Overview of IoT Security
This training program aims to give participants a good understanding of IOT Security concepts and will give a range a full range of topics to the participants based on their domain.
At the end of the training, participants will:
- Have an understanding of basic python needed for IoT
- Have a good understanding of IoT concepts as well a brief understanding of Cloud Computing
- Have a good understanding of various threats and possible attacks and how to handle and protect against these attacks.
Duration
4 Days
Prerequisite for IoT Security
Basic Programming Skills are good to have
Course Outline for IoT Security
Hardware Kit
- Development Boards
- Raspberry Pi 3
- Arduino Mega (ATMega2560) with a USB cable
- ESP8266 NodeMcu
- Electronic Components
- Sensors – Analog temperature sensor(LM35)
- IR Proximity Sensor
- Switches – Push Button (10)
- Breadboard
- LEDs (10)
- Resistors (10)
- Connecting leads (25)
- Memory Card (16 GB)
- HDMI – VGA Converter
- 1A Power Adapter
- Communication Modules
- WiFi – ESP01
- Bluetooth – HC05
Python Overview
- Syntax and structure
- Comparisons to other languages (C, C++, Java, etc)
- Available Python Resources
- Whitespace, Indentation and program formatting
- Variables and Naming Conventions
- Operators
- Statement structure
- Comments
- Program Construction
Data Types
- Built-in Types
- Strings and Numbers
- Formatting Data, Numbers, Dates
- Using Lists/Arrays
- Tuples
- Dictionaries
- Understanding Dynamic Typing
- Working with Functions
- Python Code Execution
- Basic Input / Output
- String Operations
- Working with Tuples and Lists
- Introducing Control Flow Statements
Functions
- Variable Scope
- Variable Parameters
- Default Values
- Positional Parameters
- Keyword Parameters
- Introducing Lambdas
- Exception Handling
Classes in Python
- Creating Classes in Python
- Classes are Namespaces
- Constructors
- Self and Instances
- Class Variables
- List Comprehensions
- Advance Python Modules
- Default Values
- Positional Parameters
- Keyword Parameters
- Introducing Lambdas
- Exception Handling
Advanced IOT
- Introduction to the Internet of Things (IoT)
- Concept and definitions
- Embedded Systems, Computer Networks, M2M (Machine to Machine Communication), Internet of Everything (IoE), Machine Learning, Distributed Computing, Artificial Intelligence, Industrial automation
- Interoperability, Identification, localization, Communication, Software Defined Assets
- Understanding IT and OT convergence: Evolution of IIoT & Industry 4.0
- IoT Adoption
- Market statistics, Early adopters, Roadmap
- Business opportunities: Product + Service model
- Development, deployment, and monetization of applications as service
- Use cases
- Concept of Data, Information, Knowledge, and Wisdom
- Knowledge discovery process
- DIKW pyramid and relevance with IoT
- Microcontrollers: cost, performance, and power consumption
- Commercial microcontroller based development boards
- Selection criteria and tradeoffs
- Industrial networks, M2M networks
- Sensor Data Mining and Analytics
- Transducer: Sensor and Actuator
- Sensors – Types of sensors, sampling, analog to digital conversion, selection criteria of sensor and ADC
- Data acquisition, storage, and analytics
- Signals and systems
- Signal processing, systems classification, sampling theorem, ensuring quality and consistency of data
- Real-time analytics
- Understanding fundamental nuances between IoT and Big Data
- Usage of IoT data in various business domains to gain operational efficiency
- Edge analytics
- Data Aggregation on Edge gateway
- Wireless Sensor Area Networks (WSAN): Evolution of M2M and IoT networks and technologies
- Sensor Nodes
- Sensor node architecture
- WSN/M2M communication technologies
- Bluetooth, Zigbee, and WiFi communication technologies
- Cellular communication and LPWAN (LoRa and LoRaWAN) technologies
- Topologies
- Applications
- Sensor Nodes
- Design and Development of IoT systems
- IoT reference architectures
- Standardization initiatives
- Interoperability issues
- IoT design considerations
- Architectures Device, Network, and Cloud
- Centralized vs distributed architectures
- Networks, communication technologies, and protocols
- Smart asset management: Connectivity, Visibility, Analytics, Alerts
- IoT reference architectures
- Cloud Computing and Platforms
- Public, Private and Hybrid cloud platforms and deployment strategy
- Industrial Gateways
- Commercial Gateways solutions from various vendors
- Cloud-based Gateway solutions
- IaaS, SaaS, PaaS models
- Cloud components and services
- Device Management, Databases, Visualization, Reporting, Notification/Alarm management, Security management, Cloud resource monitoring, and management
- Example Platforms: ThingSpeak, Pubnub, AWS IoT
- AWS IoT Services
- Device Registry
- Authentication and Authorization
- Device Gateway
- Rules Engine
- Device Shadow
- IoT security
- Standards and Best practices
- Common vulnerabilities
- Attack Surfaces
- Hardware and Software solutions
- Open source initiatives
- Analytics
- Descriptive, Diagnostic, Predictive and Prescriptive
- Analytics using Python advance packages: NumPy, SciPy, Matplotlib, Pandas, and Sci-kit learn
- Case studies and roadmap
- Cold chain monitoring
- Asset tracking using RFID and GPRS/GPS
- Standards and Best practices
- AWS IoT Services
Hands-on/Practical Excercises
- Programming microcontrollers (Arduino, NodeMCU)
- Building HTTP and MQTT based M2M networks
- Interfacing Analog and Digital sensors with microcontroller to learn real-time data acquisition, storage, and analysis on IoT endpoints and edges
- An interfacing SD card with a microcontroller for data logging on IoT end devices using SPI protocol
- Interfacing Real-time clock module with microcontrollers for time and date stamping using the I2C protocol
- Python exercises to check the quality of acquired data
- developing microcontroller-based applications to understand event-based real-time processing and in- memory computations
- Setting up Raspberry Pi as Gateway to aggregate data from thin clients
- Python programming on Raspberry Pi to analyze collected data
- GPIO programming using Python and remote monitoring/control
- Pushing collected data to cloud platforms
- Designing sensor nodes to collect multiple parameters (Temperature, Humidity, etc.)
- Uploading data on the local gateway as cache
- Uploading data on cloud platforms
- Monitoring and controlling devices using android user apps and Bluetooth interfaces
- Building wireless sensor networks using WiFi
- Sensor data uploading on the cloud using GSM/GPRS
- Device to device communication using LoRa modules
- Remote controlling machines using cloud-based apps
- Remote controlling machines using device-based apps through the cloud as an intermediate node
- Interfacing Raspberry Pi with AWS IoT Gateway service to exchange messages
- Interfacing Raspberry Pi with PUBNUB cloud to understand publish/subscribe architecture and MQTT protocol
- Data cleaning, subsetting, and visualization
- Set of python exercises to demonstrate descriptive and predictive analytics
- Case study/Use case:
- Environment Monitoring
- Health monitoring (Wearable)
- Asset performance monitoring
Internet of Things Security
- IoT concepts revision
- Introduction to information and cybersecurity
- Basic terminologies
- Standards and open source initiatives
- CIA triads: effectively addressing security and privacy concerns
- Attack surfaces and vulnerabilities: Device, network, Gateway and Cloud
- Risk assessment and management
- Cryptography: Applications of Cryptography in IoT communication and data security
- Threat modeling
- Device security
- Application Hardening
- OS/platform hardening
- Physical security
- Gateway security
- Communication protocols and network security
- Data link layer – Wireless communication technology security provisions
- WiFi, Bluetooth, Zigbee, and 802.15.4 protocols
- Application layer security
- MQTT and HTTP protocols
- Network hardening
- Data link layer – Wireless communication technology security provisions
- IoT cloud platforms
- API and endpoint security
- Security of data at rest
- Standard security frameworks
- Example platforms: AWS and Microsoft Azure