IoT security Training Course

Course Code

IotS

Duration

24 hours (usually 4 days including breaks)

Requirements

There are no specific requirements needed to attend this course.

Overview

IoT security 101:

This course outlines the state of the art prevailing practices for IoT security and how this topic is
evolving. It is intended for IoT developers, managers to make strategic decision for their IoT product
both as a vendor and as a customer.

Course structure is 24 hours, 12 modules, 12x2 . Each module 2 hours.

Course Outline

1. Mod-1 :

Understanding IoT system risks & challenges

  • Disruption and Denial of Service attack
  • Vulnerability of API end points
  • Vulnerability of Gate way devices
  • Vulnerability of connected sensors and devices
  • Vulnerability of Gateway- Server communication
  • Vulnerability of Cloud services

2. Mod-2 :

OSASP 2014, Top 10 security risk :

  • I1 Insecure Web Interface
  • I2 Insufficient Authentication/Authorization
  • I3 Insecure Network Services
  • I4 Lack of Transport Encryption
  • I5 Privacy Concerns
  • I6 Insecure Cloud Interface
  • I7 Insecure Mobile Interface
  • I8 Insufficient Security Configurability
  • I9 Insecure Software/Firmware
  • I10 Poor Physical Security
  • References to OWASP and other related resources

3. Mod-3 :

Understanding challenges of IoT security:

Massive deployments – Many simultaneous connections – Huge increase in data traffic
Constrained devices (Sensors, Actuators) – 16 KB RAM, 128 KB Flash, battery-driven
Low-Power Lossy Networks – 100 kbit/s, high packet loss ( ~ 20%) – Physical layer
packet size limited ( ~ 100 bytes) :
Too much network traffic – Too many messages • TLS: 2 round trips – Too large
messages • TLS certificates > 1 KB
Too much RAM needed – Example: Minimal TLS ~ 4 KB
Too large libraries required – Example: TLS has over 100 algorithm options → Standard
security needs profiling

4. Mod-4 :

4 Recent case studies of IoT hacking

5. Mod-5 :

Security issues in Industrial Internet of Thing ( IIOT )- how secure Industrial control network like PLC, DAC interacting with IoT systems

6. Mod-6 :

Security issues in Medical/Health care IoT system : Securing patients from IoT hackers

7. Mod-7 :

Security issues in Connected cars

8. Mod-8 :

IoT Security implementation case study and prevailing art from known IoT Platform

  • AWS IoT standard for device authentication
  • Microsoft Azure IoT security standards
  • IBM IoT security standards

9. Mod-9 :

Legal issues in different verticals of IoT

  • Manufacturing
  • Healthcare
  • Connected Car
  • Service aggregation like Uber
  • Banking

10. Mod-10 :

Block Chain and IoT security :

Conventional security and privacy approaches tend tobe inapplicable for IoT, mainly due to its decentralized topology and the resource-constraints of
the majority of its devices. BlockChain (BC) that underpin the cryptocurrency Bitcoin have been
recently used to provide security and privacy in peer-to- peer networks with similar topologies to
IoT. However, BCs are computationally expensive and involve high bandwidth overhead and
delays, which are not suitable for IoT devices. Therefore new kind of BC approaches are evolving
for IoT security specially when control is involved. This module will touch the BC initiative in IoT
security with 3 case studies.

11. Mod-11 :

IoT security and standards: IETF, Most relevant for IoT: – ACE (Authorization and
Authentication in Constrained Environments) – CoRE (Constrained Restful Environments) – COSE
(CBOR Object Signing & Encryption). Existing standards – CoAP (Constrained Application
Protocol) • Similar to HTTP but for constrained devices – CBOR (Concise Binary Object
Representation) • Similar to JSON but binary and more compact  Work in progress – COSE
(CBOR Object Signing and Encryption) • Securing CBOR objects – OSCoAP (Object Security for
CoAP)

12. Mod-12 :

Active areas of IoT security research, future and Q/A session.

Testimonials

★★★★★
★★★★★

Related Categories

Course Discounts

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

is growing fast!

We are looking to expand our presence in Vietnam!

As a Business Development Manager you will:

  • expand business in Vietnam
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!