ITI8610
Course code: ITI8610
Lecturer: prof. Jüri Vain
Contact: juri.vain ätt ttu.ee, ICT-418
Co-lecturer: Leonidas Tsiopoulos
Co-lecturer: Aleksandr Lenin
Time and place
Lectures: Wednesdays 10:00, ICT-315
Labs: Wednesdays 12.00
- Lab supervisors:
- Aleksandr Lenin (aleksandr.lenin ätt ttu.ee) - Module I
- Jüri Vain (juri.vain ätt ttu.ee), Leonidas Tsiopoulos (letsio ätt ttu.ee) - Module II
News 2019
Deadline for submitting lab assignments of Module II -- TBA
Lecture plan
- Lecture 1: Introduction to software assurance
Module I: Assurance processes, risk management & security assurance====
Lecture 1: Security Risk Management
Lecture 2: Security Risk Management (contd.)
Lecture 3: Security Best Practices
Lecture 4: Input Validation
Lecture 5. Web Application Security. Cross-Site Scripting Attacks
Module II: : Assured Software Analytics
- Module II Lecture 1: Design by Contract
- Module II Lecture 2: Specification cases
- Module II Lecture 3: Multi-view contracts of cyber-physical systems
- Module II Lecture 4: JML contracts for OOP methods
- Module II Lecture 5: OpenJML and SMT Solvers
Practice Assignments
Possible topics for course project (same topic can be chosen by several teams)
- Smart parking slot /Nutikas parkla
- Moon habitad IGLUNA safety system / Kuuelamu IGLUNA ohutuse tagamise süsteem
- Moon habitad IGLUNA security system / Kuuelamu IGLUNA turbesüsteem
- Railway crossing control / Raudtee ülesõidukoha juhtimine
- Nutikas autode paigutaja praamidele
- Automaatne haigla ravimite annustamise ja kohaletoimetamise süsteem
- Smart home air quality control
- Automaatse tunnustamisega trahvisüsteem
- Automaatne videosalvestussüsteem
- TESLA (auto) juhtimisüsteem
- Bolt tõukerataste rentimissüsteem
- Biometric locking systems (ukse- ja relvalukud).
Project Teams
- Team 1: Allan Paalo, Siim Suviste, Oliver Tooming "TBA"
- Team 2: Krõõt Grete Mänd, Ilja Samoilov "Smart home air quality control"
- Team 3: Veronika Zamakhova, Sergei Zarembo, Dmitri Golovatš "Bolt tõukerataste rentimissüsteem"
- Team 4: Magnus Teekivi, Ly Tempel, Mirjam Pajumägi "Railway crossing control / Raudtee ülesõidukoha juhtimine"
- Team 5: Kristjan-Martin Kirjanen, Kaarel Värk, Andreas Nagel " Biometric locking systems"
...
- Team 9:
Module I: Security Assurance
Assignment 1: Risk Analysis using the FAIR (Factor Analysis of Information Security Risk) framework
Assignment 2: Vulnerability Identification in Code using Static Analysis Tools
Assignment 3: Architectural Risk Analysis
Assignment 4: Web Application Exploitation
Module II
- Lab instruction: Lab assignment plan
NB! To report completed lab assignments go to web page https://ained.ttu.ee
and register as user with uniID of TUT
- Some reporting examples from earlier years
- Smart home climate control: Project report
- Smart house energy management: Project report
Grading
Each of the two modules is graded independently on the scale 0-100 points. A student must receive a positive grade in every module. Therefore, a student may obtain max 200 points for the entire course. 51%, or 101 points is the absolute minimum required to pass the course. The standard TalTech grading rules are applied to calculate the student's final grade.
Resources
https://ained.ttu.ee -- õppekeskkonas olevad materjalid
Gary McGraw "Software Security. Building Security In"