date= | ?User= for | format=ul<br />
| intro='''Open Action Items'''&#10;<br />
}}<br />
<br />
=Meetings =<br />
<!-- Meetings --><br />
{{#ask: [[Project::{{PAGENAME}}]] [[Category:Meeting]]| ?Date=on | format=ul |sort=Date | sep=', |order=desc<br />
| limit=5<br />
| intro='''{{PAGENAME}} related Meeting(s):'''&#10;<br />
}}</div>Josef.Nollhttps://its-wiki.no/wiki/File:Manish_MeasurableSecurityPortal.pngFile:Manish MeasurableSecurityPortal.png2024-03-07T16:35:25Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/Manish_ShresthaManish Shrestha2024-03-07T16:35:02Z<p>Josef.Noll: </p>
<hr />
<div>{{User<br />
|Prename=Manish<br />
|Name=Shrestha<br />
|Mobile=+47 4512 5072<br />
|Email=manish.shrestha@prosa.no<br />
|Partner=ESmart Systems, Prosa,<br />
|Headline=Security Researcher at Prosa, ex PhD researcher at eSmart Systems & UiO<br />
|Keywords=Measurable Security,<br />
}}<br />
The work resulted in an assessment tool for measurable security. Register at https://light-sc.tech to use<br />
<br />
[[File:Manish_MeasurableSecurityPortal.png|600px|center|thumb|''Measurable Security Portal'']]</div>Josef.Nollhttps://its-wiki.no/wiki/Tumaini@TaboraTumaini@Tabora2024-03-05T07:21:58Z<p>Josef.Noll: </p>
<hr />
<div>{{Place<br />
|Address=Tabora<br />
}}<br />
See Master Thesis of [[Ingvild Oftedal]] in collaboration with Engineers without Borders<br />
* https://its-wiki.no/wiki/Solar_Energy_System_for_effective_learning,_teaching_and_job_opportunities <br />
* https://www.linkedin.com/posts/josefnoll_utlysning-mentor-til-masterstudent-i-fornybare-activity-7131351205628284929-gPNq<br />
* See [[Media:202403Tumaini_OpenSchool_Install.pdf]] installation document</div>Josef.Nollhttps://its-wiki.no/wiki/File:202403Tumaini_OpenSchool_Install.pdfFile:202403Tumaini OpenSchool Install.pdf2024-03-05T07:21:44Z<p>Josef.Noll: Josef.Noll uploaded a new version of &quot;File:202403Tumaini OpenSchool Install.pdf&quot;</p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/Tumaini@TaboraTumaini@Tabora2024-03-05T07:21:28Z<p>Josef.Noll: </p>
<hr />
<div>{{Place<br />
|Address=Tabora<br />
}}<br />
See Master Thesis of [[Ingvild Oftedal]] in collaboration with Engineers without Borders<br />
* https://its-wiki.no/wiki/Solar_Energy_System_for_effective_learning,_teaching_and_job_opportunities <br />
* https://www.linkedin.com/posts/josefnoll_utlysning-mentor-til-masterstudent-i-fornybare-activity-7131351205628284929-gPNq<br />
* See [[File:202403Tumaini_OpenSchool_Install.pdf]] installation document</div>Josef.Nollhttps://its-wiki.no/wiki/Solar_Energy_System_for_effective_learning,_teaching_and_job_opportunitiesSolar Energy System for effective learning, teaching and job opportunities2024-03-02T21:04:53Z<p>Josef.Noll: </p>
<hr />
<div>{{Thesis<br />
|Titel=Solar Energy System for effective teaching and learning, and job opportunities<br />
|User=Ingvild Oftedal,<br />
|Supervisor=Josef.Noll<br />
|DueDate=2024/12<br />
|ThesisStatus=Ongoing<br />
|Objective= Master with Meaning (Master med Mening, MmM) with Engineers Without Borders (EWB) in Oslo, for Tumaini Open School in Tabora in Tanzania.<br />
|Methods=The tools and methods in this thesis are based on<br />
* A set of scenario, describing the challenges<br />
* A list of requirements being extracted from the scenarios<br />
* A description and evaluation of technologies and tools being candidates for solutions<br />
* A functional architecture/description of the envisaged system<br />
* An implementation of the core concepts<br />
* A demonstration of the solution<br />
* An evaluation of the solution, including a critical review of the descisions taken earlier<br />
* Conclusions<br />
* References<br />
|Schedule=The envisaged time schedule (for a long thesis/60 ECTS) is:<br />
:T0 0 starting month, T0+m denotes the month where the contribution to a certain chapter shalle be finalized<br />
:T0+2 months: create an initial page describing the scenario<br />
:T0+3: Provide a list of technologies which you think are necessary for the thesis<br />
:T0+4: Establish the table of content (TOC) of the envisaged thesis. Each section shall contain 3-10 keywords describing the content of that section<br />
:T0+7: Provide a draft of section 2 (scenario) and 3 (technologies)<br />
:T0+10: Establish a draft on what to implement/architecture<br />
:T0+11: Set-up an implementation, testing and evaluation plan<br />
:T0+15: Evaluate your solution based on a set of parameters, keep in mind ''there is no such thing as a free lunch''<br />
:T0+17: Deliver the thesis<br />
|Pre-Knowledge=This thesis includes a reasonable amount of programming. The envisaged thesis is based on radio communications, thus expects the user to have followed at least two radio-related courses<br />
|Approved=Pending<br />
|Keywords=School Connectivity, Renewable Energy,<br />
}}<br />
This page provides hints on what to include in your master thesis.<br />
<br />
= Purpose of visit to Tumaini Open School = <br />
<br />
What to do when arriving in TZ<br />
* get yourself a SIM card at the airport (small Vodacom shop left corner), Ezekiel: Vodacom coverag? eSIM from Vodacom?<br />
<br />
What to do at Tumaini<br />
<br />
* Install Energy Monitoring (SESA component)<br />
:: Smappee installation on Home Assistant (how to use?) - See [[Media:202403Tumaini_OpenSchool_Install.pdf]] installation document<br />
<br />
* Install InfoSpot with Energy Information (BasicInternet & SESA)<br />
: The main equipment you need to establish a Wifi InfoSpot:<br />
:: - An antenna. The antenna catches the mobile signal from the mobile radio tower and converts it to mobile internet (connects to the LNCC).<br />
:: - A router. LNCC, Local Network Control Centre. This is server to get access to the network.<br />
:: - A Raspberry Pi (RPI). This is a mini-computer preloaded with local content, providing full access even without an internet connection.<br />
:: - A SIM card with 20 GB data/month. The costs per month for the school are the costs for the mobile broadband bundle. All other costs (maintaining the equipment, new content on the server, training, etc.) are covered by BasicInternet & SESA during the installation.<br />
: Installation steps<br />
:: - Find tower (Map location): Download Network Cell info lite on Android, measure mobile network quality, and identify tower direction (>20km away).<br />
:: - Orient the antenna: Mount the antenna, raise the mast and point towards the mobile tower. <br />
:: - Connect the Antenna and the RPI to the LNCC. See: https://its-wiki.no/wiki/BasicInternet:Problems<br />
<br />
: The internet spot is ready when:<br />
:: - All the cables are connected<br />
:: - A sim card with an internet subscription is inserted<br />
:: - The equipment is connected to power<br />
:: - A voucher is added (to control who's granted site access).<br />
<br />
* Explain InfoSpot concept to local people<br />
: - see: courses on (1) Raspberry Pi, (2) Wordpress, (3) Nextcloud<br />
:: To keep the operation costs low, we use a local society server.<br />
:: To create a web page, we use the tool WordPress.<br />
:: To share files with the community, we use the tool Nextcloud.<br />
<br />
: - establish courses<br />
<br />
* Stabilise Energy through local production<br />
: - Solar cells<br />
: - Batteries<br />
: - Hybrid inverter<br />
<br />
* Teach on Energy Usage<br />
<br />
* Business opportunities related to Energy for teenage mothers<br />
<br />
Take with you to TZ:<br />
* Tablets (from Trainor)<br />
* InfoSpot (Antenna, Router (LNCC), Raspberry Pi) for Yeboo.com<br />
* Smappee Equipment (6 coils, Genius and gateway) - evtl extra Raspberry Pi<br />
<br />
What to learn on Monday<br />
* InfoSpot & description<br />
* Smappee<br />
* home assistant<br />
* contact Catherine Kimambo to ask for a Vodacom SIM card (one of the 141 schools?)<br />
* Interview med Mette(?) prior to the travel<br />
<br />
= TOC of Thesis =<br />
<br />
: 1. Introduction<br />
:: My study is being done for Tumaini Model Open School in Tabora [[Tumaini@Tabora]], a learning center that enrolls young mothers. <br />
:: Until the end of November 2021, the Tanzanian government had decided that teenage mothers could not continue their education in public schools. After many decades of this law, there is still a lot of stigma and discrimination against the young mothers within the general society and in the school system, as well as few public schools that meet the girls' needs. To help the girls complete their education faster and make it more accessible, the community-based organization Tumaini Education Initiative has since 2021 established and managed the Tumaini Open School in the Tabora region, northeast Tanzania. The organization aims to create a sustainable, inclusive and stigma-free learning center for teenage mothers. The school gives the girls a second chance by providing them with an education from "form I-IV" and vocational training that will enable them to regain their educational goals, self-esteem, self-confidence, access to higher education and a profession with the overall goal of support themselves and their babies.<br />
:: Tumaini School is strategically located in the rural village of Isukamahela, just south-east of Tabora, approximately 11 km from Tabora town. The rural outskirts of Tabora have been chosen to provide easy access to youth students from across the Tabora region and neighboring regions. The majority of students are not required to pay school fees and the project includes boarding facilities.The current size of the school is 50 students, but when completed, the organization's project will accommodate 450 teenage mothers and their young children, teachers and staff.<br />
:: Tumaini School is recommended to have a reliable power supply to ensure constant power for necessary equipment, such as lights, computers and other electronics for effective teaching and learning, and to improve the school's security at night. The school is currently two-phase connected to the central grid, but power cuts are common, especially during the rainy season. Solar panels will therefore benefit the study environment and the safety of the students. The energy systems considered are solar energy for power supply. By implementing a solar energy system, the risk of being without electricity will be reduced.<br />
:: <br />
:: The Master's thesis is created through a collaboration between the student, the supervisor at UiO, the mentor (with engineering experience) and the project manager from Engineers Without Borders (EWB) in Oslo, as well as the school in Tanzania.<br />
:: The master's thesis consists of a theoretical part and fieldwork.<br />
<br />
:: 1.1 Motivation <br />
::: My motivation is to help young mothers to complete their education and then be able to support themselves and their children.<br />
::: Education and empowerment is the key in the transition to renewable energy, not only equipment and materials.<br />
::: I want to figure out how a solar energy system and access to information can make teaching and learning more efficient, as well as create job opportunities for students at Tumaini Model Open School in Tabora and the local community.<br />
::: The goal is for the school to have a less vulnerable electrical system. A solar cell system with a battery, as well as stabilizing the electrical system to be better prepared for power outages, will provide a more stable and sufficient electricity supply for the necessary equipment (such as lights, computers, incubator for eggs, etc.)<br />
::: Free internet access to educational, informative and global content can be obtained via a cost-effective InfoSpots from the Basic Internet Foundation, UiO and African Child Projects, consisting of a directive antenna (directional antenna), a local network controller and a local server at the school. The integration of InfoSpots together with energy installations, such as solar panels in microgrids, provides both access to energy and information about energy. <br />
::: Renewable energy and access to information could enable job opportunities for farming and agribusiness (irrigation gardening, poultry farming, fish farming, human and animal feed milling and packaging, etc), handcraft (welding, carpentry and joinery, aluminum works, etc), drinking water, entrepreneurship, concrete bricks making, and other many. <br />
::: The motivation for choosing EWB's MmM is to learn about international cooperation, humanitarian work, and how technology and engineering expertise can contribute to development and opportunities. I also want to gain intercultural competence.<br />
::: The project will hopefully contribute to EWB's vision by helping to provide a sustainable and useful solution, which meets a local need and improves the living situation of individuals.<br />
<br />
:: 1.2 Methods<br />
::: - Create a project plan with tasks, time frames, resource allocation and responsible persons.<br />
::: - Make a feasibility study for what is possible with the time and funding we have, considering the country, the area, the school, needs and wishes.<br />
::: - Literature study for all relevant components, systems and solutions.<br />
::: - During the project, I will work closely with those who will own and operate the system, to ensure that the solution is adapted to their needs and that they themselves understand how it works. Surveys, interviews, observations, etc.<br />
::: - Investigate electricity consumption, consumption patterns, price level of electricity, energy costs, different levels of integration of solar energy, local energy storage, internet access, etc.<br />
::: - Find out if batteries are a bad option in terms of lifespan.<br />
::: - How to make measuring equipment for Rasberry pie, so that we can monitor power consumption.<br />
::: - Look at the possibility of establishing a 24V or 48V system.<br />
::: - How to get funds and sponsorship beyond the funds we already assume we can use. If funding is limited, I will investigate how we can stabilize the electrical system, so that the school is less affected by power outages (Brownouts and Blackouts).<br />
::: - Learn how to install an infoSpot. In collaboration with the University of Oslo (UiO), Basic Internet has established courses and instructions for the configuration, as well as the infrastructure needed to operate the InfoSpots.<br />
::: - In order to ensure local ownership of the project, the community-based organization Tumaini Education Initiative, which has established and administers the Tumaini Open school, will receive the materials and knowledge they need (training on energy, electricity, internet, etc.)<br />
::: - If the project finds funding for a solar cell system, it is planned to install a solar cell system with the possibility of expansion.<br />
::: - Learn how to stabilize the electrical system to be better prepared for power outages.<br />
<br />
: 2. Scenario (optional chapter for explaining some use cases)<br />
:: 2.1 user scenario<br />
:: 2.2 Requirements/Technological challenges<br />
<br />
: 3. State-of-the art/Analysis of technology (Describe which technologies might be used to answer the challenges, and how they can answer the challenges)<br />
:: 3.1 Solar panels<br />
:: 3.2 Batteries<br />
<br />
: 4. Implementation<br />
:: 4.1 Architecture, functionality<br />
:: 4.2<br />
<br />
: 5. Evaluation<br />
: 6. Conclusions<br />
: References<br />
<br />
= Comments =<br />
== Red line ==<br />
Your thesis should have a "red line", which is visible throughout the whole thesis. This means you should mention in the beginning of each chapter how the chapter contributes to the "goals of the thesis".<br />
<br />
== Use of scientific methods ==<br />
A thesis follows a standard method: <br />
* describe the problem (''problemstilling'')<br />
* extract the challenges. These challenges should be measurable, e.g. method is too slow to be useful to voice handover.<br />
* Analyse technology with respect to challenges. Don't write & repeat "everything" from a certain technology, concentrate on those parts (e.g. protocols) which are of importance for your problem<br />
<br />
References<br />
* Wikipedia is good to use to get an overview on what is happening. But there is not scientific verification of Wikipedia, thus you should use wikipedia only in the introduction of a chapter (if you use text from wikipedia). Use scientific literature for your thesis. <br />
* Scientific library is "at your hand", you can get there directly from UiO: [[How to get access to IEEE, Springer and other scientific literature -> Unik/UiOLibrary]]<br />
* I suggest that references to web pages, e.g. OASIS, W3C standards, are given in a footnote. Only if you find white papers or other .pdf documents on a web page then you refer to them in the reference section.<br />
<br />
== Evaluation of own work ==<br />
Perform an evaluation of your own work. Revisit the challenges and discuss in how you fulfilled them. Provide alternative solution and discuss what should be done (or what could have been done).</div>Josef.Nollhttps://its-wiki.no/wiki/Tumaini@TaboraTumaini@Tabora2024-03-02T21:04:32Z<p>Josef.Noll: </p>
<hr />
<div>{{Place<br />
|Address=Tabora<br />
}}<br />
See Master Thesis of [[Ingvild Oftedal]] in collaboration with Engineers without Borders<br />
* https://its-wiki.no/wiki/Solar_Energy_System_for_effective_learning,_teaching_and_job_opportunities <br />
* https://www.linkedin.com/posts/josefnoll_utlysning-mentor-til-masterstudent-i-fornybare-activity-7131351205628284929-gPNq<br />
* See [[Media:202403Tumaini_OpenSchool_Install.pdf]] installation document</div>Josef.Nollhttps://its-wiki.no/wiki/File:202403Tumaini_OpenSchool_Install.pdfFile:202403Tumaini OpenSchool Install.pdf2024-03-02T21:04:05Z<p>Josef.Noll: </p>
<hr />
<div></div>Josef.Nollhttps://its-wiki.no/wiki/Mikrotik_Router_GMI_02Mikrotik Router GMI 022024-03-02T21:03:51Z<p>Josef.Noll: </p>
<hr />
<div>{{Equipment<br />
|Equipment class=Router<br />
|Equipment type=Mikrotik Router<br />
|Model=RBD52G-5HacD2HnD-TC<br />
|purchase date=2022<br />
|Identifier (Mac address, IP, phone)=E01: 08:55:31:2A:03:D3 - W01: 08:55:31:2A:03:D9<br />
|DeviceIdentity=sstptanzania147<br />
|Project=BasicInternet<br />
|Place=Tumaini@Tabora<br />
|User=Ezekiel Kassanga<br />
}}<br />
TZS_147v3 was updated to support both energy monitoring (energy.yeboo.com) and energy information (yeboo.com) - 3Mar2024 Josef.Noll<br />
<br />
E02: 08:55:31:2A:03:D3 write that into the Winbox address field<br />
<br />
See [[Media:202403Tumaini_OpenSchool_Install.pdf]] installation document</div>Josef.Nollhttps://its-wiki.no/wiki/Mikrotik_Router_GMI_02Mikrotik Router GMI 022024-03-02T21:02:15Z<p>Josef.Noll: </p>
<hr />
<div>{{Equipment<br />
|Equipment class=Router<br />
|Equipment type=Mikrotik Router<br />
|Model=RBD52G-5HacD2HnD-TC<br />
|purchase date=2022<br />
|Identifier (Mac address, IP, phone)=E01: 08:55:31:2A:03:D3 - W01: 08:55:31:2A:03:D9<br />
|DeviceIdentity=sstptanzania147<br />
|Project=BasicInternet<br />
|Place=Tumaini@Tabora<br />
|User=Ezekiel Kassanga<br />
}}<br />
TZS_147v3 was updated to support both energy monitoring (energy.yeboo.com) and energy information (yeboo.com) - 3Mar2024 Josef.Noll<br />
<br />
E02: 08:55:31:2A:03:D3 write that into the Winbox address field</div>Josef.Nollhttps://its-wiki.no/wiki/BasicInternet:SolutionsBasicInternet:Solutions2024-02-29T10:39:03Z<p>Josef.Noll: /* Cost examples */</p>
<hr />
<div>{{TOCright}}<br />
= Solutions for Internet Lite =<br />
When providing Internet in areas with low availability or high costs the focus is on getting as much information as possible through a thin (or bandwidth limited link). Examples of such low availability links are satellite links, bad coverage from mobile networks or congested mobile networks. <br />
<br />
Basic Internet provides solutions which optimise the information stream such that a high amount of information can be provided. This information optimization is done in the Basic Internet Core Network or through technologies of our partners. Our infrastructure is based around a Local Information Spot, getting the Internet typically through a mobile network link, and distributing both Information from the Internet, as well as Local Content through a local Wifi Hot-Spot (see Figure 1). [[File:BasicInternet_generic.png|650px|right|thumb|''Figure 1: Basic Internet Infrastructure for optimised information provision'']]<br />
In order to have a cost effective solution, the Local Core Network and the Information spots are often integrated as one unit. <br />
<br />
Our distributed architecture opens for a quick deployment of a cost-effective Internet distribution worldwide, allowing for <br />
* A reception of a 3G/4G network even in areas with no connectivity. Our examples have proven that we connect even in places without connectivity: <br />
** [[DigI:Selela|Selela]] at the border of the Serengeti, reaching the mobile tower being about 22 km away<br />
** [https://basicinternet.org/it-only-takes-90-min-to-connect-izazi Izazi]in the Iringa district, hidden by the mountain ridge between Izazi and the mobile towers in Migoli<br />
** In both cases we put up a 6 m pole, and mounted a directive antenna, both together increasing the mobile network by about 18 dB.<br />
<br />
In areas without electricity, we can establish the [[InfoSpot]] based on a solar panel<br />
* In [[Esilalei_(TZ)]] we used a 120 W solar panel and a 50 Ah battery for providing electricity for 3 lamps, mobile charging and the power for our equipment.<br />
<br />
[[File:InfoSpot_config.png|400px|right|thumb|''[[Building InfoSpots|Tutorial: What is an InfoSpot?]]'']]<br />
[[File:InfoSpot_configuration.png|260px|right|thumb|''[[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]]'']]<br />
<br />
<!--- == Tutorials ==<br />
The following tutorials help you to understand an InfoSpot and how it is configured<br />
* [[Building InfoSpots|Tutorial: What is an InfoSpot?]]<br />
* [[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]] - ''Note: for experts at the [[Regional Competence Centre]] (RCC)''<br />
---><br />
<br />
<br />
The goal of establishing the [[InfoSpot]]:<br />
* Free configurable ''provision of educational, informational and global content''. <br/>Our aim of ''Internet Lite for All'' requires as little as 4.5 MegaByte (MB) per user and month, which is about the size of one .mp3 music file.<br />
* A ''high-bandwidth local distribution network'' supporting local collaboration and content distribution<br/>The village/society server can be preloaded with education, health or other information, with content being freely available for everyone<br />
* ''A business option for providing premium Internet''<br/>The ''freemium model'' of access promotes ''free'' access to information (text, pictures and local video), and ''premium'' access to entertainment, games and other bandwidth-demanding content. Premium access is part of the Basic Internet solution through the sales of ''vouchers''.<br />
<br />
[[File:BasicInternet_HighLevel.png|746px|center|thumb|''Figure 2: Basic Internet Infrastructure, high level overview (left) and detailed view of local core network (right)'']]<br />
In the easiest way (see Figure 2), the infrastructure consists of the local network, generating one information spot. Only three components are used: The ''Internet link reception'' of the mobile broadband signal, the ''local network control centre (LNCC)'' and the ''society server''. (see Figure 4 and Figure 3, the video https://vimeo.com/354375901)<br />
<br />
[[File:How_to_connect_BasicInternet.png|450px|centre|thumb|''Figure 3: How to connect the Basic Internet Devices - see video on https://vimeo.com/354375901'']]<br />
<br />
== Cost examples ==<br />
[[File:BasicInternet_cost_example.png|thumb|550px|right|''Figure 4: Cost overview for a Wifi network based on Mikrotik equipment - Price update Mar2024: LTE 175 $, LNCC 75 $, RPI 120 $ '']]<br />
A typical cost example (status: Okt2018) is presented in Figure 4. From left to right, it shows the reception of the Internet link (''back-bone, IP-link''), the local network control centre (LNCC), the point to multipoint antenna, and the local hot-spot. In short, the functionality is as follows: <br />
* The Internet link reception is either performed through a directive link, or through re-using the mobile 3G/4G/5G network. The link directly feeds the LNCC.<br />
** ''Internet Antenna: SXT LTE6 Kit 2023'' (SXTR&FG621-EA, https://mikrotik.com/product/sxt_lte6_2023) (previously RBSXTR&R11e-LTE)<br />
** LTE kit 2G/3G/4G/LTE High gain 17dBI CPE for very remote areas - https://mikrotik.com/product/lhg_lte_kit<br />
** 5G reception using the Multi-MIMO capabilities, Zyxel 5G NR Outdoor Router, see https://service-provider.zyxel.com/global/en/products/5g-nr4g-lte-cpe/5g-nr-cpe/odus/nr7303 <br />
<br />
* The Local Network Control Centre (LNCC) performs the filtering for the '''freemium''' access, with '''free''' access to information begin text, pictures and local information from the Society Server, and '''premium''' access to bandwidth-demanding services from the Internet. The LNCC is connected to the Society Server for access to free local content, and provides this information to the Multipoint antenna. <br/> ''LNCC: RBD52G-5HacD 2HnD-TC - see: https://mikrotik.com/product/hap_ac2''<br />
<br />
* The Society Server (Raspberry Pi, example: http://Yeboo.com or http://Yeboo.BasicInternet.org) contains information such as health, education and entrepreneurial information, being freely available for everyone in the society. - For educational purposes, we recommend setting up Moodle, see [https://moodle.org/mod/forum/discuss.php?d=364358 link to Moodle usage.]<br/>''Raspberry Pi - Model 3B+''<br />
<br />
The network can be expanded to other access points using<br />
* The Multipoint Antenna generates a 90 deg sector link coverage for any hot-spot connecting to it. <br />
* The Local Hot-Spot consists of two parts, a receiver unit with a directive antenna to communicate with the Multipoint antenna, and the local hotspot device. If the distance to the Multipoint Antenna (Village information spot) is less than 1 km, then we can omit the receive unit and work with only the local hotspot. <br />
<br />
<br />
The Basic Internet Infrastructure is modular and applicable, including<br />
<!---<br />
* [[BasicInternet:Mobile_Hotspot|Mobile Hotspot, e.g. car solution]] <br />
* [[BasicInternet:Mobile_Nerwork|Mobile Network, e.g. hot-spot]]<br />
* [[BasicInternet:Dedicated_IP|Dedicated_IP, e.g. radio or fiber]] ---><br />
* Mobile and fixed Hotspot, e.g. a car solution using a 3G/4G modem connected to a Mikrotik RB951.<br/>This solution has been used to equip hospitals and health stations in Norway since 2012.<br />
* Dedicated IP solutions, where the incoming channel is either a radio link, an existing Internet access or a fibre connection.<br/>A solution connected to a backhaul fibre is used in India to enhance the last-mile connectivity. <br />
* The solution is especially suited for connectivity within a village or on a campus, allowing all users free access within the campus, free access to information on the Internet and premium access to broadband content.<br />
<br />
===Read more on===<br />
* [[BasicInternet:Establish_InfoSpot|Steps to go for establishing an InfoSpot]]<br />
* [[BasicInternet:InfoSpot_configuration|Configuration of InfoSpots (LTE antenna, LNCC, Raspberry Pi)]]<br />
* [[BasicInternet:Problems|Problem handling after having installed the InfoSpot]]<br />
* or have a look at our [[BasicInternet:FAQ|Frequently asked Questions (FAQ)]]<br />
* specific instructions on how to configure an InfoSpot with all components [[BasicInternet:InfoSpot_configuration]]</div>Josef.Nollhttps://its-wiki.no/wiki/BasicInternet:SolutionsBasicInternet:Solutions2024-02-29T10:38:38Z<p>Josef.Noll: /* Cost examples */</p>
<hr />
<div>{{TOCright}}<br />
= Solutions for Internet Lite =<br />
When providing Internet in areas with low availability or high costs the focus is on getting as much information as possible through a thin (or bandwidth limited link). Examples of such low availability links are satellite links, bad coverage from mobile networks or congested mobile networks. <br />
<br />
Basic Internet provides solutions which optimise the information stream such that a high amount of information can be provided. This information optimization is done in the Basic Internet Core Network or through technologies of our partners. Our infrastructure is based around a Local Information Spot, getting the Internet typically through a mobile network link, and distributing both Information from the Internet, as well as Local Content through a local Wifi Hot-Spot (see Figure 1). [[File:BasicInternet_generic.png|650px|right|thumb|''Figure 1: Basic Internet Infrastructure for optimised information provision'']]<br />
In order to have a cost effective solution, the Local Core Network and the Information spots are often integrated as one unit. <br />
<br />
Our distributed architecture opens for a quick deployment of a cost-effective Internet distribution worldwide, allowing for <br />
* A reception of a 3G/4G network even in areas with no connectivity. Our examples have proven that we connect even in places without connectivity: <br />
** [[DigI:Selela|Selela]] at the border of the Serengeti, reaching the mobile tower being about 22 km away<br />
** [https://basicinternet.org/it-only-takes-90-min-to-connect-izazi Izazi]in the Iringa district, hidden by the mountain ridge between Izazi and the mobile towers in Migoli<br />
** In both cases we put up a 6 m pole, and mounted a directive antenna, both together increasing the mobile network by about 18 dB.<br />
<br />
In areas without electricity, we can establish the [[InfoSpot]] based on a solar panel<br />
* In [[Esilalei_(TZ)]] we used a 120 W solar panel and a 50 Ah battery for providing electricity for 3 lamps, mobile charging and the power for our equipment.<br />
<br />
[[File:InfoSpot_config.png|400px|right|thumb|''[[Building InfoSpots|Tutorial: What is an InfoSpot?]]'']]<br />
[[File:InfoSpot_configuration.png|260px|right|thumb|''[[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]]'']]<br />
<br />
<!--- == Tutorials ==<br />
The following tutorials help you to understand an InfoSpot and how it is configured<br />
* [[Building InfoSpots|Tutorial: What is an InfoSpot?]]<br />
* [[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]] - ''Note: for experts at the [[Regional Competence Centre]] (RCC)''<br />
---><br />
<br />
<br />
The goal of establishing the [[InfoSpot]]:<br />
* Free configurable ''provision of educational, informational and global content''. <br/>Our aim of ''Internet Lite for All'' requires as little as 4.5 MegaByte (MB) per user and month, which is about the size of one .mp3 music file.<br />
* A ''high-bandwidth local distribution network'' supporting local collaboration and content distribution<br/>The village/society server can be preloaded with education, health or other information, with content being freely available for everyone<br />
* ''A business option for providing premium Internet''<br/>The ''freemium model'' of access promotes ''free'' access to information (text, pictures and local video), and ''premium'' access to entertainment, games and other bandwidth-demanding content. Premium access is part of the Basic Internet solution through the sales of ''vouchers''.<br />
<br />
[[File:BasicInternet_HighLevel.png|746px|center|thumb|''Figure 2: Basic Internet Infrastructure, high level overview (left) and detailed view of local core network (right)'']]<br />
In the easiest way (see Figure 2), the infrastructure consists of the local network, generating one information spot. Only three components are used: The ''Internet link reception'' of the mobile broadband signal, the ''local network control centre (LNCC)'' and the ''society server''. (see Figure 4 and Figure 3, the video https://vimeo.com/354375901)<br />
<br />
[[File:How_to_connect_BasicInternet.png|450px|centre|thumb|''Figure 3: How to connect the Basic Internet Devices - see video on https://vimeo.com/354375901'']]<br />
<br />
== Cost examples ==<br />
[[File:BasicInternet_cost_example.png|thumb|550px|right|''Figure 4: Cost overview for a Wifi network based on Mikrotik equipment - Price update Mar2024: LTE 175 USD, LNCC 75 USD, RPI 120 USD '']]<br />
A typical cost example (status: Okt2018) is presented in Figure 4. From left to right, it shows the reception of the Internet link (''back-bone, IP-link''), the local network control centre (LNCC), the point to multipoint antenna, and the local hot-spot. In short, the functionality is as follows: <br />
* The Internet link reception is either performed through a directive link, or through re-using the mobile 3G/4G/5G network. The link directly feeds the LNCC.<br />
** ''Internet Antenna: SXT LTE6 Kit 2023'' (SXTR&FG621-EA, https://mikrotik.com/product/sxt_lte6_2023) (previously RBSXTR&R11e-LTE)<br />
** LTE kit 2G/3G/4G/LTE High gain 17dBI CPE for very remote areas - https://mikrotik.com/product/lhg_lte_kit<br />
** 5G reception using the Multi-MIMO capabilities, Zyxel 5G NR Outdoor Router, see https://service-provider.zyxel.com/global/en/products/5g-nr4g-lte-cpe/5g-nr-cpe/odus/nr7303 <br />
<br />
* The Local Network Control Centre (LNCC) performs the filtering for the '''freemium''' access, with '''free''' access to information begin text, pictures and local information from the Society Server, and '''premium''' access to bandwidth-demanding services from the Internet. The LNCC is connected to the Society Server for access to free local content, and provides this information to the Multipoint antenna. <br/> ''LNCC: RBD52G-5HacD 2HnD-TC - see: https://mikrotik.com/product/hap_ac2''<br />
<br />
* The Society Server (Raspberry Pi, example: http://Yeboo.com or http://Yeboo.BasicInternet.org) contains information such as health, education and entrepreneurial information, being freely available for everyone in the society. - For educational purposes, we recommend setting up Moodle, see [https://moodle.org/mod/forum/discuss.php?d=364358 link to Moodle usage.]<br/>''Raspberry Pi - Model 3B+''<br />
<br />
The network can be expanded to other access points using<br />
* The Multipoint Antenna generates a 90 deg sector link coverage for any hot-spot connecting to it. <br />
* The Local Hot-Spot consists of two parts, a receiver unit with a directive antenna to communicate with the Multipoint antenna, and the local hotspot device. If the distance to the Multipoint Antenna (Village information spot) is less than 1 km, then we can omit the receive unit and work with only the local hotspot. <br />
<br />
<br />
The Basic Internet Infrastructure is modular and applicable, including<br />
<!---<br />
* [[BasicInternet:Mobile_Hotspot|Mobile Hotspot, e.g. car solution]] <br />
* [[BasicInternet:Mobile_Nerwork|Mobile Network, e.g. hot-spot]]<br />
* [[BasicInternet:Dedicated_IP|Dedicated_IP, e.g. radio or fiber]] ---><br />
* Mobile and fixed Hotspot, e.g. a car solution using a 3G/4G modem connected to a Mikrotik RB951.<br/>This solution has been used to equip hospitals and health stations in Norway since 2012.<br />
* Dedicated IP solutions, where the incoming channel is either a radio link, an existing Internet access or a fibre connection.<br/>A solution connected to a backhaul fibre is used in India to enhance the last-mile connectivity. <br />
* The solution is especially suited for connectivity within a village or on a campus, allowing all users free access within the campus, free access to information on the Internet and premium access to broadband content.<br />
<br />
===Read more on===<br />
* [[BasicInternet:Establish_InfoSpot|Steps to go for establishing an InfoSpot]]<br />
* [[BasicInternet:InfoSpot_configuration|Configuration of InfoSpots (LTE antenna, LNCC, Raspberry Pi)]]<br />
* [[BasicInternet:Problems|Problem handling after having installed the InfoSpot]]<br />
* or have a look at our [[BasicInternet:FAQ|Frequently asked Questions (FAQ)]]<br />
* specific instructions on how to configure an InfoSpot with all components [[BasicInternet:InfoSpot_configuration]]</div>Josef.Nollhttps://its-wiki.no/wiki/BasicInternet:SolutionsBasicInternet:Solutions2024-02-29T10:37:10Z<p>Josef.Noll: /* Cost examples */</p>
<hr />
<div>{{TOCright}}<br />
= Solutions for Internet Lite =<br />
When providing Internet in areas with low availability or high costs the focus is on getting as much information as possible through a thin (or bandwidth limited link). Examples of such low availability links are satellite links, bad coverage from mobile networks or congested mobile networks. <br />
<br />
Basic Internet provides solutions which optimise the information stream such that a high amount of information can be provided. This information optimization is done in the Basic Internet Core Network or through technologies of our partners. Our infrastructure is based around a Local Information Spot, getting the Internet typically through a mobile network link, and distributing both Information from the Internet, as well as Local Content through a local Wifi Hot-Spot (see Figure 1). [[File:BasicInternet_generic.png|650px|right|thumb|''Figure 1: Basic Internet Infrastructure for optimised information provision'']]<br />
In order to have a cost effective solution, the Local Core Network and the Information spots are often integrated as one unit. <br />
<br />
Our distributed architecture opens for a quick deployment of a cost-effective Internet distribution worldwide, allowing for <br />
* A reception of a 3G/4G network even in areas with no connectivity. Our examples have proven that we connect even in places without connectivity: <br />
** [[DigI:Selela|Selela]] at the border of the Serengeti, reaching the mobile tower being about 22 km away<br />
** [https://basicinternet.org/it-only-takes-90-min-to-connect-izazi Izazi]in the Iringa district, hidden by the mountain ridge between Izazi and the mobile towers in Migoli<br />
** In both cases we put up a 6 m pole, and mounted a directive antenna, both together increasing the mobile network by about 18 dB.<br />
<br />
In areas without electricity, we can establish the [[InfoSpot]] based on a solar panel<br />
* In [[Esilalei_(TZ)]] we used a 120 W solar panel and a 50 Ah battery for providing electricity for 3 lamps, mobile charging and the power for our equipment.<br />
<br />
[[File:InfoSpot_config.png|400px|right|thumb|''[[Building InfoSpots|Tutorial: What is an InfoSpot?]]'']]<br />
[[File:InfoSpot_configuration.png|260px|right|thumb|''[[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]]'']]<br />
<br />
<!--- == Tutorials ==<br />
The following tutorials help you to understand an InfoSpot and how it is configured<br />
* [[Building InfoSpots|Tutorial: What is an InfoSpot?]]<br />
* [[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]] - ''Note: for experts at the [[Regional Competence Centre]] (RCC)''<br />
---><br />
<br />
<br />
The goal of establishing the [[InfoSpot]]:<br />
* Free configurable ''provision of educational, informational and global content''. <br/>Our aim of ''Internet Lite for All'' requires as little as 4.5 MegaByte (MB) per user and month, which is about the size of one .mp3 music file.<br />
* A ''high-bandwidth local distribution network'' supporting local collaboration and content distribution<br/>The village/society server can be preloaded with education, health or other information, with content being freely available for everyone<br />
* ''A business option for providing premium Internet''<br/>The ''freemium model'' of access promotes ''free'' access to information (text, pictures and local video), and ''premium'' access to entertainment, games and other bandwidth-demanding content. Premium access is part of the Basic Internet solution through the sales of ''vouchers''.<br />
<br />
[[File:BasicInternet_HighLevel.png|746px|center|thumb|''Figure 2: Basic Internet Infrastructure, high level overview (left) and detailed view of local core network (right)'']]<br />
In the easiest way (see Figure 2), the infrastructure consists of the local network, generating one information spot. Only three components are used: The ''Internet link reception'' of the mobile broadband signal, the ''local network control centre (LNCC)'' and the ''society server''. (see Figure 4 and Figure 3, the video https://vimeo.com/354375901)<br />
<br />
[[File:How_to_connect_BasicInternet.png|450px|centre|thumb|''Figure 3: How to connect the Basic Internet Devices - see video on https://vimeo.com/354375901'']]<br />
<br />
== Cost examples ==<br />
[[File:BasicInternet_cost_example.png|thumb|550px|right|''Figure 4: Cost overview for a Wifi network based on Mikrotik equipment'']]<br />
A typical cost example (status: Okt2018) is presented in Figure 4. From left to right, it shows the reception of the Internet link (''back-bone, IP-link''), the local network control centre (LNCC), the point to multipoint antenna, and the local hot-spot. In short, the functionality is as follows: <br />
* The Internet link reception is either performed through a directive link, or through re-using the mobile 3G/4G/5G network. The link directly feeds the LNCC.<br />
** ''Internet Antenna: SXT LTE6 Kit 2023'' (SXTR&FG621-EA, https://mikrotik.com/product/sxt_lte6_2023) (previously RBSXTR&R11e-LTE)<br />
** LTE kit 2G/3G/4G/LTE High gain 17dBI CPE for very remote areas - https://mikrotik.com/product/lhg_lte_kit<br />
** 5G reception using the Multi-MIMO capabilities, Zyxel 5G NR Outdoor Router, see https://service-provider.zyxel.com/global/en/products/5g-nr4g-lte-cpe/5g-nr-cpe/odus/nr7303 <br />
<br />
* The Local Network Control Centre (LNCC) performs the filtering for the '''freemium''' access, with '''free''' access to information begin text, pictures and local information from the Society Server, and '''premium''' access to bandwidth-demanding services from the Internet. The LNCC is connected to the Society Server for access to free local content, and provides this information to the Multipoint antenna. <br/> ''LNCC: RBD52G-5HacD 2HnD-TC - see: https://mikrotik.com/product/hap_ac2''<br />
<br />
* The Society Server (Raspberry Pi, example: http://Yeboo.com or http://Yeboo.BasicInternet.org) contains information such as health, education and entrepreneurial information, being freely available for everyone in the society. - For educational purposes, we recommend setting up Moodle, see [https://moodle.org/mod/forum/discuss.php?d=364358 link to Moodle usage.]<br/>''Raspberry Pi - Model 3B+''<br />
<br />
The network can be expanded to other access points using<br />
* The Multipoint Antenna generates a 90 deg sector link coverage for any hot-spot connecting to it. <br />
* The Local Hot-Spot consists of two parts, a receiver unit with a directive antenna to communicate with the Multipoint antenna, and the local hotspot device. If the distance to the Multipoint Antenna (Village information spot) is less than 1 km, then we can omit the receive unit and work with only the local hotspot. <br />
<br />
<br />
The Basic Internet Infrastructure is modular and applicable, including<br />
<!---<br />
* [[BasicInternet:Mobile_Hotspot|Mobile Hotspot, e.g. car solution]] <br />
* [[BasicInternet:Mobile_Nerwork|Mobile Network, e.g. hot-spot]]<br />
* [[BasicInternet:Dedicated_IP|Dedicated_IP, e.g. radio or fiber]] ---><br />
* Mobile and fixed Hotspot, e.g. a car solution using a 3G/4G modem connected to a Mikrotik RB951.<br/>This solution has been used to equip hospitals and health stations in Norway since 2012.<br />
* Dedicated IP solutions, where the incoming channel is either a radio link, an existing Internet access or a fibre connection.<br/>A solution connected to a backhaul fibre is used in India to enhance the last-mile connectivity. <br />
* The solution is especially suited for connectivity within a village or on a campus, allowing all users free access within the campus, free access to information on the Internet and premium access to broadband content.<br />
<br />
===Read more on===<br />
* [[BasicInternet:Establish_InfoSpot|Steps to go for establishing an InfoSpot]]<br />
* [[BasicInternet:InfoSpot_configuration|Configuration of InfoSpots (LTE antenna, LNCC, Raspberry Pi)]]<br />
* [[BasicInternet:Problems|Problem handling after having installed the InfoSpot]]<br />
* or have a look at our [[BasicInternet:FAQ|Frequently asked Questions (FAQ)]]<br />
* specific instructions on how to configure an InfoSpot with all components [[BasicInternet:InfoSpot_configuration]]</div>Josef.Nollhttps://its-wiki.no/wiki/BasicInternet:SolutionsBasicInternet:Solutions2024-02-29T10:36:49Z<p>Josef.Noll: /* Cost examples */</p>
<hr />
<div>{{TOCright}}<br />
= Solutions for Internet Lite =<br />
When providing Internet in areas with low availability or high costs the focus is on getting as much information as possible through a thin (or bandwidth limited link). Examples of such low availability links are satellite links, bad coverage from mobile networks or congested mobile networks. <br />
<br />
Basic Internet provides solutions which optimise the information stream such that a high amount of information can be provided. This information optimization is done in the Basic Internet Core Network or through technologies of our partners. Our infrastructure is based around a Local Information Spot, getting the Internet typically through a mobile network link, and distributing both Information from the Internet, as well as Local Content through a local Wifi Hot-Spot (see Figure 1). [[File:BasicInternet_generic.png|650px|right|thumb|''Figure 1: Basic Internet Infrastructure for optimised information provision'']]<br />
In order to have a cost effective solution, the Local Core Network and the Information spots are often integrated as one unit. <br />
<br />
Our distributed architecture opens for a quick deployment of a cost-effective Internet distribution worldwide, allowing for <br />
* A reception of a 3G/4G network even in areas with no connectivity. Our examples have proven that we connect even in places without connectivity: <br />
** [[DigI:Selela|Selela]] at the border of the Serengeti, reaching the mobile tower being about 22 km away<br />
** [https://basicinternet.org/it-only-takes-90-min-to-connect-izazi Izazi]in the Iringa district, hidden by the mountain ridge between Izazi and the mobile towers in Migoli<br />
** In both cases we put up a 6 m pole, and mounted a directive antenna, both together increasing the mobile network by about 18 dB.<br />
<br />
In areas without electricity, we can establish the [[InfoSpot]] based on a solar panel<br />
* In [[Esilalei_(TZ)]] we used a 120 W solar panel and a 50 Ah battery for providing electricity for 3 lamps, mobile charging and the power for our equipment.<br />
<br />
[[File:InfoSpot_config.png|400px|right|thumb|''[[Building InfoSpots|Tutorial: What is an InfoSpot?]]'']]<br />
[[File:InfoSpot_configuration.png|260px|right|thumb|''[[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]]'']]<br />
<br />
<!--- == Tutorials ==<br />
The following tutorials help you to understand an InfoSpot and how it is configured<br />
* [[Building InfoSpots|Tutorial: What is an InfoSpot?]]<br />
* [[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]] - ''Note: for experts at the [[Regional Competence Centre]] (RCC)''<br />
---><br />
<br />
<br />
The goal of establishing the [[InfoSpot]]:<br />
* Free configurable ''provision of educational, informational and global content''. <br/>Our aim of ''Internet Lite for All'' requires as little as 4.5 MegaByte (MB) per user and month, which is about the size of one .mp3 music file.<br />
* A ''high-bandwidth local distribution network'' supporting local collaboration and content distribution<br/>The village/society server can be preloaded with education, health or other information, with content being freely available for everyone<br />
* ''A business option for providing premium Internet''<br/>The ''freemium model'' of access promotes ''free'' access to information (text, pictures and local video), and ''premium'' access to entertainment, games and other bandwidth-demanding content. Premium access is part of the Basic Internet solution through the sales of ''vouchers''.<br />
<br />
[[File:BasicInternet_HighLevel.png|746px|center|thumb|''Figure 2: Basic Internet Infrastructure, high level overview (left) and detailed view of local core network (right)'']]<br />
In the easiest way (see Figure 2), the infrastructure consists of the local network, generating one information spot. Only three components are used: The ''Internet link reception'' of the mobile broadband signal, the ''local network control centre (LNCC)'' and the ''society server''. (see Figure 4 and Figure 3, the video https://vimeo.com/354375901)<br />
<br />
[[File:How_to_connect_BasicInternet.png|450px|centre|thumb|''Figure 3: How to connect the Basic Internet Devices - see video on https://vimeo.com/354375901'']]<br />
<br />
== Cost examples ==<br />
[[File:BasicInternet_cost_example.png|thumb|550px|right|''Figure 4: Cost overview for a Wifi network based on Mikrotik equipment'']]<br />
A typical cost example (status: Okt2018) is presented in Figure 4. From left to right, it shows the reception of the Internet link (''back-bone, IP-link''), the local network control centre (LNCC), the point to multipoint antenna, and the local hot-spot. In short, the functionality is as follows: <br />
* The Internet link reception is either performed through a directive link, or through re-using the mobile 3G/4G/5G network. The link directly feeds the LNCC.<br />
** ''Internet Antenna: SXT LTE6 Kit 2023'' (SXTR&FG621-EA, https://mikrotik.com/product/sxt_lte6_2023) (previously RBSXTR&R11e-LTE - see: https://mikrotik.com/product/sxt_lte_kit)<br />
** LTE kit 2G/3G/4G/LTE High gain 17dBI CPE for very remote areas - https://mikrotik.com/product/lhg_lte_kit<br />
** 5G reception using the Multi-MIMO capabilities, Zyxel 5G NR Outdoor Router, see https://service-provider.zyxel.com/global/en/products/5g-nr4g-lte-cpe/5g-nr-cpe/odus/nr7303 <br />
<br />
* The Local Network Control Centre (LNCC) performs the filtering for the '''freemium''' access, with '''free''' access to information begin text, pictures and local information from the Society Server, and '''premium''' access to bandwidth-demanding services from the Internet. The LNCC is connected to the Society Server for access to free local content, and provides this information to the Multipoint antenna. <br/> ''LNCC: RBD52G-5HacD 2HnD-TC - see: https://mikrotik.com/product/hap_ac2''<br />
<br />
* The Society Server (Raspberry Pi, example: http://Yeboo.com or http://Yeboo.BasicInternet.org) contains information such as health, education and entrepreneurial information, being freely available for everyone in the society. - For educational purposes, we recommend setting up Moodle, see [https://moodle.org/mod/forum/discuss.php?d=364358 link to Moodle usage.]<br/>''Raspberry Pi - Model 3B+''<br />
<br />
The network can be expanded to other access points using<br />
* The Multipoint Antenna generates a 90 deg sector link coverage for any hot-spot connecting to it. <br />
* The Local Hot-Spot consists of two parts, a receiver unit with a directive antenna to communicate with the Multipoint antenna, and the local hotspot device. If the distance to the Multipoint Antenna (Village information spot) is less than 1 km, then we can omit the receive unit and work with only the local hotspot. <br />
<br />
<br />
The Basic Internet Infrastructure is modular and applicable, including<br />
<!---<br />
* [[BasicInternet:Mobile_Hotspot|Mobile Hotspot, e.g. car solution]] <br />
* [[BasicInternet:Mobile_Nerwork|Mobile Network, e.g. hot-spot]]<br />
* [[BasicInternet:Dedicated_IP|Dedicated_IP, e.g. radio or fiber]] ---><br />
* Mobile and fixed Hotspot, e.g. a car solution using a 3G/4G modem connected to a Mikrotik RB951.<br/>This solution has been used to equip hospitals and health stations in Norway since 2012.<br />
* Dedicated IP solutions, where the incoming channel is either a radio link, an existing Internet access or a fibre connection.<br/>A solution connected to a backhaul fibre is used in India to enhance the last-mile connectivity. <br />
* The solution is especially suited for connectivity within a village or on a campus, allowing all users free access within the campus, free access to information on the Internet and premium access to broadband content.<br />
<br />
===Read more on===<br />
* [[BasicInternet:Establish_InfoSpot|Steps to go for establishing an InfoSpot]]<br />
* [[BasicInternet:InfoSpot_configuration|Configuration of InfoSpots (LTE antenna, LNCC, Raspberry Pi)]]<br />
* [[BasicInternet:Problems|Problem handling after having installed the InfoSpot]]<br />
* or have a look at our [[BasicInternet:FAQ|Frequently asked Questions (FAQ)]]<br />
* specific instructions on how to configure an InfoSpot with all components [[BasicInternet:InfoSpot_configuration]]</div>Josef.Nollhttps://its-wiki.no/wiki/BasicInternet:SolutionsBasicInternet:Solutions2024-02-29T10:36:36Z<p>Josef.Noll: /* Cost examples */</p>
<hr />
<div>{{TOCright}}<br />
= Solutions for Internet Lite =<br />
When providing Internet in areas with low availability or high costs the focus is on getting as much information as possible through a thin (or bandwidth limited link). Examples of such low availability links are satellite links, bad coverage from mobile networks or congested mobile networks. <br />
<br />
Basic Internet provides solutions which optimise the information stream such that a high amount of information can be provided. This information optimization is done in the Basic Internet Core Network or through technologies of our partners. Our infrastructure is based around a Local Information Spot, getting the Internet typically through a mobile network link, and distributing both Information from the Internet, as well as Local Content through a local Wifi Hot-Spot (see Figure 1). [[File:BasicInternet_generic.png|650px|right|thumb|''Figure 1: Basic Internet Infrastructure for optimised information provision'']]<br />
In order to have a cost effective solution, the Local Core Network and the Information spots are often integrated as one unit. <br />
<br />
Our distributed architecture opens for a quick deployment of a cost-effective Internet distribution worldwide, allowing for <br />
* A reception of a 3G/4G network even in areas with no connectivity. Our examples have proven that we connect even in places without connectivity: <br />
** [[DigI:Selela|Selela]] at the border of the Serengeti, reaching the mobile tower being about 22 km away<br />
** [https://basicinternet.org/it-only-takes-90-min-to-connect-izazi Izazi]in the Iringa district, hidden by the mountain ridge between Izazi and the mobile towers in Migoli<br />
** In both cases we put up a 6 m pole, and mounted a directive antenna, both together increasing the mobile network by about 18 dB.<br />
<br />
In areas without electricity, we can establish the [[InfoSpot]] based on a solar panel<br />
* In [[Esilalei_(TZ)]] we used a 120 W solar panel and a 50 Ah battery for providing electricity for 3 lamps, mobile charging and the power for our equipment.<br />
<br />
[[File:InfoSpot_config.png|400px|right|thumb|''[[Building InfoSpots|Tutorial: What is an InfoSpot?]]'']]<br />
[[File:InfoSpot_configuration.png|260px|right|thumb|''[[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]]'']]<br />
<br />
<!--- == Tutorials ==<br />
The following tutorials help you to understand an InfoSpot and how it is configured<br />
* [[Building InfoSpots|Tutorial: What is an InfoSpot?]]<br />
* [[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]] - ''Note: for experts at the [[Regional Competence Centre]] (RCC)''<br />
---><br />
<br />
<br />
The goal of establishing the [[InfoSpot]]:<br />
* Free configurable ''provision of educational, informational and global content''. <br/>Our aim of ''Internet Lite for All'' requires as little as 4.5 MegaByte (MB) per user and month, which is about the size of one .mp3 music file.<br />
* A ''high-bandwidth local distribution network'' supporting local collaboration and content distribution<br/>The village/society server can be preloaded with education, health or other information, with content being freely available for everyone<br />
* ''A business option for providing premium Internet''<br/>The ''freemium model'' of access promotes ''free'' access to information (text, pictures and local video), and ''premium'' access to entertainment, games and other bandwidth-demanding content. Premium access is part of the Basic Internet solution through the sales of ''vouchers''.<br />
<br />
[[File:BasicInternet_HighLevel.png|746px|center|thumb|''Figure 2: Basic Internet Infrastructure, high level overview (left) and detailed view of local core network (right)'']]<br />
In the easiest way (see Figure 2), the infrastructure consists of the local network, generating one information spot. Only three components are used: The ''Internet link reception'' of the mobile broadband signal, the ''local network control centre (LNCC)'' and the ''society server''. (see Figure 4 and Figure 3, the video https://vimeo.com/354375901)<br />
<br />
[[File:How_to_connect_BasicInternet.png|450px|centre|thumb|''Figure 3: How to connect the Basic Internet Devices - see video on https://vimeo.com/354375901'']]<br />
<br />
== Cost examples ==<br />
[[File:BasicInternet_cost_example.png|thumb|550px|right|''Figure 4: Cost overview for a Wifi network based on Mikrotik equipment'']]<br />
A typical cost example (status: Okt2018) is presented in Figure 4. From left to right, it shows the reception of the Internet link (''back-bone, IP-link''), the local network control centre (LNCC), the point to multipoint antenna, and the local hot-spot. In short, the functionality is as follows: <br />
* The Internet link reception is either performed through a directive link, or through re-using the mobile 3G/4G/5G network. The link directly feeds the LNCC.<br />
** ''Internet Antenna: SXT LTE6 Kit 2023'' (SXTR&FG621-EA, <https://mikrotik.com/product/sxt_lte6_2023>) (previously RBSXTR&R11e-LTE - see: https://mikrotik.com/product/sxt_lte_kit)<br />
** LTE kit 2G/3G/4G/LTE High gain 17dBI CPE for very remote areas - https://mikrotik.com/product/lhg_lte_kit<br />
** 5G reception using the Multi-MIMO capabilities, Zyxel 5G NR Outdoor Router, see https://service-provider.zyxel.com/global/en/products/5g-nr4g-lte-cpe/5g-nr-cpe/odus/nr7303 <br />
<br />
* The Local Network Control Centre (LNCC) performs the filtering for the '''freemium''' access, with '''free''' access to information begin text, pictures and local information from the Society Server, and '''premium''' access to bandwidth-demanding services from the Internet. The LNCC is connected to the Society Server for access to free local content, and provides this information to the Multipoint antenna. <br/> ''LNCC: RBD52G-5HacD 2HnD-TC - see: https://mikrotik.com/product/hap_ac2''<br />
<br />
* The Society Server (Raspberry Pi, example: http://Yeboo.com or http://Yeboo.BasicInternet.org) contains information such as health, education and entrepreneurial information, being freely available for everyone in the society. - For educational purposes, we recommend setting up Moodle, see [https://moodle.org/mod/forum/discuss.php?d=364358 link to Moodle usage.]<br/>''Raspberry Pi - Model 3B+''<br />
<br />
The network can be expanded to other access points using<br />
* The Multipoint Antenna generates a 90 deg sector link coverage for any hot-spot connecting to it. <br />
* The Local Hot-Spot consists of two parts, a receiver unit with a directive antenna to communicate with the Multipoint antenna, and the local hotspot device. If the distance to the Multipoint Antenna (Village information spot) is less than 1 km, then we can omit the receive unit and work with only the local hotspot. <br />
<br />
<br />
The Basic Internet Infrastructure is modular and applicable, including<br />
<!---<br />
* [[BasicInternet:Mobile_Hotspot|Mobile Hotspot, e.g. car solution]] <br />
* [[BasicInternet:Mobile_Nerwork|Mobile Network, e.g. hot-spot]]<br />
* [[BasicInternet:Dedicated_IP|Dedicated_IP, e.g. radio or fiber]] ---><br />
* Mobile and fixed Hotspot, e.g. a car solution using a 3G/4G modem connected to a Mikrotik RB951.<br/>This solution has been used to equip hospitals and health stations in Norway since 2012.<br />
* Dedicated IP solutions, where the incoming channel is either a radio link, an existing Internet access or a fibre connection.<br/>A solution connected to a backhaul fibre is used in India to enhance the last-mile connectivity. <br />
* The solution is especially suited for connectivity within a village or on a campus, allowing all users free access within the campus, free access to information on the Internet and premium access to broadband content.<br />
<br />
===Read more on===<br />
* [[BasicInternet:Establish_InfoSpot|Steps to go for establishing an InfoSpot]]<br />
* [[BasicInternet:InfoSpot_configuration|Configuration of InfoSpots (LTE antenna, LNCC, Raspberry Pi)]]<br />
* [[BasicInternet:Problems|Problem handling after having installed the InfoSpot]]<br />
* or have a look at our [[BasicInternet:FAQ|Frequently asked Questions (FAQ)]]<br />
* specific instructions on how to configure an InfoSpot with all components [[BasicInternet:InfoSpot_configuration]]</div>Josef.Nollhttps://its-wiki.no/wiki/BasicInternet:SolutionsBasicInternet:Solutions2024-02-29T10:35:04Z<p>Josef.Noll: /* Cost examples */</p>
<hr />
<div>{{TOCright}}<br />
= Solutions for Internet Lite =<br />
When providing Internet in areas with low availability or high costs the focus is on getting as much information as possible through a thin (or bandwidth limited link). Examples of such low availability links are satellite links, bad coverage from mobile networks or congested mobile networks. <br />
<br />
Basic Internet provides solutions which optimise the information stream such that a high amount of information can be provided. This information optimization is done in the Basic Internet Core Network or through technologies of our partners. Our infrastructure is based around a Local Information Spot, getting the Internet typically through a mobile network link, and distributing both Information from the Internet, as well as Local Content through a local Wifi Hot-Spot (see Figure 1). [[File:BasicInternet_generic.png|650px|right|thumb|''Figure 1: Basic Internet Infrastructure for optimised information provision'']]<br />
In order to have a cost effective solution, the Local Core Network and the Information spots are often integrated as one unit. <br />
<br />
Our distributed architecture opens for a quick deployment of a cost-effective Internet distribution worldwide, allowing for <br />
* A reception of a 3G/4G network even in areas with no connectivity. Our examples have proven that we connect even in places without connectivity: <br />
** [[DigI:Selela|Selela]] at the border of the Serengeti, reaching the mobile tower being about 22 km away<br />
** [https://basicinternet.org/it-only-takes-90-min-to-connect-izazi Izazi]in the Iringa district, hidden by the mountain ridge between Izazi and the mobile towers in Migoli<br />
** In both cases we put up a 6 m pole, and mounted a directive antenna, both together increasing the mobile network by about 18 dB.<br />
<br />
In areas without electricity, we can establish the [[InfoSpot]] based on a solar panel<br />
* In [[Esilalei_(TZ)]] we used a 120 W solar panel and a 50 Ah battery for providing electricity for 3 lamps, mobile charging and the power for our equipment.<br />
<br />
[[File:InfoSpot_config.png|400px|right|thumb|''[[Building InfoSpots|Tutorial: What is an InfoSpot?]]'']]<br />
[[File:InfoSpot_configuration.png|260px|right|thumb|''[[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]]'']]<br />
<br />
<!--- == Tutorials ==<br />
The following tutorials help you to understand an InfoSpot and how it is configured<br />
* [[Building InfoSpots|Tutorial: What is an InfoSpot?]]<br />
* [[InfoSpot Configuration|Tutorial: How to configure an InfoSpot]] - ''Note: for experts at the [[Regional Competence Centre]] (RCC)''<br />
---><br />
<br />
<br />
The goal of establishing the [[InfoSpot]]:<br />
* Free configurable ''provision of educational, informational and global content''. <br/>Our aim of ''Internet Lite for All'' requires as little as 4.5 MegaByte (MB) per user and month, which is about the size of one .mp3 music file.<br />
* A ''high-bandwidth local distribution network'' supporting local collaboration and content distribution<br/>The village/society server can be preloaded with education, health or other information, with content being freely available for everyone<br />
* ''A business option for providing premium Internet''<br/>The ''freemium model'' of access promotes ''free'' access to information (text, pictures and local video), and ''premium'' access to entertainment, games and other bandwidth-demanding content. Premium access is part of the Basic Internet solution through the sales of ''vouchers''.<br />
<br />
[[File:BasicInternet_HighLevel.png|746px|center|thumb|''Figure 2: Basic Internet Infrastructure, high level overview (left) and detailed view of local core network (right)'']]<br />
In the easiest way (see Figure 2), the infrastructure consists of the local network, generating one information spot. Only three components are used: The ''Internet link reception'' of the mobile broadband signal, the ''local network control centre (LNCC)'' and the ''society server''. (see Figure 4 and Figure 3, the video https://vimeo.com/354375901)<br />
<br />
[[File:How_to_connect_BasicInternet.png|450px|centre|thumb|''Figure 3: How to connect the Basic Internet Devices - see video on https://vimeo.com/354375901'']]<br />
<br />
== Cost examples ==<br />
[[File:BasicInternet_cost_example.png|thumb|550px|right|''Figure 4: Cost overview for a Wifi network based on Mikrotik equipment'']]<br />
A typical cost example (status: Okt2018) is presented in Figure 4. From left to right, it shows the reception of the Internet link (''back-bone, IP-link''), the local network control centre (LNCC), the point to multipoint antenna, and the local hot-spot. In short, the functionality is as follows: <br />
* The Internet link reception is either performed through a directive link, or through re-using the mobile 3G/4G/5G network. The link directly feeds the LNCC.<br />
** ''Internet Antenna: SXT LTE6 Kit 2023 [SXTR&FG621-EA] (previously RBSXTR&R11e-LTE - see: https://mikrotik.com/product/sxt_lte_kit)''<br />
** LTE kit 2G/3G/4G/LTE High gain 17dBI CPE for very remote areas - https://mikrotik.com/product/lhg_lte_kit<br />
** 5G reception using the Multi-MIMO capabilities, Zyxel 5G NR Outdoor Router, see https://service-provider.zyxel.com/global/en/products/5g-nr4g-lte-cpe/5g-nr-cpe/odus/nr7303 <br />
<br />
* The Local Network Control Centre (LNCC) performs the filtering for the '''freemium''' access, with '''free''' access to information begin text, pictures and local information from the Society Server, and '''premium''' access to bandwidth-demanding services from the Internet. The LNCC is connected to the Society Server for access to free local content, and provides this information to the Multipoint antenna. <br/> ''LNCC: RBD52G-5HacD 2HnD-TC - see: https://mikrotik.com/product/hap_ac2''<br />
<br />
* The Society Server (Raspberry Pi, example: http://Yeboo.com or http://Yeboo.BasicInternet.org) contains information such as health, education and entrepreneurial information, being freely available for everyone in the society. - For educational purposes, we recommend setting up Moodle, see [https://moodle.org/mod/forum/discuss.php?d=364358 link to Moodle usage.]<br/>''Raspberry Pi - Model 3B+''<br />
<br />
The network can be expanded to other access points using<br />
* The Multipoint Antenna generates a 90 deg sector link coverage for any hot-spot connecting to it. <br />
* The Local Hot-Spot consists of two parts, a receiver unit with a directive antenna to communicate with the Multipoint antenna, and the local hotspot device. If the distance to the Multipoint Antenna (Village information spot) is less than 1 km, then we can omit the receive unit and work with only the local hotspot. <br />
<br />
<br />
The Basic Internet Infrastructure is modular and applicable, including<br />
<!---<br />
* [[BasicInternet:Mobile_Hotspot|Mobile Hotspot, e.g. car solution]] <br />
* [[BasicInternet:Mobile_Nerwork|Mobile Network, e.g. hot-spot]]<br />
* [[BasicInternet:Dedicated_IP|Dedicated_IP, e.g. radio or fiber]] ---><br />
* Mobile and fixed Hotspot, e.g. a car solution using a 3G/4G modem connected to a Mikrotik RB951.<br/>This solution has been used to equip hospitals and health stations in Norway since 2012.<br />
* Dedicated IP solutions, where the incoming channel is either a radio link, an existing Internet access or a fibre connection.<br/>A solution connected to a backhaul fibre is used in India to enhance the last-mile connectivity. <br />
* The solution is especially suited for connectivity within a village or on a campus, allowing all users free access within the campus, free access to information on the Internet and premium access to broadband content.<br />
<br />
===Read more on===<br />
* [[BasicInternet:Establish_InfoSpot|Steps to go for establishing an InfoSpot]]<br />
* [[BasicInternet:InfoSpot_configuration|Configuration of InfoSpots (LTE antenna, LNCC, Raspberry Pi)]]<br />
* [[BasicInternet:Problems|Problem handling after having installed the InfoSpot]]<br />
* or have a look at our [[BasicInternet:FAQ|Frequently asked Questions (FAQ)]]<br />
* specific instructions on how to configure an InfoSpot with all components [[BasicInternet:InfoSpot_configuration]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-02-27T09:58:58Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
New lecture: key exchange (GSM, UMTS)<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on xxx will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/TEK5530TEK55302024-02-27T08:08:18Z<p>Josef.Noll: /* L7-L9 */</p>
<hr />
<div>{{Course<br />
|Title=Measurable Security for the Internet of Things<br />
|Abstract=The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.<br />
|News=Lectures on Tuesdays 09:15-12:00 starting from . The course is given physical at ITS, meeting room 308<br />
|Lecturer=Josef Noll<br />
|Organisation=UiO<br />
|Keywords=Security, Network Security, Sensor Security, Sensor networks, Energy monitoring, Energy, Resillient Energy Networks,<br />
|Objective=After completing the course you will be able to:<br />
* Describe application-driven security and establish challenges of sensor-driven systems<br />
* Provide industrial examples, e.g. Smart Grid and automatic meter readings<br />
* Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)<br />
* Establish application-driven security goals as well as the semantics of your system<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyse application goal versus system security and suggest improvements<br />
|ResearchArea=Security<br />
|Type of course=Master<br />
|TitleNO=Målbart sikkerhet for tingenes internett<br />
|NewsDE=Messbare Sicherheit für das Internet der Dinge<br />
|NewsES=Clases todos los Viernes 0900-1200h, comenzando el 22 de Enero del 2016. El curso se imparte en UNIK (Aula 308b), con comunicación por video al aula Scheme@Ifi.UiO.no (1251)<br />
}}<br />
{{TOCright}}<br />
<br />
=Info-2024=<br />
We will start with a 3h lecture on 16Jan2024 0915-1200h in a hybrid form: Gunnar Randers vei 19 (Bus from Ole Johan Dals hus (Ifi) leaves at 08:25, see https://www.mn.uio.no/its/om/finn-fram/busstider.html) and http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139<br />
<br />
The first lecture will present some of the security challenges and the topics of the course, being the basis for a discussion on interests in measurable security (e.g. energy systems, home automation, autonomous operations,....)<br />
<br />
During the first lecture we'll also discuss during the first day the set-up of the course.<br />
<br />
== Timeline v24 ==<br />
Zoom: http://zoom.jnoll.net or https://uio.zoom.us/j/2313898139 <br />
<br />
<!--- {{Large|TEK5530 is performed as project work in spring 2023}} ---><br />
* 16Jan L1 Intro, topics, organization (Josef) [[Media:TEK5530-L1_v24.pdf]]<br />
** Industrial tools for security assessment, see https://expertinsights.com/insights/the-top-10-iot-securitytools/<br />
* 23Jan L2 Internet of Things [[Media:TEK5530-L2_v24.pdf]]<br />
** IoT security functionality: https://its-wiki.no/wiki/IoTSec:Smart_Meter_Connectivity<br />
** Master/PhD AI assessment of Exposure & Impact IoT automation infrastructure (language processing)<br />
<br />
* 30Jan L3 Security in the Internet of Things [[Media:TEK5530-L3_v24.pdf]]<br />
** Paper selection from [[TEK5530/List_of_papers]] <br />
** Theme: "Measurable Security for the Internet of Things"<br />
** Discussion on Group Work<br />
** select a paper and send info on "which paper" to Josef<br />
<br />
== L4-L6 ==<br />
<br />
* 6Feb2024 L4 Security Semantics [[Media:TEK5530-L4-SecuritySemantics_h24.pdf]]<br />
** group work ideas<br />
<br />
* 13Feb2024 L5 Paper presentations, see [[TEK5530/List of papers]] & Intro Multi-Metrics Method [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
<br />
* 20Feb2024 L6 Group work ideas Please prepare the scenario description for your home scenario, with<br />
: a) a description of applications in the home (e.g. web browsing, home control, office applications, communications, ...), and<br />
: b) establish the security and privacy (s,p) requirements for your application<br />
<br />
== L7-L9 ==<br />
<br />
* 27Feb2024 L7 Paper presentation (remaining papers) and "Walk through" Multi-Metrics, [[Media:TEK5530-L7_WalkThrough_h24.pdf]] & remaining slides [[Media:TEK5530-L6_MultiMetrics_h24.pdf]]<br />
<br />
* 5Mar2024 L8 Impact/Exposure Risk Matrix assessment [[Media:TEK5530-L8_Impact-Exposure-Risk_h24.pdf]]<br />
<br />
* 12Mar2024 L9 Applicability of Impact/Exposure Risk Matrix and Multi-Metrics [[Media:TEK5530-L9_Applicability_h24.pdf]]<br />
<br />
Discussion on further lectures, group work & exam<br />
<br />
Contact and info<br />
* http://Canvas.uio.no or the http://its-wiki.no/wiki/TEK5530<br />
<br />
'''Note: Please remind us to take Zoom video recording.''' <br/><br />
''Upload: https://kursopplasting.uio.no/?emne=TEK5530&semesterId=24v&terminNr=2'''<br />
<br />
<!--- Video recording will be available at https://www.uio.no/studier/emner/matnat/its/TEK5530/v23/forelesningsvideoer/ ---><br />
<br />
<br />
------<br />
<br />
== Papers & Group work ==<br />
* '''[[TEK5530/List of papers|TEK5530 - List of papers]]''', [[Search_for_literature|Guide on how to search for Literature]]<br />
* '''[[TEK5530/Group_work|TEK5530 - Ideas for group work]]''' including own assessment<br />
<br />
== Exam 2024 ==<br />
'''Exam on xxx will be performed as an oral exam,<br />
Please '''use frameadate to select your time slot ''' (tbc)<br />
* <br />
<br />
As discussed, the exam will consist of 3 parts:<br />
* Part 1: Present your group-work (8 min) - ''assessment of Security Classes for IoT'' or ''Applying Multi-metrics Method'' or ''risk assessment of 5G maritime communications" to be delivered latest by xxx<br />
* Part 2: Questions to group work (7 min)<br />
* Part 3: Random questions from the lectures (10 min). '''[[TEK5530/List_of_Questions]]''' (''you will pick 3-5 questions'')<br />
<br />
[[Media:Sensorveiledning_Assessor_Guidance_TEK5530.pdf|Sensorveiledning - Assessor Guidance - TEK5530 (.pdf)]]<br />
<br />
=Course info and lectures in previous years =<br />
* [[TEK5530_Lectures_in_earlier_years]]<br />
<br />
Course info<br />
* This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.<br />
* The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.<br />
* We'll have video streaming: mms://lux.unik.no/401<br />
* Evaluation is based on a presentation of topics and the implementation of your scenario.<br />
<br />
<br />
* Group work<br />
Please see the description from 2016: '''[[UNIK4750 Group Work|TEK5530 presentation of your Group Work - (suggestions and criteria)]]'''<br />
I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.<br />
<br />
Examples:<br />
* AMS<br />
* Smart home, home automation<br />
* Implications of GDPR on a specific IoT system<br />
* GDPR on medical IoT<br />
* smart car, vehicle-to-vehicle communication, autopilot<br />
* train control from timetables on tablet to predicting power consumption to order power supply for next month<br />
* ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise<br />
and so on. <br />
A good delivery from 2018: [[Media:good_example_group_work.pdf]]<br />
<br />
It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.<br />
<br />
{{TOCright}}<br />
<br />
<br />
= Introduction into Internet of Things (IoT) =<br />
This first part will provide the introduction into the Internet of Things (''Lecture 1 - 2''), with industrial examples<br />
* Smart Grid and automatic meter system (AMS)<br />
* Smart Homes with sensors<br />
* Autonomous cars<br />
* Cloud technologies<br />
<br />
The part will further address potential security threats (''L3''), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented. <br />
<br />
[[File:SmartGrid_future.png|550px]]<br />
<br />
The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in ''L4'' to address the security and privacy challenges.<br />
<br />
The final part of this first block is addressed through lectures ''L5'' and ''L6'', and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - ''can somebody see from my meter reading if I'm at home'' - towards technology parameters like ''how often are values read and published''. <br />
<br />
== Machine-readable Descriptions ==<br />
The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies. <br />
* Establish system description examples of systems,<br />
* Describing Security and Security Functionality in a semantic way<br />
<br />
[[File:IoT_Security_and_Privacy_Functionality.png|900px|Security, privacy and dependability functionality (Orig:Owncloud)]]<br/><br />
<br />
[[File:Operations_Security.png|900px]]<br />
<br />
[[File:Dev_Maint_Audit_Security.png|900px]]<br />
<br />
see all [[IoTSec:Security_and_Privacy_Functionality|SPF.IoTSec.no]]<br />
<br />
== Application-driven security goals ==<br />
This block will develop the security goals resulting from applications.<br />
* From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms<br />
* From the functional requirements, select the security and privacy relations<br />
* Establish application-driven security goals as well as the semantics of your system<br />
<br />
== Perform Multi-Metrics Analysis ==<br />
This last block will analyse industrial examples based on the multi-metrics analysis.<br />
* Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security<br />
* Analyze application goal versus system security and suggest improvements<br />
<br />
[[Category:TEK5530]]</div>Josef.Nollhttps://its-wiki.no/wiki/File:TEK5530-L8_Impact-Exposure-Risk_h24.pdfFile:TEK5530-L8 Impact-Exposure-Risk h24.pdf2024-02-27T08:07:48Z<p>Josef.Noll: Josef.Noll uploaded a new version of &quot;File:TEK5530-L8 Impact-Exposure-Risk h24.pdf&quot;</p>
<hr />
<div></div>Josef.Noll