The development, deployment and management of connected objects need a thorough analysis of all the threats that can cause financial and physical damages. Vulnerabilities in the software components, as well as vulnerabilities in the machine-to-machine and human-to-machine processes constitute entry points for adversaries aiming at taking control of the system, gain financial advantages or disrupting the normal operating conditions. This module will provide an overview of the main sources of threats in the cyberspace, and the goals that can be attained by an adversary.
The term “smart” applied to a city poses a two-fold threat. On one hand, relying on computers and software-based systems for real-time or decision making tasks provides attackers with a wide attack surface that can be used to mislead decisions, disrupt services, and steal data. On the other hand, the term “smart” often refers to the use of some components based on artificial-intelligence or machine-learning tools. It has been recently shown that these tools can be a source of severe vulnerabilities when used in an adversary environment, as their generalisation capabilities can be subtly used to make attacks look like ordinary input data. This module will propose the approaches that need to be used in the early stages of the design and test phases to model the threats, and, consequently, use the appropriate methodologies and tools to mitigate the threats.
Exercise Session: A number of scenarios will be proposed to students who will work in groups, one group per scenario. Each group will produce a threat model of the scenario and propose solutions to mitigate the threats