Department of Computer Science & Engineering

Description:To learn the security principles and methodologies for Cyber Physical Systems. 1. Ability to understand the importance of security Cyber Physical Systems and Internet of Things. 2. Understand the technologies and legal issues behind attack. 3. Ability to understand different attacks and mitigation strategies. 4. Understand trust, cloud and block chain-based security models. CourseContent:1. IoT and Cloud Computing Fundamentals IoT Definition – IoT Architecture – Devices – Operating Systems – Communication protocols – Messaging Protocols – Transport protocols – Network protocols – Data Link and Physical Protocols – IoT data collection, storage and analytics – Cloud computing background – Cloud Computing models and infrastructure – Cloud computing and IoT integration 2. Cyber Physical Systems – A case study CPS definition – Application specific CPS design and architecture – Functional and non-functional requirements – CPS architectures – closed loop, layered, publish and subscribe, and blackboard – CPS communication and control protocols – Industrial control systems protocol, radio technology and telemetry – Use of IoT in CPS. 3. IoT Attacks Threats – Vulnerabilities and Risks – IoT attack types – Attack trees, Fault Trees, Merging fault and attack trees – Wireless reconnaissance and mapping attacks – Security Protocol Attacks – Physical security attacks – Application security attacks – IoT Threat Modelling 4. Cryptographic Fundamentals Encryption and decryption – symmetric, asymmetric – Hashes – Digital signatures – Symmetric, Random number generators and cipher suites – Key management, distribution storage, escrow and zeroization – Cryptographic controls for IoT – ZigBee, Bluetooth-LE, Near Field Communication (NFC) – Cryptographic controls for IoT messaging protocols – MQTT, CoAP, DDS and REST. 5. CPS Secure Development Security design, Threat assessments – privacy, safety, compliance and security integration – Security processes – risk and liability exposures – IoT physical security plan – Device selection – OS considerations – Cryptographic selection – authentication / authorisation and edge security monitoring. 6. CPS Identity and Access Management Solutions Identity life cycle – naming conventions, secure bootstrap, credential and attribute provisioning, account monitoring, control, updates and activation/deactivation – Authentication credentials – passwords, symmetric keys, certificates, X.509, IEEE 1609.2, Biometrics – IoT IAM infrastructure – 802.1x, PKI architecture and revocation – Authorization and Access Control – Oauth2.0, publish and subscribe, and communication protocols. 7. CPS and privacy Private information leaks – privacy approach to credentials – surveillance – IoT privacy impact assessments – collecting and characterising information, security, data retention, information sharing, auditing and accountability. Privacy embedded design – end-to-end security, visibility and transparency, privacy engineering. 8. CPS edge protection and analysis Intrusion Detection in CPS - Challenges, - Designing Signature, Anomaly and Stateful protocol-based IDS - Machine Learning Techniques – rule-based, statistical and data mining-based systems. 9. Cloud Security for CPS Cloud services and IoT – Assets, inventory management, service provisioning, real time monitoring in the cloud, sensor coordination, message transport, cloud specific threats. 10. Block Chain and CPS Security Introduction to block chain – architecture and transaction processing operation – IoT transactions and block chain – benefits of IoT transaction monitoring – distributed ledgers, time stamping, smart contracts, security – Open architecture benefits and challenges – Use cases – smart homes and smart city examples. 11. Trust in CPS Embedding root of trust and chain of trust in IoT devices – security policies and law enforcement – defence counter measures in IoT device Malware and ransomware – Malware analysis and detection methods – ransomware detection and mitigation – Monitoring network flows for detection and mitigation. 12. Security of Industrial IoT Systems IIoT platform and architecture – challenges of IIOT – IIOT services security – attacks – on Thing, Network, Middleware and Application layer.

TextBooks:[1] B Russell and D V Duren, “Practical Internet of Things Security”, Packt Publishing, 2016 [2] William Mougayar, “The Business Blockchain Promise, Practice, and Application of the Next Internet Technology”, Wiley, 2016 [3] S. Li and L. D. Xu, “Securing the Internet of Things”, Elsevier, 2017 [4]. K-C. Li, B B Gupta and D P Agrawal, “ IOT – Recent advances in security, privacy and trust for IoT and CPS”, CRC Press, 2021.

ReferenceBooks:[1] B Russell and D V Duren, “Practical Internet of Things Security”, Packt Publishing, 2016 [2] William Mougayar, “The Business Blockchain Promise, Practice, and Application of the Next Internet Technology”, Wiley, 2016 [3] S. Li and L. D. Xu, “Securing the Internet of Things”, Elsevier, 2017 [4]. K-C. Li, B B Gupta and D P Agrawal, “ IOT – Recent advances in security, privacy and trust for IoT and CPS”, CRC Press, 2021.