METHODS AND TOOLS FOR INDUSTRIAL CYBERSECURITY

In this course, you will be made aware of the state-of-the-art in cybersecurity research and state of practice in industry. Cybersecurity vulnerabilities are a threat to progress in the business sector and society. This is an accelerating threat due to the current rapid digitalisation, which in manufacturing is termed Industry 4.0. Companies are aware of this threat and realise the need to invest in countermeasures, but development is hampered by lack of competence.  

The Internet of Things (IoT) is a networking paradigm which enables different devices (from thermostats to autonomous vehicles) to collect valuable information and exchange it with other devices using different communications protocols over the Internet. This technology allows to analyse and correlate heterogeneous sources of information, extract valuable insights, and enable better decision processes. Although the IoT has the potential to revolutionise a variety of industries, such as healthcare, agriculture, transportation, and manufacturing, IoT devices also introduce new cybersecurity risks and challenges. In this course, the students will obtain an in-depth understanding of the Internet of Things (IoT) and the associated cybersecurity challenges. The course covers the fundamentals of IoT and its applications, the communication protocols used in IoT systems, the cybersecurity threats to IoT, and the countermeasures that can be deployed. The course is split in four main modules, described as follows: Understand and illustrate the basic concepts of the IoT paradigm and its applications Discern benefits and drawback of the most common IoT communication protocols Identify the cybersecurity threats associated with IoT systems Know and select the appropriate cybersecurity countermeasures Course Plan Module 1: Introduction to IoT Definition and characteristics of IoT IoT architecture and components Applications of IoT Module 2: Communication Protocols for IoT Overview of communication protocols used in IoT MQTT, CoAP, and HTTP protocols Advantages and disadvantages of each protocol Module 3: Security Threats to IoT Overview of cybersecurity threats associated with IoT Understanding the risks associated with IoT Malware, DDoS, and phishing attacks Specific vulnerabilities in IoT devices and networks Module 4: Securing IoT Devices and Networks Overview of security measures for IoT systems Network segmentation, access control, and encryption Best practices for securing IoT devices and networks Organisation and Examination Study hours: 80 hours distributed over 7 weeks Scehduled online seminars:  January 30th 2024, February 12th 2024 and 11th of March Examination, one of the following: Analysis and presentation of relevant manuscripts in the literature Bring your own problem (BYOP) and solution. For example, analyse the cybersecurity of the IoT network of your company and propose improvements The number of participants in the course is limited, so please hurry with your application!

Every sector of the global economy relies on software. This makes software one of the principal targets for state-sponsored groups, military, criminals and other type of adversaries. Such attacks try to exploit insecure code, that is seemingly innocent bugs, which allow the adversaries to obtain unauthorized access to information or to take full control of compromised systems. The purpose of this course is to train software professionals in understanding in depth how insecure code can be exploited. In addition, it will equip them with knowledge in how to defend against this type attacks. The course begins by analyzing technical, psychological, and real-world factors that lead to production of vulnerable code. This is important knowledge for both developers and managers as it allows them to take actions that mitigate the impact of these factors, both when programming is performed but also during project management. Software exploits use specially crafted input data to applications and services to leverage logic flaws in the code that processes the input. Typically, the exploits overwrite specific structures in the program memory space, which allows them to bypass access control mechanisms and/or execute code provided as part of the input data. Therefore, a large part of the course is dedicated to understanding how exploits are constructed, essentially learning attackers’ “modus operandi”.

The course addresses fundamental questions related to how to build trusted systems. The focus will be on specific characteristics and approaches that allow to build trust into systems. In addition, methods to ensure that computers and services behave faithfully to the implementation specifications will be presented as well as approaches for detecting malicious deviations from the specifications. This course also introduces Blockchain concepts, security perspective of blockchain, consensus in blockchain, the decentralized philosophy behind Blockchain, as well as the main discussions in Blockchain environment and its potential applications.

Web application security encompasses that the student should learn to understand and discover weaknesses and vulnerabilities in web applications both on the server side and on the client side as well as be able to develop solutions for protection and conduct tests.

Målet med kursen är att ge lärare fortbildning inom ämnet djurvälfärd och hållbarhet. Kursens mål är också att ge lärare inspiration att designa sin egen undervisning, att ge lärare möjlighet att ta till sig ny forskning och att dela med sig av läraktiviteter som kan användas av fler.