Erinevus lehekülje "ITI8610" redaktsioonide vahel
(ei näidata 3 kasutaja 103 vahepealset redaktsiooni) | |||
3. rida: | 3. rida: | ||
'''Lecturer''': prof. Jüri Vain <br> | '''Lecturer''': prof. Jüri Vain <br> | ||
'''Contact''': juri.vain ätt ttu.ee, ICT-418 <br> | '''Contact''': juri.vain ätt ttu.ee, ICT-418 <br> | ||
− | '''Co-lecturer''': | + | '''Co-lecturer''': Leonidas Tsiopoulos <br> |
'''Co-lecturer''': Aleksandr Lenin <br> | '''Co-lecturer''': Aleksandr Lenin <br> | ||
9. rida: | 9. rida: | ||
==Time and place== | ==Time and place== | ||
− | Lectures: | + | Lectures: Thursdays 16:00, ICT-A2 '''NEW!'''<br> |
− | Labs: | + | Labs: Thursdays 17.45, ICT-A2 <br> |
* Lab supervisors: | * Lab supervisors: | ||
− | ** | + | ** Aleksandr Lenin (aleksandr.lenin ätt ttu.ee) - Module I |
− | ** | + | ** Jüri Vain (juri.vain ätt ttu.ee), Leonidas Tsiopoulos (letsio ätt ttu.ee) - Module II |
− | |||
− | ==News | + | ==News 2019== |
<br> | <br> | ||
+ | Deadline for submitting lab assignments of Module II -- TBA | ||
+ | <p> | ||
+ | Please fill in [https://doodle.com/poll/3g7333mkn59wp6fe this] Doodle poll and indicate your availability for Module I: Security Assurance lecture and practice slots. Please note that everyone is free to make more than a single choice, you can mark as many slots as you see fit, as well as that every person has 3 options: yes, no, ifneedbe, where yes means this time slot is free for you and you are available at this time, no means you are absolutely unavailable, and ifneedbe means this time slot is unconvenient for you, but if necessary you will be able to make it. | ||
==Lecture plan== | ==Lecture plan== | ||
− | + | # [[Media:ITI_8610_lecture_1.pdf|Lecture 1]]: Introduction to software assurance | |
− | |||
− | |||
− | |||
+ | ====Module I: Assurance processes, risk management & security assurance==== | ||
+ | # [[Media:ITI8610-2019-Risk.pdf|Risks - definitions, terminology, risk taxonomies]] | ||
+ | # [[Media:Risk-Taxonomy-FAIR.pdf|FAIR Risk Taxonomy]] | ||
+ | # [[Media:ITI8610-Riskmanagement.pdf|Risk Management]] | ||
+ | # [[Media:ITI8610-2019-FAIR_Template.zip|Qualitative Risk Analysis Template]] | ||
+ | # [[Media:ITB8811-2019-Probability.pdf|Theory of Probability]] | ||
+ | # [[Media:ITI8610-2019-Reliability.pdf|Reliability and Availability]] | ||
+ | # [[Media:ITI8610-2019-Security_Modeling.pdf|Security Modeling. Quantitative Risk Management]] | ||
+ | |||
+ | ====Module II: : Assured Software Analytics ==== | ||
+ | * [[Media:Module_III_Lecture_1.pdf|Module II Lecture 1]]: Design by Contract | ||
+ | * [[Media:Module III 2nd lecture JML Specification Cases.pdf|Module II Lecture 2]]: Specification cases | ||
+ | * [[Media:e.pdf|Module II Lecture 3]]: Multi-view contracts of cyber-physical systems | ||
+ | * [[Media:Module III 4th lecture.pdf|Module II Lecture 4]]: JML contracts for OOP methods | ||
+ | * [[Media:OpenJML - Solvers - 15_11_2018.pdf|Module II Lecture 5]]: OpenJML and SMT Solvers | ||
+ | * [[Media:WorstPracticesInSWDevelopment.pdf|Module II Lecture 6]] (Guest lecture): M. Markvardt (ASA Quality) "Worst Practices in Software Quality a.k.a How to Deal with Risks" | ||
+ | * Lecture 7 (Guest lecture): Dr. Mohammad Al-Taye (Philadelphia Univ., Jordan) "QA by testing" | ||
+ | * Lecture 8: Safety analysis techniques (28.11.2019) | ||
+ | * [[Media:Automotive audio amplifiers.pdf|Module II Lecture 9]] (Guest lecture): R. Kadastik (Adacore) "Automotive audio amplifiers" (5.12.2019) | ||
+ | * Projects review and preparation for final presentation | ||
+ | |||
+ | ==Practice Assignments == | ||
+ | Possible topics for course project (same topic can be chosen by several teams) | ||
+ | * Smart parking slot /Nutikas parkla | ||
+ | * Moon habitad IGLUNA safety system / Kuuelamu IGLUNA ohutuse tagamise süsteem | ||
+ | * Moon habitad IGLUNA security system / Kuuelamu IGLUNA turbesüsteem | ||
+ | * Railway crossing control / Raudtee ülesõidukoha juhtimine | ||
+ | * Nutikas autode paigutaja praamidele | ||
+ | * Automaatne haigla ravimite annustamise ja kohaletoimetamise süsteem | ||
+ | * Smart home air quality control | ||
+ | * Automaatse tunnustamisega trahvisüsteem | ||
+ | * Automaatne videosalvestussüsteem | ||
+ | * TESLA (auto) juhtimisüsteem | ||
+ | * Bolt tõukerataste rentimissüsteem | ||
+ | * Biometric locking systems (ukse- ja relvalukud). | ||
+ | |||
+ | ==Project Teams== | ||
+ | * Team 1: Allan Paalo, Siim Suviste, Oliver Tooming "TESLA self-driving car" | ||
+ | * Team 2: Krõõt Grete Mänd, Ilja Samoilov "Smart home air quality control" | ||
+ | * Team 3: Veronika Zamakhova, Sergei Zarembo, Dmitri Golovatš "Bolt tõukerataste rentimissüsteem" | ||
+ | * Team 4: Magnus Teekivi, Ly Tempel, Mirjam Pajumägi "Railway crossing control / Raudtee ülesõidukoha juhtimine" | ||
+ | * Team 5: Kristjan-Martin Kirjanen, Kaarel Värk, Andreas Nagel " Biometric locking systems" | ||
+ | * Team 6: Rasmus Tomsen, Henry Härm "Smart video recording system / Automaatne videosalvestuse süsteem" | ||
+ | * Team 7: Johanna Kammiste, Igor Podgainõi "Smart parking slot / Nutikas parkla I" | ||
+ | * Team 8: Kristjan Vool, Regina Helena Lõpp-Elmeste "Smart parking slot / Nutikas parkla II" | ||
+ | |||
+ | |||
+ | ====Module I: Security Assurance ==== | ||
+ | Assignment 1: Perform a qualitative Risk Analysis of your case study using FAIR (Factor Analysis of Information Security Risk) framework and submit a report in pdf format.<br /> | ||
+ | Assignment 2: Model one threat in the form of an ADT (Attack-Defense Tree) using the ADTool software http://satoss.uni.lu/members/piotr/adtool/ , export your model in XML format (File->export) and submit the generated XML file.<br /> | ||
+ | |||
+ | ====Module II ==== | ||
+ | * [[Media:HomeAssignmnet_of Module_II.pdf|Lab instruction]]: Lab assignment plan | ||
+ | * [[Media:OpenJML installation instructions.pdf|OpenJML Installation]]: OpenJML Installation Instructions | ||
NB! | NB! | ||
To report completed lab assignments go to web page https://ained.ttu.ee | To report completed lab assignments go to web page https://ained.ttu.ee | ||
and register as user with uniID of TUT | and register as user with uniID of TUT | ||
+ | * Some reporting examples from earlier years | ||
+ | ** [[Media:Climate_control.pdf| Smart home climate control]]: Project report | ||
+ | ** [[Media:Energy_control.pdf| Smart house energy management]]: Project report | ||
+ | |||
+ | == Grading == | ||
− | + | Each of the two modules is graded independently on the scale 0-100 points. A student must receive a positive grade in every module. Therefore, a student may obtain max 200 points for the entire course. 51%, or 101 points is the absolute minimum required to pass the course. The standard TalTech grading rules are applied to calculate the student's final grade. | |
==Resources== | ==Resources== | ||
+ | |||
+ | https://ained.ttu.ee -- õppekeskkonas olevad materjalid<br /> | ||
+ | Gary McGraw "Software Security. Building Security In"<br /> |
Viimane redaktsioon: 12. detsember 2019, kell 13:56
Course code: ITI8610
Lecturer: prof. Jüri Vain
Contact: juri.vain ätt ttu.ee, ICT-418
Co-lecturer: Leonidas Tsiopoulos
Co-lecturer: Aleksandr Lenin
Time and place
Lectures: Thursdays 16:00, ICT-A2 NEW!
Labs: Thursdays 17.45, ICT-A2
- Lab supervisors:
- Aleksandr Lenin (aleksandr.lenin ätt ttu.ee) - Module I
- Jüri Vain (juri.vain ätt ttu.ee), Leonidas Tsiopoulos (letsio ätt ttu.ee) - Module II
News 2019
Deadline for submitting lab assignments of Module II -- TBA
Please fill in this Doodle poll and indicate your availability for Module I: Security Assurance lecture and practice slots. Please note that everyone is free to make more than a single choice, you can mark as many slots as you see fit, as well as that every person has 3 options: yes, no, ifneedbe, where yes means this time slot is free for you and you are available at this time, no means you are absolutely unavailable, and ifneedbe means this time slot is unconvenient for you, but if necessary you will be able to make it.
Lecture plan
- Lecture 1: Introduction to software assurance
Module I: Assurance processes, risk management & security assurance
- Risks - definitions, terminology, risk taxonomies
- FAIR Risk Taxonomy
- Risk Management
- Qualitative Risk Analysis Template
- Theory of Probability
- Reliability and Availability
- Security Modeling. Quantitative Risk Management
Module II: : Assured Software Analytics
- Module II Lecture 1: Design by Contract
- Module II Lecture 2: Specification cases
- Module II Lecture 3: Multi-view contracts of cyber-physical systems
- Module II Lecture 4: JML contracts for OOP methods
- Module II Lecture 5: OpenJML and SMT Solvers
- Module II Lecture 6 (Guest lecture): M. Markvardt (ASA Quality) "Worst Practices in Software Quality a.k.a How to Deal with Risks"
- Lecture 7 (Guest lecture): Dr. Mohammad Al-Taye (Philadelphia Univ., Jordan) "QA by testing"
- Lecture 8: Safety analysis techniques (28.11.2019)
- Module II Lecture 9 (Guest lecture): R. Kadastik (Adacore) "Automotive audio amplifiers" (5.12.2019)
- Projects review and preparation for final presentation
Practice Assignments
Possible topics for course project (same topic can be chosen by several teams)
- Smart parking slot /Nutikas parkla
- Moon habitad IGLUNA safety system / Kuuelamu IGLUNA ohutuse tagamise süsteem
- Moon habitad IGLUNA security system / Kuuelamu IGLUNA turbesüsteem
- Railway crossing control / Raudtee ülesõidukoha juhtimine
- Nutikas autode paigutaja praamidele
- Automaatne haigla ravimite annustamise ja kohaletoimetamise süsteem
- Smart home air quality control
- Automaatse tunnustamisega trahvisüsteem
- Automaatne videosalvestussüsteem
- TESLA (auto) juhtimisüsteem
- Bolt tõukerataste rentimissüsteem
- Biometric locking systems (ukse- ja relvalukud).
Project Teams
- Team 1: Allan Paalo, Siim Suviste, Oliver Tooming "TESLA self-driving car"
- Team 2: Krõõt Grete Mänd, Ilja Samoilov "Smart home air quality control"
- Team 3: Veronika Zamakhova, Sergei Zarembo, Dmitri Golovatš "Bolt tõukerataste rentimissüsteem"
- Team 4: Magnus Teekivi, Ly Tempel, Mirjam Pajumägi "Railway crossing control / Raudtee ülesõidukoha juhtimine"
- Team 5: Kristjan-Martin Kirjanen, Kaarel Värk, Andreas Nagel " Biometric locking systems"
- Team 6: Rasmus Tomsen, Henry Härm "Smart video recording system / Automaatne videosalvestuse süsteem"
- Team 7: Johanna Kammiste, Igor Podgainõi "Smart parking slot / Nutikas parkla I"
- Team 8: Kristjan Vool, Regina Helena Lõpp-Elmeste "Smart parking slot / Nutikas parkla II"
Module I: Security Assurance
Assignment 1: Perform a qualitative Risk Analysis of your case study using FAIR (Factor Analysis of Information Security Risk) framework and submit a report in pdf format.
Assignment 2: Model one threat in the form of an ADT (Attack-Defense Tree) using the ADTool software http://satoss.uni.lu/members/piotr/adtool/ , export your model in XML format (File->export) and submit the generated XML file.
Module II
- Lab instruction: Lab assignment plan
- OpenJML Installation: OpenJML Installation Instructions
NB! To report completed lab assignments go to web page https://ained.ttu.ee
and register as user with uniID of TUT
- Some reporting examples from earlier years
- Smart home climate control: Project report
- Smart house energy management: Project report
Grading
Each of the two modules is graded independently on the scale 0-100 points. A student must receive a positive grade in every module. Therefore, a student may obtain max 200 points for the entire course. 51%, or 101 points is the absolute minimum required to pass the course. The standard TalTech grading rules are applied to calculate the student's final grade.
Resources
https://ained.ttu.ee -- õppekeskkonas olevad materjalid
Gary McGraw "Software Security. Building Security In"