a

IoT Security

Internet of things Security - Stalwart Learning

This training program aims to give participants a good understanding of IOT Security concepts and will give a range a full range of topics to the participants based on their domain.

At the end of the training, participants will:

  • Have an understanding of basic python needed for IoT
  • Have a good understanding of IoT concepts as well a brief understanding of Cloud Computing
  • Have a good understanding of various threats and possible attacks and how to handle and protect against these attacks

12 Days

Basic Programming Skills are good to have

  • Development Boards
    • Raspberry Pi 3
    • Arduino Mega (ATMega2560) with a USB cable
    • ESP8266 NodeMcu
  • Electronic Components
    • Sensors – Analog temperature sensor(LM35)
    • IR Proximity Sensor
    • Switches – Push Button (10)
    • Breadboard
    • LEDs (10)
    • Resistors (10)
    • Connecting leads (25)
    • Memory Card (16 GB)
    • HDMI – VGA Converter
    • 1A Power Adapter
  • Communication Modules
    • WiFi – ESP01
    • Bluetooth – HC05
  • Syntax and structure
  • Comparisons to other languages (C, C++, Java, etc)
  • Available Python Resources
  • Whitespace, Indentation and program formatting
  • Variables and Naming Conventions
  • Operators
  • Statement structure
  • Comments
  • Program Construction
  • Built-in Types
  • Strings and Numbers
  • Formatting Data, Numbers, Dates
  • Using Lists/Arrays
  • Tuples
  • Dictionaries
  • Understanding Dynamic Typing
  • Working with Functions
  • Python Code Execution
  • Basic Input / Output
  • String Operations
  • Working with Tuples and Lists
  • Introducing Control Flow Statements
  • Variable Scope
  • Variable Parameters
  • Default Values
  • Positional Parameters
  • Keyword Parameters
  • Introducing Lambdas
  • Exception Handling
  • Creating Classes in Python
  • Classes are Namespaces
  • Constructors
  • Self and Instances
  • Class Variables
  • List Comprehensions
  • Advance Python Modules
  • Default Values
  • Positional Parameters
  • Keyword Parameters
  • Introducing Lambdas
  • Exception Handling

Introduction to the Internet of Things (IoT)

    • Concept and definitions
      • Embedded Systems, Computer Networks, M2M (Machine to Machine Communication), Internet of Everything (IoE), Machine Learning, Distributed Computing, Artificial Intelligence, Industrial automation
      • Interoperability, Identification, localization, Communication, Software Defined Assets
    • Understanding IT and OT convergence: Evolution of IIoT & Industry 4.0
    • IoT Adoption
      • Market statistics, Early adopters, Roadmap
    • Business opportunities: Product + Service model
      • Development, deployment, and monetization of applications as service
    • Use cases

Concept of Data, Information, Knowledge, and Wisdom

    • Knowledge discovery process
    • DIKW pyramid and relevance with IoT
    • Microcontrollers: cost, performance, and power consumption
      • Commercial microcontroller based development boards
      • Selection criteria and tradeoffs
    • Industrial networks, M2M networks

Sensor Data Mining and Analytics

    • Transducer: Sensor and Actuator
      • Sensors – Types of sensors, sampling, analog to digital conversion, selection criteria of sensor and ADC
    • Data acquisition, storage, and analytics
    • Signals and systems
      • Signal processing, systems classification, sampling theorem, ensuring quality and consistency of data
    • Real-time analytics
      • Understanding fundamental nuances between IoT and Big Data
      • Usage of IoT data in various business domains to gain operational efficiency
    • Edge analytics
      • Data Aggregation on Edge gateway
    • Wireless Sensor Area Networks (WSAN): Evolution of M2M and IoT networks and technologies
      • Sensor Nodes
        • Sensor node architecture
      • WSN/M2M communication technologies
        • Bluetooth, Zigbee, and WiFi communication technologies
        • Cellular communication and LPWAN (LoRa and LoRaWAN) technologies
      • Topologies
      • Applications
    • Design and Development of IoT systems
      • IoT reference architectures
        • Standardization initiatives
        • Interoperability issues
      • IoT design considerations
        • Architectures Device, Network, and Cloud
        • Centralized vs distributed architectures
      • Networks, communication technologies, and protocols
      • Smart asset management: Connectivity, Visibility, Analytics, Alerts
    • Cloud Computing and Platforms
      • Public, Private and Hybrid cloud platforms and deployment strategy
      • Industrial Gateways
        • Commercial Gateways solutions from various vendors
        • Cloud-based Gateway solutions
      • IaaS, SaaS, PaaS models
      • Cloud components and services
        • Device Management, Databases, Visualization, Reporting, Notification/Alarm management, Security management, Cloud resource monitoring, and management
      • Example Platforms: ThingSpeak, Pubnub, AWS IoT
        • AWS IoT Services
          • Device Registry
          • Authentication and Authorization
          • Device Gateway
          • Rules Engine
          • Device Shadow
        • IoT security
          • Standards and Best practices
            • Common vulnerabilities
            • Attack Surfaces
            • Hardware and Software solutions
            • Open source initiatives
          • Analytics
            • Descriptive, Diagnostic, Predictive and Prescriptive
            • Analytics using Python advance packages: NumPy, SciPy, Matplotlib, Pandas, and Sci-kit learn
          • Case studies and roadmap
            • Cold chain monitoring
            • Asset tracking using RFID and GPRS/GPS
  • Programming microcontrollers (Arduino, NodeMCU)
  • Building HTTP and MQTT based M2M networks
  • Interfacing Analog and Digital sensors with microcontroller to learn real-time data acquisition, storage, and analysis on IoT endpoints and edges
  • An interfacing SD card with a microcontroller for data logging on IoT end devices using SPI protocol
  • Interfacing Real-time clock module with microcontrollers for time and date stamping using the I2C protocol
  • Python exercises to check the quality of acquired data
  • developing microcontroller-based applications to understand event-based real-time processing and in- memory computations
  • Setting up Raspberry Pi as Gateway to aggregate data from thin clients
  • Python programming on Raspberry Pi to analyze collected data
  • GPIO programming using Python and remote monitoring/control
  • Pushing collected data to cloud platforms
  • Designing sensor nodes to collect multiple parameters (Temperature, Humidity, etc.)
  • Uploading data on the local gateway as cache
  • Uploading data on cloud platforms
  • Monitoring and controlling devices using android user apps and Bluetooth interfaces
  • Building wireless sensor networks using WiFi
  • Sensor data uploading on the cloud using GSM/GPRS
  • Device to device communication using LoRa modules
  • Remote controlling machines using cloud-based apps
  • Remote controlling machines using device-based apps through the cloud as an intermediate node
  • Interfacing Raspberry Pi with AWS IoT Gateway service to exchange messages
  • Interfacing Raspberry Pi with PUBNUB cloud to understand publish/subscribe architecture and MQTT protocol
  • Data cleaning, subsetting, and visualization
  • Set of python exercises to demonstrate descriptive and predictive analytics
  • Case study/Use case:
    1. Environment Monitoring
    2. Health monitoring (Wearable)
    3. Asset performance monitoring
  • IoT concepts revision
  • Introduction to information and cybersecurity
  • Basic terminologies
  • Standards and open source initiatives
  • CIA triads: effectively addressing security and privacy concerns
  • Attack surfaces and vulnerabilities: Device, network, Gateway and Cloud
  • Risk assessment and management
  • Cryptography: Applications of Cryptography in IoT communication and data security
  • Threat modeling
  • Device security
    • Application Hardening
    • OS/platform hardening
    • Physical security
  • Gateway security
  • Communication protocols and network security
    • Data link layer – Wireless communication technology security provisions
      • WiFi, Bluetooth, Zigbee, and 802.15.4 protocols
    • Application layer security
      • MQTT and HTTP protocols
    • Network hardening
  • IoT cloud platforms
    • API and endpoint security
    • Security of data at rest
    • Standard security frameworks
    • Example platforms: AWS and Microsoft Azure