Introduction to cyber securityLaajuus (3 cr)

Objective

Students are introduced to the key principles of secure software development, including:

• Explain how software/hardware security should be addressed in rigorous development
processes
• Apply methods for documenting the security requirements and secure design of a
software/hardware system
• Apply methods for documenting security threats and mitigations
• Demonstrate knowledge of secure programming
• Identify appropriate activities for verification and validation of software security

Content

Week 1
Secure Software Processes and Introduction to Industrial Control Systems (ICS) Security with case studies and discussion
Security Goals, Access Control, ICS Kill Chain and Attack Steps
Secure Design: Control Systems I - Lab1-Programmable Logic Controller (PLC)
Control Systems II – Lab2-PLC Hacking
Exam I – C-Strings

Week 2
Control Protocols – Lab3 - Endpoint and Flow Analysis
Integer overflows, Unknown Control Protocols
Assessing and Exploiting Embedded Electronics I
Assessing and Exploiting Embedded Electronics II
Exam II – Student Presentation

Evaluation

Assessment

Assignments 40%
Presentation/survey
paper 15 %
Exam 1 20 %
Exam 2 25 %

Grading

Pass/fail or 0-5
Excellent (5)
Good (3-4)
Satisfactory (1-2)
Fail (0)

Qualifications

Programming experiences with Java and C