Czech

5

Not applicable.

Students will obtain theoretical foundations including practical skills in the area of security of embedded system and authentication systems. Students will be familiar with the basic systems, various scenarios, lightweight cryptography and principles of the safe implementation eliminates side-channel attacks. Based on this knowledge, studens will be able to analyze and design security solutions for embeded systems.

The course requires a basic knowledge in the areas of operating system security (course ICT Security 1), network security (course ICT Security 2) and fundamentals of cryptography. Furthermore, the basic knowledge of programming in JAVA language are recommended.

Not applicable.

Methods of educations are described in the article 7 of the BUT’s Study and Examination Regulation. Teaching methods include lectures, laboratories and student projects. Course is taking advantage of e-learning (Moodle) system.

The maximum of 15 points is given upon completion of the laboratory assignments. The completion of an individual project adds upto 15 points. The requirements on the completion of the tasks in laboratories and projects are described in the annual supervisor’s notice. The maximum of 70 points can be gained during the final exam.

Introduction to ICT security 3
2. Authentication systems and technologies
3. Authentication tokens and hardware security modules (types of objects, attacks on smart cards, RFID tags, HSM, SAM)
4. Programmable chip cards (.NET cards, Java Cards, the MULTOS platform)
5. Security with smart devices
6. Security with single-chip devices (microcontrollers, sensors)
7. Security in telematics and embedded systems
8. Cryptography for computationally constrained devices
9. Side channel cryptanalysis - Introduction
10. Side channel cryptanalysis - power analysis
11 Side channel cryptanalysis - countermeasures
12. Reverse engineering and software security (basic methods of reverse engineering, source code security, API)
13. Methodology for security assessment

Not applicable.

The main goal of the course is to familiarize students with the security of embedded systems that are an integral part of ICT. During the course, students are introduced with lightweight cryptography, authentication systems, smart cards, side-channel cryptanalysis and countermeasures preventing side-channel attacks. The course follows up on the knowledge of ICT Security 1 and ICT Security 2 courses and appropriately expands them.

The conditions for the successful course completion are stated in the yearly updated supervisor’s notice.

Not applicable.

Not applicable.

MANGARD, Stefan a OSWALD, Elisabeth a POPP, Thomas: Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security). Secaucus, NJ, USA:Springer-Verlag New York, Inc., 2007, ISBN 0387308571.
AMBROSE, Jude, IGNJATOVIC Alexandar, PARAMESWARAN, Sri: Power Analysis Side Channel Attacks: The Processor Design-level Context. Omniscriptum Gmbh & Company Kg., 2010, ISBN 3836485087
PETERS, Eric: Advanced DPA Theory and Practice: Towards the Security Limits of Secure Embedded Circuits. Springer Publishing Company, 2013, ISBN 1461467829
RANKL, Wolfgang a Wolfgang EFFING. Smart Card Handbook. Munich: John Wiley & Sons, 2010. 4. ISBN 978-0-470-74367-6.
STALLINGS, William. Cryptography and Network Security. 4th edition. [s.l.] : [s.n.], 2006. 592 s. ISBN 0131873164.

Not applicable.

26 hours, compulsory