VE4003 Embedded System Security Syllabus:
VE4003 Embedded System Security Syllabus – Anna University PG Syllabus Regulation 2021
COURSE OBJECTIVES:
To introduce Embedded Security issue. Security Major Concerns Data, Design and System Protection.
To learn Cryptographic Concepts in the Context of Embedded Systems and their Unique Constraints and Requirements.
To expose Forensics Procedures and Digital Data Acquisition Mechanisms using FKT and FRED
UNIT I INTRODUCTION
The CIA Triad, Identification, Authentication and Authorization, Security Principles and Models. Network Attacks – Types and Sources, Architecture Security, Secure Network Design, Firewalls, Introduction to Intrusion Controls (IDS/IPS), Introduction to Wireless LAN Security Standards, the One-Time Pad, Cryptographic Modes, Block Ciphers, Authenticated Encryption, Public Key Cryptography, Key Agreement, Public Key Authentication
UNIT II EMBEDDED CRYPTOGRAPHY
Elliptic Curve Cryptography, Cryptographic Hashes, Message Authentication Codes, Random Number Generation, Key Management for Embedded Systems, Cryptographic Certifications. Introduction to Data Protection Protocols for Embedded Systems. Internet Security for Embedded Systems, IPsec., Data at-Rest Protocols.
UNIT III EMBEDDED SYSTEMS SECURITY REQUIREMENTS AND ISSUES
Embedded System Security Requirements and Issues, Embedded Software Attacks and Countermeasures, Hardware Security in Embedded Systems, Secured Hardware Architectures for Embedded Systems, Tamper- Resistant Hardware, Introduction to Trust Models for Secure Embedded Hardware and Software Embedded Processing Architectures for Security, Communications Security in Embedded Systems.
UNIT IV DIGITAL FORENSICS
The Six A’s, Forensic Types: Disk Forensics, Network Forensics, Mobile Device Forensics, Live Forensics, Memory Forensics, Multimedia Forensics, Internet Forensics, Cyber Crime Investigations and Digital Forensics, Disk Based Forensics, Cybercrime, Forensic Process and Methodology, Digital Evidence, Incident Response, Searching and Analysis Tools, Email & Browsers, Intrusion Detection, Attack Trace-Back, Packet Inspection, Log Analysis, Hashing Issues, Anti-Forensics (Encryption and Stealth Techniques), Forensics in Embedded Systems.
UNIT V PRACTICE WITH FORENSIC TOOLS
Data Acquisition Hardware Tools, Use Fred to Create Images on Different Media, Recovering the Deleted Files, Investigative Tools (Open Source and Proprietary), Using Forensic Software Such as FTK/Encase Etc. Use FTK Preview Evidence, Export Evidence Files, Create Forensic Images and Convert Existing Images, Create a Case in FTK, Use FTK to Process and Analyze Documents, Metadata, Graphics and E-Mail, Use the FTK Data Carving Feature to Recover Files from Unallocated Disk Space. Web/E-Mail Forensics analysis, Mobile Evidence, Extracting and Analysing Mobile Evidence.
TOTAL:45 PERIODS
COURSE OUTCOMES:
At the end of the course, students will demonstrate the ability to:
CO1:Recognize vulnerabilities, attacks and need of protection mechanisms for embedded systems
CO2:Analyze and evaluate software vulnerabilities and attacks on Operating Systems
CO3:Identify terms/concepts relevant to Embedded Cryptography.
CO4:Develop and deploy solutions for Security of Embedded Software and Data Protection.
REFERENCES
1. David Kleidermacher, Mike Kleidermacher, Embedded Systems Security – Practical Methods for Safe and Secure Software and Systems Development, Newnes, Elsevier, 2012.
2. Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, Prentice Hall,1995
3. Francine Krief (Editor), Communicating Embedded Systems: Networks Applications, Wiley, 2013.
4. John Sammons, Digital Forensics with the Access data Forensic Toolkit (FTK), McGraw Hill Companies,2016
5. CEH: Certified Ethical Hacker Version 8 Study Guide By Sean-Philip Oriyano (Author) Publisher Sybex,2014