Course detail

System and Device Security

FEKT-DPC-BSZAcad. year: 2023/2024

The course deals with the security of embedded systems, smart devices and side-channel cryptanalysis. In particular, these topics are included: authentication systems, authentication tokens (basic types, attacks on smart cards, RFID tags), hardware security modules (HSM), programmable smart cards (.NET Cards, Java Cards, MULTOS cards), the security of smart devices (smartphones, smart watches), security systems using embedded devices (single-chip devices, microcontrollers, sensors), lightweight cryptography for compute-constrained devices, side-channel cryptanalysis, countermeasures against side-channel attacks, reverse engineering, software security (source code security) and safety assessment methodologies.

Language of instruction

Czech

Number of ECTS credits

4

Mode of study

Not applicable.

Entry knowledge

The course requires a basic knowledge in the areas of applied cryptography, (course Cryptographic foundation or Aplied cryptography) operating system security (course ICT Security 1), network security (course ICT Security 2), advanced network security (course ICT Security 3).

Rules for evaluation and completion of the course

The completion of an individual project adds upto 30 points. The requirements on the completion of the tasks in laboratories and projects are described in the annual supervisor’s notice. The maximum of 70 points can be gained during the final exam.
The conditions for the successful course completion are stated in the yearly updated supervisor’s notice.

Aims

The main goal of the course is to familiarize students with the security of embedded systems and devices that are an integral part of ICT. During the course, students are introduced with lightweight cryptography, authentication systems, smart cards, side-channel cryptanalysis and countermeasures preventing side-channel attacks. The course follows up on the knowledge of ICT Security 1, 2, 3 and Applied Cryptography courses and appropriately expands them.
Students will obtain theoretical foundations including practical skills in the area of security of embedded system and authentication systems. Students will be familiar with the basic systems, various scenarios, lightweight cryptography and principles of the safe implementation eliminates side-channel attacks. Based on this knowledge, studens will be able to analyze and design security solutions for embeded systems.

Study aids

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

BURDA, Karel. Aplikovaná kryptografie. Brno: VUTIUM, 2013. 255 s. ISBN 978-80-214-4612-0. (CS)
MAYES, Keith E.; MARKANTONAKIS, Konstantinos (ed.). Smart cards, tokens, security and applications. Second Edition. Springer International Publishing AG, 2017. 531 s. ISBN: 3319504983 (CS)

Recommended reading

AMBROSE, Jude, Alexandar INGJATOVIC a Sri PARAMESWARAN. Power analysis side channel attacks: the processor design-level context. Saarbrücken: VDM Verlag, 2010, xvi, 277 s. : il. ISBN 978-3-8364-8508-1. (EN)
KLEIDERMACHER, David, KLEIDERMACHER, Mike. Embedded systems security: practical methods for safe and secure software and systems development. Elsevier, 2012. (EN)
MANGARD, Stefan a OSWALD, Elisabeth a POPP, Thomas: Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security). Secaucus, NJ, USA:Springer-Verlag New York, Inc., 2007, ISBN 0387308571. (EN)
PETERS, Eric: Advanced DPA Theory and Practice: Towards the Security Limits of Secure Embedded Circuits. Springer Publishing Company, 2013, ISBN 1461467829. (EN)
RANKL, Wolfgang, Wolfgang EFFING a Kenneth COX. Smart card handbook. 4th ed. Chichester: John Wiley, 2010, xliv, 1043 s. : il. ISBN 978-0-470-74367-6. (EN)

Elearning

Classification of course in study plans

  • Programme DPC-IBE Doctoral 0 year of study, summer semester, compulsory

Type of course unit

 

Seminar

39 hod., optionally

Teacher / Lecturer

Syllabus

1. Introduction to embedded system security and tamper-proof devices
2 .Lightweight cryptography for computationally constrained devices
3. Authentication systems and technologies
4. Authentication tokens and hardware security modules
5. Programmable smart cards
6. Security with smart devices
7. Security with single-chip devices and embedded systems and optimization
8. Reverse engineering and software security
9. Side channel cryptanalysis - Introduction
10. Side channel cryptanalysis - power analysis
11 Side channel cryptanalysis - countermeasures
12. Methodology for security assessment of devices and systems
13. Selected topics of device and system security 

Elearning