Course Syllabus

This course provides an introduction to the fundamentals of IoT-CPS security, privacy, and safety, covering real-world attacks and defenses, embedded systems security, cryptography, safety verification, sensors and perception security, and more.

At the end of this course, students will be able to:

• Develop an understanding of the security, privacy, and safety challenges in IoT-CPS systems
• Learn the different types of attacks and defenses for various IoT-CPS domains
• Gain an understanding of the fundamentals of IoT-CPS security
• Understand the basics of safety verification using modeling techniques
• Learn the principles of sensors and perception security
• Develop the skills required to perform threat modeling for IoT-CPS systems
• Learn the basics of CPS program analysis and ML-in-the-loop security and privacy
• Understand the basics of trusted computing and distributed computing security
• Develop the ability to think critically about research problems in IoT-CPS security.

Materials required for this course are:

• Laptop

Ensure you have this ahead of time as they will be required to complete assignments and activities throughout the course. You will be required to install various open-source software packages throughout the course.

There is no official textbook for the class. Slides will be provided and reading materials for each topic will be assigned from research papers and the following references:

• Computer Security: Principles and Practice by Stallings and Brown
• Introduction to Embedded Systems: A Cyber-physical Approach by Lee and Seshia
• Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions (1st Edition), by Clint Bodungen, Bryan Singer, Aaron Shbeeb, Kyle Wilhoit, and Stephen Hilt, ISBN: 978-1259589713
• Security Engineering by Ross Anderson

Please review the communication methods and requirements for this course:

Piazza

We use Piazza for announcements and discussion about assignments and other course material.

Preferred Contact Methods

The easiest way to contact me is by e-mail

Office Hours

The instructor will hold office hours according to the following schedule:

By appointment

TA Information

Name: Vatsal Goal

E-mail: vatsal.goel@utah.edu 

Office Hours:

Thursday 4-5pm (In Person), Friday 3:30-4:30pm(Online/In Person as needed) 

Virtual Meeting Rooms(s)

By Appointment

Your performance in this course will be evaluated by:

• 1 Team research project (report + presentation)
• 6 Homework assignments
• 2 Capture-the-flag competitions (participation and report)
• 1 Research paper presentation + Artifact Evaluation
• Regular quizzes to test knowledge of each module

All assignments, unless otherwise announced, must be submitted to the designated area of
Canvas. Do not submit assignments via email.

Please start any assignments early and come to office hours if you need help. The assignments are intended to help you with your course project. There is a 20 percent late penalty for homework submissions up to 1 week late. After 1 week, there is a 40 percent penalty. You can submit any time until the last day of the class.

Grading for this course

• 40% Team Course Project (See description below)
• 10% Paper Presentation 
• 10% Artifact Evaluation 
• 10% Quizzes (usually at the beginning of class, 1 per module)
• 15% Capture-the-flag exercises (participation and reports)
• 15% Homework assignments 

Research Paper + Artifact. You will be required to present a recent top-tier research publication (I will provide the requirements in class). In addition to the presentation, you will perform an artifact evaluation of the research artifacts presented in the paper. You will include the evaluation as part of the presentation.

Project Structure. Students will collaborate on research projects, with the aim of producing a report of conference-level quality by the semester's end. The chosen topic should be pertinent to CPS/IoT security, safety, or privacy, and the student or students should be the primary authors. Students will work in teams of two (in exceptional cases in single-person teams or teams of three). Expectations will be adjusted based on the size of the team. I will provide tailored guidance to each team or individual as required. The project's assessment will factor in grades from various milestone deliverables and the final report. Evaluation criteria include originality, depth, accuracy, presentation clarity, and effort. Project presentations will be scheduled for the concluding week of the course.

Project Deliverables:

1. Presentation:

When: Students will perform two presentations during the course. In Week 7, each team will give a 10-minute presentation on the mid-term project progress. In the final week, each team will give a 10- to 20-minute final presentation depending on time constraints.

Format: The proposal and mid-term presentation are expected to contain the following key elements following the NABC model (we'll go over this in class):

• Need: What problem am I trying to solve? Why is this problem important? Why is solving it difficult?
• Approach: What is my solution (high level intuition)? What are the details that I have to decide (thresholds, design flow, etc)? How can I reason about these decisions? What data can I use to test my solution? Do I have enough data? Is there noise? Do I understand ground truth? Can I generate synthetic data? What is my desired outcome at the end of the program? What is the smallest unit of work that I can complete to feel I've made progress on solving this problem? You should include a timeline of expected results that fits the course schedule.
• Benefit: like the need, but not the same; usually more specific ·or sometimes side-benefits not directly pertaining to need, but nice never the less
• Competition: review of related work (not exceeding 30% of the presentation); What has been done before (to solve that same problem, to solve related problems that I can leverage)? How do I compare to other efforts to solve that same problem - is my solution better and how? Take a look at a video here for an awesome overview on how to keep track of related works

The final project presentation is expected to contain the following elements: (a) summary of problem definition and solution, (b) key results and findings, (c) conclusions and related work.

2. Report: Students will submit a final report by a specified deadline in the finals week. The report will be expected to be single-column text, single-spaced pages in font size not exceeding 11pt. The report is expected to be at least 8 pages and at most 10 pages, excluding references. If the students wish to submit the work to a formal proceedings, the instructor can provide further guidance. The students will include a separate, brief document describing each team member's contribution, and all members will sign off on that report.

Project Timeline: 

Grading Breakdown for the Project (Total weight = 40%):

University of Utah grading scale

Disclaimer

Accommodations will be considered on an individual basis and may require documentation.

Please contact your instructor and/or teaching assistant as soon as possible (preferably shortly before the semester begins) to request accommodations of any kind.

Content Warnings

Please be aware that some materials and discussions within this course may contain challenging content. Your instructor may choose to notify students of potentially difficult content (e.g. explicit language, graphic images, violent themes, etc.) throughout the course.

If there are specific subjects that you need advanced notice for, please contact your instructor at the beginning of the semester.

Extreme personal circumstances

Please contact your instructor as soon as possible if an extreme personal circumstance
(hospitalization, death of a close relative, natural disaster, etc.) is interfering with your ability to
complete your work.

Religious Practice

To request an accommodation for religious practices, contact your instructor at the beginning of the semester.

Active Duty Military

If you are a student on active duty with the military and experience issues that prevent you from participating in the course because of deployment or service responsibilities, contact your instructor as soon as possible to discuss appropriate accommodations.

Disability Access

All written information in this course can be made available in an alternative format with prior notification to the Center for Disability Services (CDS). CDS will work with you and the instructor to make arrangements for accommodations. Prior notice is appreciated. To read the full accommodations policy for the University of Utah, please see Section Q of the Instruction & Evaluation regulations.

If you will need accommodations in this class, contact:

Center for Disability Services
  801-581-5020
  disability.utah.edu
  162 Union Building
    200 S. Central Campus Dr.
     Salt Lake City, UT 84112

This syllabus is not a contract. It is meant to serve as an outline and guide for your course. Please note that your instructor may modify it to accommodate the needs of your class.

You will be notified of any changes to the Syllabus.

Though the online format allows students greater flexibility to complete their work, this course does have a structure and timeline! As such, the following is expected of all students in this class:

• Students must be self-motivated, organized, and willing to stay on top of their schedules. Students should take control of their learning while in this course.
• Students are expected to follow the Core Rules of Netiquette at all times while participating in the class and communicating with others.
• Students will log in to the course a minimum of 3 times per week.
• Students are not expected to interact with their classmates in person. Students may be expected to work with classmates via online communication options like Canvas Discussions, video conferencing, or other communication technologies of choice (Zoom, FaceTime, Google Hangouts, etc).
• Students will regularly check for course updates and will update their Canvas notification settings to ensure they receive timely notifications from the course.
• Students will contact their instructor or teaching assistant promptly if they have any questions, are struggling with course materials, or need further assistance from their instructor.
  • If you do not hear back within 3 days after sending a message, please contact your instructor/TA again.
• Students will follow all official University of Utah policies regarding interpersonal conduct, academic dishonesty, and other rights and responsibilities of students outlined in the University of Utah Student Handbook and Code of Student Rights and Responsibilities.
  • If you have any questions about this, please contact the Dean of Students.

Your course instructor is an expert in the topics you will learn about this semester. Your instructor is your mentor and facilitator of the classroom experience, aided by teaching assistants. Instructors are committed to:

• The instructor will design the course to include lectures, learning materials, and assignments that are accessible and provide students with opportunities to learn and practice course content.
• The instructor and teaching assistants will ensure that the course remains a safe space where students can engage with difficult content thoughtfully and respectfully.
• The instructor and teaching assistants will interact with the class regularly via announcements, virtual office hours (one-on-one video conferencing), emails/the Canvas Inbox, feedback on assignments, and comments on Discussions, among other methods.
• The instructor and teaching assistants will respond to students promptly: within 48 hours, not including weekends and holidays.
• The instructor and teaching assistants will be available for an individual consultation via virtual office hours (one-on-one video conferencing), email, or phone and will not require students to meet in person.
• The instructor and teaching assistants will provide relevant feedback promptly.
• The instructor and teaching assistants will follow all official University of Utah policies regarding interpersonal conduct, accommodations, and other important duties.