System Internals and Cybersecurity

Description

Students will explore system programming and development, with an understanding of the security implications of such systems.

Aims

The module outline aims to provide in depth knowledge of system programming with security challenges in kernel and user space. Students will develop a firm understanding of system and device internal operations. This will include understanding operating system internals and how new applications for these systems can be implemented in scenarios such as IoT deployments. This will be supplemented with material which will develop an understanding of how cloud and web technologies can be utilised in conjunction with such devices.

Learning Outcomes

By the end of this module the student should be able to:

1.  Explain the operation of systems at a low level i.e. kernel, driver operation etc; and the security implications arising from such systems.

2.  Design and develop systems that incorporate relevant security features for deployment in embedded IoT environments.

3.  Critique the benefits and challenges of cloud technologies as a platform for IoT technology.

Indicative Content

1 System Programming

C programming, compiler, linker and loader. Static and runtime analysis of binary files. System development kits, kernel headers and cross complier environments.

2 Hardware

ASIC,MCU,CPU, SOC, assembly, component security, pcb security, sniffing wire traffic, radio traffic, Types of communication (I2C, SPI, UART, RS232) and security challenges

3 Operating systems

I/O Manager, Memory Manager, Scheduler, .s file, init file, boot loader, boot process, ROM, RAM, execution rings

4 Kernels

Types of kernel, real time, unix, Windows, mac, linux, user space vs kernel space, shell, native applications, dll, registry/proc. Security landscape in user and kernel space.

5 Auditing and Debugging

User and kernel space debugging, Remote kernel debug setup, Analysis of precompiled binaries

6 Loadable modules

Linker, stack and memory layout, Interrupts, IRQ table and priorities. Introduction to device drivers, Types of driver, lifecycle, portability. Security risks associated with loadable modules.

7 Cloud Platforms

Setup and use of cloud platforms such as AWS. Cloud platform utilisation fundamentals and business considerations.

8 Web Technologies

TCP/IP protocol with understanding of application protocols such as HTTP, FTP, SSH etc. Understand web server and common gateway interface (CGI).

Statement on Teaching, Learning and Assessment

This will include in depth understanding of boot process, kernel, loadable modules and debugging techniques. The module will be covered by a combination of lectures, supervised and unsupervised labs. The lectures will be covering the topics associated with system internals and cyber security. The practical activities will provide hands on system programming on Linux operating system.

Teaching and Learning Work Loads

Total 200
Lecture 24
Tutorial/Seminar 0
Supervised Practical Activity 26
Unsupervised Practical Activity 13
Assessment 60
Independent 77



Guidance notes

Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.


Disclaimer

We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2019/10 , and may be subject to change for future years.