Hours:
16 hours (4 credits)
Room:
Aula Riunioni del Dipartimento di Ingegneria dell’Informazione, Via G. Caruso 16, Pisa - Ground Floor
To register to the course, click here
Short Abstract:
In the last decades, cybersecurity has emerged as a critical and pressing concern. With the proliferation of technology and the interconnectedness of our world, the protection of computer systems, networks, and data has become a fundamental aspect that may impact everyday life and the safety of people. Indeed, security attacks can threaten the most variegates fields and applications, and, if not properly counteracted, the consequences can be severe, causing injuries or even death. One of the most immediate and straightforward examples can be a hacker that takes the remote control over brake and/or steering system of a vehicle, or an attacker that manipulates the information about the state of charge of a battery causing its explosion.
This course aims to give the basic principles of cybersecurity, providing knowledge on the main security threats common to almost all application contexts and the main techniques to counteract them. All the fundamental aspects concerning the implementation of security modules (both hardware and software) are presented, including the references and the validation methodologies to evaluate the security properties according to the desired level of security. Finally, a focus on the importance of cybersecurity in some application fields and some examples on the future trends of security applications are provided. In addition, some highlights on the role of hardware in security are given.
During the lectures some exercitations will be held to get more familiarity with the illustrated concepts and to make some practical experiments.
After the participation to this course, the attendee will have a basic but comprehensive knowledge of which are the main security threats and the main techniques to counteract or mitigate them. The matured knowledge will constitute a useful instrument that can be used to evaluate also other aspects of its research activities and improve them by integrating security mechanisms or developing solutions that are more suitable for later integration of security mechanisms.
Course Contents in brief:
- Principles of Cybersecurity. [7.5 hours]
- Overview of the security threats and attacks.
- Overview of the fundamental security services to protect data and assets.
- Overview of cryptographic primitives and algorithms to implement security services.
- Ad-hoc solutions to implement security services without cryptography.
- Exercitation(s).
- Basic guidelines for the development of HW/SW security modules: security services, interface security policies and physical implementation. [4 hours]
- Concept of security strength, long-term security protection and introduction to Post-Quantum Cryptography (PQC).
- Focus on verification/validation systems for the developed modules.
- Focus on interface security policies.
- Focus on physical implementation: Side-Channel Attacks (SCAs) – Principles and examples.
- Exercitation(s).
- On the importance of cybersecurity in automotive, space, Battery Management Systems (BMSs), and server applications. [1.5 hours]
- Examples of attacks and consequences.
- Future trends: assets encryption in general-purpose processors for servers and battery passport.
- The Role of Hardware in Security. [2 hours]
- Focus on the concepts of Hardware Secure Module (HSM), Root-of-Trust and Chain-of-Trust.
- Physically Unclonable Functions (PUFs).
- Focus on Secure Boot routines.
Final Exam (multiple choice questions). [1 hour]
Schedule:
- Day1 – 26 February 2023 – 9:30 /13:00, Lecture #1 – first part (2.5 h) + Exercitation (1 h)
- Day2 – 27 February 2023 – 9:30 /13:00, Lecture #1 – second part (2.5 h) + Exercitation (1 h)
- Day3 – 28 February 2023 – 9:30 /13:00, Lecture #2 (2.5 h) + Exercitation (1 h)
- Day4 – 29 February 2023 – 9:30 /13:00, Lecture #3 (1.5 h) + Lecture # 4 – first part (1 h) + Exercitation (1 h)
- Day5 – 1 March 2023 – 15:00 /17:00, Lecture #4 – second part (1 h) + Final Exam (1 h)
