Internet of Things Security Essentials (IOTSE)

Experts have warned of the potential risk of large numbers of unsecured devices connecting to the Internet since the Internet of Things (IoT) concept was first proposed in the late 1990s.

Networking appliances and other objects is relatively new, security has not always been considered in product design. IoT products are often sold with old and unpatched embedded operating systems and software.

Upcoming Batches

  • Singapore: 24 to 26 Oct 2018, 20 to 22 Nov 2018, 4 to 6 Dec 2018 | Book Now
  • Bangkok, Thailand: 13 to 15 Nov 2018, 26 to 28 Dec 2018 | Book Now
  • Johor, Malaysia: 14 to 16 Dec 2018 | Book Now
  • Kuala Lumpur, Malaysia: 10 to 12 Oct 2018, 6 to 8 Dec 2018 | Book Now
  • Penang, Malaysia: 11 to 13 Dec 2018 | Book Now
Course Objective
Internet of Things Security Essentials (IOTSE) is a course designed to allow participants to acquire knowledge on the fundamentals of safeguarding connected devices and networks in Internet of Things (IOT). Participants will learn about the essentials of how to integrate the security aspect into their IOT design taking into consideration all the threats that can possibly happen.
Course Duration
24 hours / 3-Day
Course Outline
MODULE 1: Introduction to Internet of Things (IOT)  

  • What is IoT?
  • Growth of IoT
  • IoT Scenarios
  • Advantages of IoT
  • IoT Key Features
  • MODULE 2: Need of Internet of Things (IOT) Security  

  • Requirements and Basic Properties
  • Main Challenges
  • Main Security Issues
  • Confidentiality, Integrity, Availability
  • Non-Repudiation
  • MODULE 3: Understanding IOT Architecture  

  • Device To Device
  • Device To Cloud
  • Device To Gateway
  • Cloud To Gateway
  • MODULE 4: IOT Communication Protocol  

  • OSI vs TCP/IP Reference Model
  • Application Layer Protocols (MQTT, CoAP, HTTP, Web socket, DDS, AMQP)
  • Transport Layer Protocols (TCP, UDP)
  • Network Layer Protocols (IPv4, IPv6, LowPAN)
  • Link Layer Protocols (Ethernet, WiFi, WiMax, Cellular)
  • MODULE 5: IOT Technology Standards  

  • Wired Communication Protocols (UART, USART, I2C, SPI, Ethernet, JTAG)
  • Wireless Communication Protocols (Bluetooth, Zigbee, 6lowPAN, WiFi, Z-wave)
  • MODULE 6: Security Classification & Access Control

  • Data Classification (Public, Private, Sensitive, Confidential, Proprietary)
  • Criteria for Data Classification
  • Privacy Issues in IOT
  • IoT Ecosystem Access Control
  • Authentication, Authorization, Accounting
  • Data Integrity
  • MODULE 7:Introduction to Raspberry PI

  • Understanding Raspberry PI
  • Setting up Raspberry PI
  • Installation of OS in Raspberry PI (Noobs and Kali Linux)
  • Setting remote access of Raspberry PI Desktop
  • MODULE 8: Cryptology

  • Origin of Cryptography
  • History of Cryptography
  • Symmetric Key Algorithms (AES and DES)
  • Asymmetric Key Algorithm (RSA)
  • Attacks (Dictionary and Brute Force, Lookup Tables, Reverse Look Tables, Rainbow Tables)
  • Hashing (MD5, SHA256, SHA512, RipeMD, Whirlpool)
  • Salting
  • MODULE 9: Attack Surface and Threat Assessment

  • OWASP Top 10 (IoT Hacking & Security)
  • IoT Attack Surface
  • Software and Cloud Components
  • Firmware of the devices
  • Web Application Dashboard
  • Mobile Application used to Control, Configure, and Monitor Devices
  • Threat Assessment
  • MODULE 10: Attacks & Implementation

  • Risk of IoT
  • Vulnerability Exploitation
  • Attacks of Privacy (Phishing, Pharming, DNS Hijacking, Defacement, Eavesdropping, Cyber Espionage)
  • Web Based Attacks (Malware, Password, Access, Social Engineering, Data & Identity Theft, Reconnaissance)
  • MODULE 11: Security Management

  • Identity and Access Management
  • Key Management
  • MODULE 12: Case Studies and Discussion

  • Smart Homes
  • Smart Agriculture
  • Smart Retail Supply
  • Smart Healthcare
  • Smart Grid
  • Smart Cities
  • MODULE 13: Hands-On Exercises
    Pre-Requisite
    NA
    Examination
    Participants are required to pass an examination. This exam tests a candidate’s knowledge and skills related to Internet of Things Security based on the syllabus covered in the course
    Certification
    Participants will be recognized as a CASUGOL Certified Professional and awarded a Certificate of Competency in Internet of Things Security Essentials (IOTSE) upon meeting the requirements and passing the examination.
    Who Will Benefit from the Course
    Internet of Things Security Essentials (IOTSE) is designed for participants who are interested in pursuing a career in the areas of Internet of Things Security and would like the opportunity to learn in a supportive and encouraging environment.

    This course will equip you with a set of skills that you can draw on to implement the technology in your organisation.

    Class is limited to 20 participants as hands-on sessions and real-time demonstration is expected.