| Code |
14526
|
| Year |
1
|
| Semester |
S1
|
| ECTS Credits |
6
|
| Workload |
OT(15H)
|
| Scientific area |
Informatics
|
|
Entry requirements |
.
|
|
Learning outcomes |
The objectives of this course unit are as follows:
a) In terms of knowledge, it is expected that the student knows and understands the origin of security problems in complex systems of the Internet of Things and Cloud ecossystem, as well as the software and security engineering process, and the several tradeoffs that the several security technologies face in that ecossystem;
b) in terms of skills, to motivate the development of a critical reasoning towards security by design in computer systems, as well as the ability to conduct research in this area of knowledge autonomously, and propose ways of integrating security in the software engineering process;
c) In terms of competences, it is expected that the student develops the abilities to model computer systems, identify security requirements, propose mechanisms that fulfil them and means to validate them.
To train a specialist in engineering of system that are secure-by-design is also a secondary objetive.
|
|
Syllabus |
1. Definition and Architecture of Systems, Applications and Services for the Cloud and Internet of Things (IoT)
2. Requirement Analysis and Security Engineering in Computer Systems
3. Formalization and Application of Attack Models
4. Mapping Requirements and Security Mechanisms
5. Embedding Computer Security in Software Engineering
6. Research Topics in the Assurance of Security by Design in the Cloud and IoT Ecosystem
|
|
Main Bibliography |
Musa Samaila, João B. F. Sequeiros, Mário M. Freire, and Pedro R. M. Inácio, Security Threats and Possible Countermeasures in Applications Covering Different Industry Domains, in Proceedings of the The 2nd International Workshop on Security and Forensics of IoT (IoT-SECFOR 2018), held in conjunction with the 13th International Conference on Availability, Reliability and Security (ARES 2018), August 27-30, 2018
Musa Samaila, Miguel Neto, Diogo A. B. Fernandes, Mário M. Freire, and Pedro R. M. Inácio, Challenges of Securing Internet of Things Devices: A Survey, Wiley Security and Privacy (SPY), 1(2):20, May 2018.
Manoel Campos da Silva Filho, Claudio C. Monteiro, Pedro R. M. Inácio, Mário M. Freire, Approaches for Optimizing Virtual Machine Placement and Migration in Cloud Environments: A survey, Journal of Parallel and Distributed Computing (JPDC), 111:222-250, January 2018. ISI Impact Factor (2016): 1.930.
|
|
Teaching Methodologies and Assessment Criteria |
The subjects of this course unit are discussed in tutoring classes with 1 hour of weekly contact, being the study and research effort placed on the student, who should prepare himself/herself for the discussion of the next class via the reading and analysis of scientific books or papers proposed by the lecturer. The study material will be mostly composed by scientific papers and the main references will be revised and updated annually.
Two practical works will be proposed along the semester: the first one consists in a detailed study of the state of the art and of a security problem exploited in that school year; the second one consists in the proposal of the solution that guarantees security by design for the previously addressed problem, along with a security analysis, and potential proof-of-concept implementation. Both works are worth 40% of the final grade. A written test for knowledge evaluation will be scheduled for the end of the semester, which is worth 20% of the final grade.
|
|
Language |
Portuguese. Tutorial support is available in English.
|