Module details for System Internals and Cybersecurity

Description

Students will explore system programming and development, with an understanding of the security implications of such systems.

Aims

The module outline aims to provide in depth knowledge of system programming with security challenges in kernel and user space. Students will develop a firm understanding of system and device internal operations. This will include understanding operating system internals and how new applications for these systems can be implemented in scenarios such as IoT deployments. This will be supplemented with material which will develop an understanding of how cloud and web technologies can be utilised in conjunction with such devices.

Learning Outcomes

By the end of this module the student should be able to:

1.  Explain the operation of systems at a low level i.e. kernel, driver operation etc; and the security implications arising from such systems.

2.  Design and develop systems that incorporate relevant security features for deployment in embedded IoT environments.

3.  Critique the benefits and challenges of cloud technologies as a platform for IoT technology.

Indicative Content

1 System Programming

C programming, compiler, linker and loader. Static and runtime analysis of binary files. System development kits, kernel headers and cross complier environments.

2 Hardware

ASIC,MCU,CPU, SOC, assembly, component security, pcb security, sniffing wire traffic, radio traffic, Types of communication (I2C, SPI, UART, RS232) and security challenges

3 Operating systems

I/O Manager, Memory Manager, Scheduler, .s file, init file, boot loader, boot process, ROM, RAM, execution rings

4 Kernels

Types of kernel, real time, unix, Windows, mac, linux, user space vs kernel space, shell, native applications, dll, registry/proc. Security landscape in user and kernel space.

5 Auditing and Debugging

User and kernel space debugging, Remote kernel debug setup, Analysis of precompiled binaries

6 Loadable modules

Linker, stack and memory layout, Interrupts, IRQ table and priorities. Introduction to device drivers, Types of driver, lifecycle, portability. Security risks associated with loadable modules.

7 Cloud Platforms

Setup and use of cloud platforms such as AWS. Cloud platform utilisation fundamentals and business considerations.

8 Web Technologies

TCP/IP protocol with understanding of application protocols such as HTTP, FTP, SSH etc. Understand web server and common gateway interface (CGI).

Teaching and Learning Work Loads

For session 2020/21 the expectation is that the teaching and learning hours stated in this descriptor will form a mix of synchronous and asynchronous student/staff activity, with the majority of this being online. The exact pattern of this activity is likely to vary from the standard face-to-face hours listed below but the overall student effort remains the same. Up-to-date information on the delivery of the module can be found on the relevant module MLS site and on your student timetable.

Teaching and Learning Method Hours
Lecture 24
Tutorial/Seminar 0
Practical Activity 39
Assessment 60
Independent 77
Total 200



Guidance notes

SCQF Level - The Scottish Credit and Qualifications Framework provides an indication of the complexity of award qualifications and associated learning and operates on an ascending numeric scale from Levels 1-12 with SCQF Level 10 equating to a Scottish undergraduate Honours degree.

Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.


Disclaimer

We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2020/21 , and may be subject to change for future years.