Difference between revisions of "TEK5530"

From its-wiki.no
Jump to: navigation, search
m (Josef.Noll moved page UNIK4750 to TEK5530)
(Info - 2019)
Line 22: Line 22:
  
 
=Info - 2019=
 
=Info - 2019=
 +
* The lecture on 14th of February will be at IFI, Kristen Nygaards sal, 5370
 
* Course code has changed to TEK5530, the course is still offered for both master and phd students.
 
* Course code has changed to TEK5530, the course is still offered for both master and phd students.
 
* Because of the low number of students taking the course this year, they are offered with personal study plan composed from:
 
* Because of the low number of students taking the course this year, they are offered with personal study plan composed from:

Revision as of 18:36, 13 February 2019

TEK5530 - Measurable Security for the Internet of Things


TEK5530
News Lectures on Thursdays 0900-1600h, starting from . The course is given at ITS (UNIK), Room 401.
Organisation UiO
by György Kálmán
Course.png
Keywords


Abstract The course provides a methodology for measurable security, privacy, and dependability of industrial systems. Based on e.g. a smart grid example we will establish and develop the methodology to perform a multi-metrics analysis from components to sub-systems to systems. The course will allow you to compare security-related application goals with the results from the system analysis.
Objective (max 350 words) After completing the course you will be able to:
  • Describe application-driven security and establish challenges of sensor-driven systems
  • Provide industrial examples, e.g. Smart Grid and automatic meter readings
  • Have an overview of security features and continuous compliance in Amazon Web Services (cloud security)
  • Establish application-driven security goals as well as the semantics of your system
  • Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security
  • Analyse application goal versus system security and suggest improvements
Keywords Security, Network Security, Sensor Security, Sensor networks
Research Area(s) Security
Type of course Master

Upload TEK5530.png to see a course picture instead of the banner picture. Edit the page by Special:FormEdit/Course/TEK5530.


To add new lectures, use: Add a lecture

Info - 2019

  • The lecture on 14th of February will be at IFI, Kristen Nygaards sal, 5370
  • Course code has changed to TEK5530, the course is still offered for both master and phd students.
  • Because of the low number of students taking the course this year, they are offered with personal study plan composed from:
    • Self study in a defined challenge
    • the paper presentation as usual
    • and an exam.
  • The timeline is set to be ready with the lectures before easter and have the exam before or after easter.
  • TEK5530/List of papers - 2019, Guide on how to search for Literature
  • TEK5530/Report ideas - 2019

Schedule for 2019:

  • 14.02
    • L6: Technology mapping
    • L9: Implementing critical security controls in industry
  • 21.02 --- Winter holiday
    • «homework» see recording of
    • L7: Practical implementation of ontologies
  • 28.02
    • L8: Paper analysis with 25 min presentation
    • L10: System Security and Privacy analysis
  • 07.03
    • L13: Communication and security in current industrial automation
    • L14: Cloud basics and cloud architecture
  • 14.03 Lecture to be held by Josef Noll, location ITS, Kjeller.
    • L11: Multi-Metrics Method for measurable Security
    • L12: Multi-Metrics Weighting of an AMR sub-system
  • 21.03
    • L15: Cloud security, IoT and service examples from AWS
    • L16: Cloud monitoring, automation and incident response
  • 28.03
    • L18: Selected recent topics from IoT security
    • L19: Wrap-up of the course
  • 04.04 ---- No lecture, prepare for exam, consultation possibility
  • 11.04 ---- No lecture, prepare for exam, consultation possibility or Exam (depending on what we agree on)
  • 18.04 ---- Easter holiday, no lecture
  • 25.04 ---- Exam (depending on decision about exam on the 11th)

Lectures in TEK5530 - 2019

17Jan - L1: Introduction - Handouts Media:TEK5530 - L1 Introduction.pdf

24Jan - L2: Internet of Things - Handouts Media:TEK5530 - L2 IoT.pdf

31Jan - L3: Security in the Internet of Things Media:TEK5530 - L3 IoTsec.pdf

07Feb- L4: Smart Grid and AMS Media:TEK5530 - L4 smart_grid_ams.pdf and L5: Service Implications on Functional Requirements Media:TEK5530 - L5 service_implications.pdf

Video recordings (2018, valid for 2019):

L1: Introduction

L2: Internet of Things

L3: Security of the Internet of Things

L4: Smart grid and Automatic Meter Readings

L5: Service Implications on Functional Requirements

L6: Technology Mapping

Info - 2018

  • This course is a combined masters and Phd course (UNIK9750), in 2018 all the lectures will be presented by Gyorgy Kalman.
  • The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is available. Double lectures allows us to have the exam early in the semester so that the students can focus on their other duties in the exam period. A recording of all lectures will be provided and in addition personal follow-up is offered for students, who cannot attend some of the lectures.
  • We'll have video streaming: mms://lux.unik.no/401
  • Evaluation is based on a presentation of topics and the implementation of your scenario.


  • Group work

Please see the description from 2016: UNIK4750 presentation of your Group Work - (suggestions and criteria) For this year, I recommend you to form 4 (3-5) person groups. I'm open for any suggestion in selecting the IT infrastructure you would like to analyse. There are not that many groups this year, so you are allowed to use longer time for your presentation.

Examples:

  • AMS
  • Smart home, home automation
  • Implications of GDPR on a specific IoT system
  • GDPR on medical IoT
  • smart car, vehicle-to-vehicle communication, autopilot
  • train control from timetables on tablet to predicting power consumption to order power supply for next month
  • ship control, from predictive maintenance to offering cloud storage for pictures taken on the cruise

and so on. A good (A) delivery from last year: Media:good_example_group_work.pdf

It should be composed from several "traditional" IT systems interconnected with some communication solution with one end being quite far from the other one. This is to enable you to decompose it to systems of systems relatively easily. Again, no single right answer, I would like to see your way of thinking.

Lectures in UNIK4750 - 2018

18Jan - L1: Introduction - Handouts Media:UNIK4750-L1_Introduction 2018-01-18.pdf

25Jan - L2: Internet of Things - Handouts Media:UNIK4750-L2-Internet_of_Things-2018.pdf

25Jan - L3: Security of the Internet of Things - Handouts Media:UNIK4750-L3_Security in the Internet of Things - 2018.pdf

01Feb - No lecture because of sickness

08Feb - L4: Smart grid and Automatic Meter Readings - Handouts Media:UNIK4750-L4_Smart Grid and AMS - 2018.pdf

08Feb - L5: Service Implications on Functional Requirements - Handouts Media:UNIK4750-L5_Service implications on functional requirements - 2018.pdf

15Feb - L6: Technology Mapping - Handouts Media:UNIK4750-L6_Technology_mapping_2018.pdf

15Feb - L7: Security semantics - Handouts Media:UNIK4750-L7_security_semantics_2018.pdf

8Mar - L10: Multi-Metrics method for measurable security and privacy- Handouts Media:UNIK4750-L10_Multi-Metrics.pdf, including discussion of privacy scenarios

15Mar - L13 Guest lecture by Mohammad Chowdhury from ABB, Media:Securing_Industrial_Automation_and_Control_Systems.pdf

L14 - System Security and Privacy Media:L14_System_security_privacy.pdf

22Mar - L17 Intrusion Detection Systems and Cloud Security Media:L17_IDS_and_Cloud.pdf

L18 - Wrap-up Media:L18_Wrap_up.pdf

Exam questions (minor update from 2017): Media:Questions_UNIK4750_2018_students.pdf




Security, privacy and dependability functionality
read more IoTSec:Security_and_Privacy_Functionality

Introduction into Internet of Things (IoT)

This first part will provide the introduction into the Internet of Things (Lecture 1 - 2), with industrial examples

  • Smart Grid and automatic meter system (AMS)
  • Smart Homes with sensors
  • Autonomous cars
  • Cloud technologies

The part will further address potential security threats (L3), through the example of the smart grid. The challenges related to attack surface, legal aspects and relation to office IT security will be presented.

SmartGrid future.png

The distributed nature of the future (smart) electric grid has its operational, financial, technological and social aspects. In the course we will try to cover all the aspects, with focus on the technological - more precisely: on the communication and security challenges. We expect from the operational viewpont the grid to get more unstable if no compensatory action is done to be the counterweight of renewables and consumers becoming dual role consumer/producers. We will use an example of an automatic meter reading (AMR) and -system (AMS) in L4 to address the security and privacy challenges.

The final part of this first block is addressed through lectures L5 and L6, and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - can somebody see from my meter reading if I'm at home - towards technology parameters like how often are values read and published.

Machine-readable Descriptions

The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies.

  • Establish system description examples of systems,
  • Describing Security and Security Functionality in a semantic way

Application-driven security goals

This block will develop the security goals resulting from applications.

  • From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms
  • From the functional requirements, select the security and privacy relations
  • Establish application-driven security goals as well as the semantics of your system

Perform Multi-Metrics Analysis

This last block will analyse industrial examples based on the multi-metrics analysis.

  • Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security
  • Analyze application goal versus system security and suggest improvements

Info - 2017

  • This course is a combined masters and Phd course (UNIK9750), in 2017 all the lectures will be presented by Gyorgy Kalman.
  • The course takes place on Thursdays, 0900-1600ish at ITS (UNIK) in Kjeller. This year double lectures will be given, so that we are using the day efficiently, and everybody is requested to take the tour to Kjeller. Video conferencing is still available.
  • We'll have video streaming: mms://lux.unik.no/401
  • Evaluation is based on a presentation of topics and the implementation of your scenario.

Lectures in UNIK4750 - 2017

19Jan - L1: Introduction - Handouts Media:UNIK4750-L1-Introduction-2017.pdf

26Jan - L2: Internet of Things - Handouts Media:UNIK4750-L2-Internet_of_Things-2017.pdf

02Feb - L3: Security of the Internet of Things - Handouts Media:UNIK4750-L3_Security in the Internet of Things - 2017.pdf

09Feb - L4: Smart Grid, Automatic Meter Readings (AMR) - Handouts Media:UNIK4750-L4-Automatic_Meter_Readings-2017_examples.pdf

09Feb - L5: Service implications on functional requirements - Handouts Media:UNIK4750-L5-Service_Implications-2017.pdf

16Feb - L6: Technology Mapping - Handouts Media:UNIK4750-L6-Technology_mapping-2017.pdf

16Feb - L7: Security Semantics - Handouts Media:UNIK4750-L7-Security_semantics-2017.pdf

23Feb - Vinterferie

02March - L8-9 Paper presentations 1

09March - L10-11 Paper presentations 2

16March - L12: Multi-Metrics method for measurable security - Handouts Media:UNIK4750-L12_Multi-Metrics.pdf

16March - L13: System Security and Privacy analysis - Handouts Media:UNIK4750-L13_System_Security_Privacy.pdf

23March - L14: Weighting in Multi-Metrics Method Media:UNIK4750-L11_Weighting_AMR.pdf - Lecture Notes L11

23March - L15: Real-world examples (Guest lecture by Mohammad Chowdhury) - Media:UNIK4750-Guest-Lecture_ABB_Chowdhury.pdf

30March - no lecture

06April - L16: Group work presentation

06April - L17: wrap-up, Media:UNIK4750-L17 Wrap Up.pdf Media:Questions_UNIK4750_2017_students.pdf

13April - Easter holiday

20April - Exam


Info - 2016

  • This course is a Master course. Please visit UNIK9750 for the PhD version of the course.
  • The course takes place on Thursdays, 0900-1200h at UNIK. A video communication is available to Ifi, Room Scheme@Ifi.UiO.no (room 1251), see check: Video_conference
  • We'll have video streaming: mms://lux.unik.no/401
  • Evaluation is based on a presentation of topics and the implementation of your scenario.

Lectures in UNIK4750 - 2016

21Jan - L1: Introduction G,J - Handouts Media:UNIK4750-L1-Introduction.pdf

28Jan - L2: Internet of Things J - Handouts Media:UNIK4750-L2-Internet_of_Things.pdf

4Feb - L3: Security in IoT G - Paper selection - Handouts Media:UNIK4750-L3-Security_IoT.pdf

11Feb - L4: Smart Grid, Automatic Meter Readings (AMR) G - Handouts Media:UNIK4750-L4-Automatic_Meter_Readings.pdf

18Feb - L5: Service implications on functional requirements G,(J) - Handouts Media:UNIK4750-L5-Service_Implications.pdf

3Mar - L6: Technology mapping G,(J) - Handouts Media:UNIK4750-L6-Technology_mapping.pdf,

10Mar - L7: UNIK4750 Paper analysis with 15-20 min presentation, evaluation criteria

17Mar - L8: Security Semantics J - Handouts Media:UNIK4750-L8-Security_Semantics.pdf

31Mar - L9: Logical binding - industrial example J, Guest lecturer: Mushfiq Chowdhury - Handouts: Media:UNIK4750-L9-handouts.pdf

7Apr - L10: Multi-Metrics Method for measurable Security J - Handouts Media:UNIK4750-L10-Multi-Metrics.pdf,

14Apr - L11: Multi-Metrics Weighting of an AMR sub-system J - Handouts L11 Media:UNIK4750-L11-AMR-weight.pdf

21Apr - L12: System Security and Privacy analysis J - Handouts L12 Media:UNIK4750-L12-Security-Privacy_classes.pdf

28Apr - L13: Intrusion-detection in industrial environments - G - Handouts L13 Media:UNIK4750-L13-Intrusion_detection.pdf

12May - L14: Real world examples - IoTSec infrastructure J - - Handouts L14 Media:UNIK4750-L14-IoTSec_infrastructure.pdf

19May - L15: Real world IoT service evaluation; UNIK4750 presentation of your Group Work - (suggestions and criteria)


26May - time for exam preparation (no lecture)

Thursday 2Jun or Wednesday 8Jun - Exam G,J

Introduction into Internet of Things (IoT)

This first part will provide the introduction into the Internet of Things (Lecture 1 - L2), with industrial examples

  • Smart Grid and automatic meter system (AMS)
  • Smart Homes with sensors
  • Wireless System upgrade of cars

The part will further address potential security threats (L3), here given for the future smart grid.

SmartGrid future.png

When the future Smart Grid consists of Prosumers (Consumers, who might also be Producers) with different energy sources, the grid will become more unstable. We will use an example of an automatic meter reading (AMR) and -system (AMS) in L4 to address the security and privacy challenges.

The final part of this first block is addressed through lectures L5 and L6, and will create the mapping from functional requirements towards mapping into technology. Examples of such mapping are the translation of privacy requirements - can somebody see from my meter reading if I'm at home - towards technology parameters like how often are values read and published.

Machine-readable Descriptions

The next block deals with the machine-readable description of security and privacy, security functionality and system of systems through ontologies.

  • Establish system description examples of systems,
  • Describing Security and Security Functionality in a semantic way

Application-driven security goals

This block will develop the security goals resulting from applications.

  • From industrial examples, establish the functional requirements. Example: switch-off time of power circuits less than 10 ms
  • From the functional requirements, select the security and privacy relations
  • Establish application-driven security goals as well as the semantics of your system

Perform Multi-Metrics Analysis

This last block will analyse industrial examples based on the multi-metrics analysis.

  • Generate matrices to describe the security impact of components and sub-systems, and perform a multi-metrics analysis to establish the system security
  • Analyze application goal versus system security and suggest improvements

Lecture overview with keywords

this section is automatically filled in based on the information on this MediaWiki