Studying at the University of Verona

Here you can find information on the organisational aspects of the Programme, lecture timetables, learning activities and useful contact details for your time at the University, from enrolment to graduation.

Study Plan

The Study Plan includes all modules, teaching and learning activities that each student will need to undertake during their time at the University.
Please select your Study Plan based on your enrollment year.

1° Year

ModulesCreditsTAFSSD
9
B
ING-INF/05
9
B
ING-INF/04
9
C
ING-IND/13 ,ING-IND/35
9
B
ING-INF/05
Compulsory activities for Embedded & Iot Systems
6
B
ING-INF/05
6
B
ING-INF/05
Compulsory activities for Smart Systems & Data Analytics
6
B/C
INF/01 ,ING-INF/06
6
B/C
ING-INF/05
Compulsory activities for Robotics Systems
6
B/C
INF/01
6
B/C
ING-INF/05

2° Year  activated in the A.Y. 2023/2024

ModulesCreditsTAFSSD
Compulsory activities for Embedded & Iot Systems
6
B/C
INF/01
6
B/C
ING-INF/05
Compulsory activities for Robotics Systems
6
B/C
ING-INF/04
6
B/C
ING-INF/05
Compulsory activities for Smart Systems & Data Analytics
6
B/C
ING-INF/05
6
B/C
ING-INF/05
24
E
-
ModulesCreditsTAFSSD
9
B
ING-INF/05
9
B
ING-INF/04
9
C
ING-IND/13 ,ING-IND/35
9
B
ING-INF/05
Compulsory activities for Embedded & Iot Systems
6
B
ING-INF/05
6
B
ING-INF/05
Compulsory activities for Smart Systems & Data Analytics
6
B/C
INF/01 ,ING-INF/06
6
B/C
ING-INF/05
Compulsory activities for Robotics Systems
6
B/C
INF/01
6
B/C
ING-INF/05
activated in the A.Y. 2023/2024
ModulesCreditsTAFSSD
Compulsory activities for Embedded & Iot Systems
6
B/C
INF/01
6
B/C
ING-INF/05
Compulsory activities for Robotics Systems
6
B/C
ING-INF/04
6
B/C
ING-INF/05
Compulsory activities for Smart Systems & Data Analytics
6
B/C
ING-INF/05
6
B/C
ING-INF/05
24
E
-
Modules Credits TAF SSD
Between the years: 1°- 2°
3
F
-
Between the years: 1°- 2°
3 modules among the following
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
INF/01
6
C
ING-INF/01
6
C
INF/01 ,ING-INF/06
6
C
INF/01
6
C
ING-IND/16
6
C
INF/01
6
C
INF/01 ,ING-INF/06
6
C
INF/01
6
C
INF/01
6
C
SECS-P/10
Between the years: 1°- 2°
12
D
-
Between the years: 1°- 2°
Further activities. International students (ie students who do not have an Italian bachelor’s degree) must compulsorily gain 3 credits of Italian language skills
3
F
-

Legend | Type of training activity (TTA)

TAF (Type of Educational Activity) All courses and activities are classified into different types of educational activities, indicated by a letter.

A Basic activities
B Characterizing activities
C Related or complementary activities
D Activities to be chosen by the student
E Final examination
F Other training activities
S Placements in companies, public or private institutions and professional associations

Cyber-security for iot (2022/2023)

Teaching code

4S009025

Credits

6

Coordinator

Mariano Ceccato

Language

English en

Scientific Disciplinary Sector (SSD)

INF/01 - INFORMATICS

MoodleMoodle Seminars 0

The teaching is organized as follows:

Teoria

Credits

5

Period

Semester 2

Academic staff

Mariano Ceccato

Lessons timetable
Laboratorio

Credits

1

Period

Semester 2

Academic staff

Mariano Ceccato

Lessons timetable

Learning objectives

The course covers the main methodologies and technologies to identify and mitigate cyber-attacks to IoT software systems. At the end of the course, the student shall prove to know the main classes of vulnerabilities and attacks that threaten the security of these systems, and to know the technical and organizational countermeasures that can be adopted to mitigate the risks of such attacks. This knowledge shall allow the student to define software architectures that guarantee the security of IoT software systems.

Prerequisites and basic notions

Knowledge of programming fundamentals

Program

- Introduction: cybersecurity and IoT, well-known examples of IoT security incidents. Ethics in software and IT security. Case studies of the course
- Access control, elements of access control, Discretionary Access Control, Role based Access Control, roles, hierarchies and separation of duty.
- Presentation of Owasp Top10 and the taxonomy of vulnerabilities
- Cyber attacks in the past and recent cyber attacks. Advanced Persistent Threat. Cyber Kill Chain: Reconnaissance, Weponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives. Description of attacks, objectives, tools and defense strategies. Examples of attacks modeled with Cyber Kill Chain.
- Miter Att&ck: data sources, structure. Tactics, techniques, groups, software and mitigations. Examples and usage scenarios. Case study analysis and mapping on Miter Att&ck
- Social engineering. Well-known cases of social engineering attacks. Exercises with tools for creating social engineering attacks campaigns
- Password based authentication. Typical problems and attacks. Password cracking exercises. Countermeasures.
- Black box penetration testing, and white box penetration testing.
- Discussion of case studies.

Bibliography

Vai alla bibliografia
Visualizza la bibliografia con Leganto, strumento che il Sistema Bibliotecario mette a disposizione per recuperare i testi in programma d'esame in modo semplice e innovativo.

Didactic methods

The course consists of a mix of frontal lectures, discussions and practical labs.

Learning assessment procedures

Students will be assessed through an oral exam and laboratory activities. Alternatively, attending students will have the opportunity to take the exam as a project agreed with the teacher

Students with disabilities or specific learning disorders (SLD), who intend to request the adaptation of the exam, must follow the instructions given HERE

Evaluation criteria

Personal learning and reworking of the course contents

Criteria for the composition of the final grade

Oral exam evaluation

Exam language

English or Italian