Security Engineering as a multidisciplinary approach to cybersecurity - doctoral course

We live in a digital society where we share a considerable amount of data using different communication systems. Such a scenario requires an in-depth study of cybersecurity, given the complexity of communication devices and systems. This course aims to explore some aspects of security engineering as a multidisciplinary science.

Event information

Time

-

Add event to calendar

Instructor: Post-Doctoral Research Fellow, Dr.Tech. Simone Soderi,
IMT School for Advanced Studies Lucca, Italy
Dates: Monday, 9th – Friday, 20th May, 2022.
Hours: 32 h: Lectures: 9.–18.5. at 08:45–12:00 (with 15 minutes breaks)
Examination: Written examination: 20th May, 2022 at 09:00 – 11:00
Assessment: 100% Written examination
Credit Units: 3 ECTS
Registration: Students should register for the course by 30th April, 2022. Background
reading, lecture slides and preparatory material will be provided in advance of the start of the course.
Course: We live in a digital society where we share a considerable amount of data using different communication systems. Such a scenario requires an in-depth study of cybersecurity, given the complexity of communication devices and systems. This course aims to explore some aspects of security engineering as a multidisciplinary science.

The first part of the course will provide students with the fundamental
concepts for a comprehensive understanding of the technology, operational
procedures, and management practices required for effective cybersecurity.
The security management function involves creating, implementing, and
monitoring a security program for the information, infrastructure, and people
involved. Certainly, security management involves multiple levels of
management within a company. Different levels of management contribute
various types of expertise, authority, and resources to the overall security
program. We will reference standards and best practice documents that have
broad support and guide approaches to cybersecurity implementation. The
security management function involves creating, implementing, and
monitoring a security program for the information, infrastructure, and people
involved. Certainly, security management involves multiple levels of
management within a company. The goal is to plan security to understand
better how to respond to threats and ensure a recovery plan that ensures
business continuity in a cybersecurity incident.

The second part of the course examines the cross-disciplinary skills required by
security engineering, suggesting a multilevel investigation. Several techniques
based on signal processing have been utilized to secure communications at the
physical layer in the past few years. Typically, cryptography security
mechanism solidity is based on the rigorousness of mathematics and how users
maintain the secret keys. Physical layer security (PLS) provides secure
communications against an eavesdropper exploiting channel imperfections,
such as fading, multipath, and interference. In this course, we introduce two
promising primitives: jamming and watermarking. With the watermark-based
blind physical layer security (WBPLSec) the sender watermarks the message,
while the receiver also jams it and then restores it exploiting the watermarking.
Several use cases where this technique can be applied will be presented, for
example, radio frequency (RF) communications, acoustic communications,
visible light communications (VLCs), and wired buses (e.g., CAN bus).
Moving the security analysis to the level of communication protocols, we can
affirm that introducing a security layer is indispensable to implement defenses
from malicious attacks. Host Identity Protocol (HIP) based network with IPSec
is proposed to secure communications. For example, this security architecture
would mitigate the railway onboard wireless network attacks from an attacker
boarded on the same vehicle. As the last item on the networking protocols, we
investigated the wireless body area networks (WBANs). In some instances,
WBANs collect humans' information through Bluetooth low energy (BLE)
sensors nodes. BLE is thus becoming de-facto a key wireless technology, and
users leave that interface always enabled on their devices. BLE specifications
do not offer defenses against man-in-the-middle (MitM) attacks.
Countermeasures will be proposed by working by observing magnitudes that
operate on different levels, i.e. physical and protocol levels.

Finally, simulation environments known as cyber ranges have attracted
considerable attention in the cybersecurity ecosystem due to their ability to
mimic realistic situations and provide practical training for security experts and
students. However, many security threats related to the network domain are
challenging to reproduce. At the same time, the security evaluation of cyber-physical
systems (CPSs) assumes strategic importance in the transportation
domain. In this course, we consider the role of cyber ranges in network security
assessment. Indeed, with these tools, we can automatically define test
scenarios to evaluate network security issues.
The multilevel perspective of cybersecurity is expected to have other valuable
contributions from the research community.

Target Audience: This is an advanced course targeted at Master's and Doctoral students who
have knowledge of wireless communications, protocols and computer
networks.
Learning outcomes:
1. Cybersecurity fundamentals;
2. Security management skills;
3. Multidisciplinary security approach;
4. Cyber ranges as a tool for security assessments;
5. Cybersecurity application examples.
Lecture Schedule:

  • Lectures 1-3: Introduction; Cybersecurity fundamentals; Importance of risk assessment and management; Cybersecurity Operations and Management: People Management, Computer Security Incident Response Teams (CSIRT), Physical Asset Management, System Management, Technical Security Management, Threat and Incident Management, Physical and Infrastructure Security, Business Continuity and Recovery Plan.
  • Lecture 4-5: Multilevel security approach; Physical-layer security (PLS) fundamentals; WBPLSec: watermarking and jamming as two primitives to build PLS solutions. WBPLSec applied to RF, acoustic communications, and visible light communications (VLCs); Electromagnetic emissions security; Protocol security: the host identity protocol (HIP) use case;
  • Lectures 6-7: Hardware security: introduction, trusted design in FPGA, hardware trojan. Network Security: fundamentals, security concepts, network protection, network penetration, security protocols.
  • Lecture 8: Critical infrastructures: the railway use case; Automotive Security: the CAN Bus use case; IoT Security: the WBAN use case; Introduction to cyber ranges, cyber range as a tool for network security assessment; Summary and Research aspects.

Assessment:
The course assessment will be based on the written examination

Last updated: 14.3.2022