Syllabus for Roster(s):
- 14F BUS 5120-701 (SCPS)
Syllabus
BUS 5120 – Securing the Internet of Things
Online: Synchronous (Wednesdays at 7:30pm EDT) & Asynchronous
Class Overview and Syllabus - Fall 2014
- Class Overview: General Class Information
Course Title: Securing the Internet of Things
BUS 5120
Three graduate credit hours
Instructor: Angela Orebaugh, PhD
Contact Info: E-mail: ado4v@virginia.edu
Email is the best way to contact me. I will respond to email within 48 hours.
Cell Phone: (571) 215-1210
If you need to contact me via cell phone, please call me before 9 p.m.
Course Dates: Fall 2014
Course Prerequisite: None
- Course Description
The Securing the Internet of Things course will examine the security and ethical issues of the vast implementation of smart devices known as the Internet of Things (IoT). The IoT is an environment where smart devices sense, anticipate, and respond to our needs as we manage them remotely. These smart devices often act as the gateway between our digital and physical world. The IoT touches many aspects of life including transportation, health care, safety, environment, energy, and more. This course will examine and discuss IoT technology and market specific topics, relevant case studies of IoT security vulnerabilities and attacks, and mitigation controls. Students will assess the health, safety, privacy, and economic impacts of IoT security events.
- Course Learning Outcomes – upon successful completion of this course, the participant will be able to:
- Demonstrate knowledge and understanding of the security and ethical issues of the Internet of Things
- Conceptually identify vulnerabilities, including recent attacks, involving the Internet of Things
- Conceptually describe countermeasures for Internet of Things devices
- Analyze the societal impact of IoT security events
- Develop critical thinking skills
- Compare and contrast the threat environment based on industry and/or device type
- Assessment Components and Evaluation Standards
Students will be evaluated by course participation in weekly discussions, examinations, and a research paper. More detailed information on each of the various assessment components can be found in Section 12. Course Assignments and Activities.
Course Participation 28%
-
Weekly discussion forums: Every week each student will be expected to submit a minimum of two postings in response to the assigned readings posted on the discussion board. The postings and topics discussed will reflect the students’ individual response and opinions.
- Evaluation Standard – Students’ level of participation and engagement will be evaluated using a forum discussion rubric, which will include timeliness, number of responses posted, content of the postings, and associated discussion board responses.
Examinations 40%
The examinations will be based on posted reading assignments and class discussion. The examinations will be used to ensure the principles of the course have been mastered at an acceptable level.
-
Mid-term Exam: Each student will be responsible for completing a mid-term exam that will be posted by the instructor. The exam will have an exact due date and time that it shall be submitted on the UVaCollab collaboration site for grading. (20%)
- Evaluation Standard – Students will be evaluated using an examination rubric, which will assess the student’s ability to describe problems and solutions learned in class, apply critical thinking skills to articulate solutions to problems, and to write with clarity and succinctness.
-
Final Exam: Each student will be responsible for completing a final exam that will be posted by the instructor. The exam will have an exact due date and time that it shall be submitted on The UVaCollab collaboration site for grading. (20%)
- Evaluation Standard – Students will be evaluated using an examination rubric, which will assess the student’s ability to describe problems and solutions learned in class, apply critical thinking skills to articulate solutions to problems, and to write with clarity and succinctness.
Research Paper 32%
-
Research Paper: Each student will complete a research paper project. The instructor shall approve the topic based on the submitted research proposal.
- Evaluation Standard – The final research paper project will be evaluated using the final research paper rubric which will assess the following: overall paper’s organization and content, inclusion of all format requirements as described in the paper guidelines, sequence and flow of the paper, application of course topic concepts, and reflection of critical thinking skills.
- Delivery Mode Expectations: This course is delivered online, using both synchronous and asynchronous discussions.
- Required Texts: Readings are assigned from relevant, current articles provided via HTTP URL.
- Required Additional Resources and Technical Components: None
- Course Components and Requirements
|
Course Component |
Course Overview and Requirements |
|
Class Instruction |
The course delivery format is as follows: Each Week
1-60 minute synchronous online session (Bb Collaborate) for group discussions
Students are required to participate in the Asynchronous Online Discussions each week. A variety of teaching and learning tools may be employed including readings, videos, discussion, and simulations. Course Materials will be available in UVACollab at the site address noted above: (http://collab.itc.virginia.edu/portal) |
|
|
Reading and active participation:
Active learning: Help co-create a learning environment that encourages mutual respect and exploration of course learning objectives.
|
|
Grading Standards |
Grading Scale: Percentages convert to grades as follows A+ 99-100 B 83-87 C- 70-73 A 95-99 B- 80-83 D+ 67-70 A- 90-95 C+ 77-80 D 63-67 B+ 87-90 C 73-77 D- 60-63 F Below 60 (no credit) Incompletes: Occasionally circumstances beyond a student's control necessitate that the student initiate a request for an IN (incomplete) designation from the instructor. IN indicates that the grade for the course is being withheld until the student completes all course requirements. An IN can be assigned only when a document of agreement signed by the student and instructor is filed in the appropriate SCPS Academic Center, specifying the work to be completed in order to have the IN removed and a grade assigned, as well as the date by when all work for completion of the course must be submitted. To have the IN designation removed from a transcript, a student must complete and submit all course work to the instructor within thirty (30) calendar days after the grading deadline, unless another date has been assigned by the instructor in writing. Upon completion and submission of all course work as outlined in the document of agreement, the instructor shall then replace the IN with a grade. An incomplete that is not removed by the conclusion of the time allotted will be converted to a grade of F (failure). Only instructors may authorize removal of an IN designation. Students with an IN pending are not awarded a degree or certificate. Degree seeking students who receive an IN (incomplete) or an F (failure) in any course cannot enroll in another course unless the Dean of the School of Continuing and Professional Studies grants special permission. |
|
Class Schedule |
Please review the Course Assignments and Activities in Section 12. |
|
Communication |
Typically, students receive communication weekly on course assignments through UVACollab and/or their UVA email account. Messages sent to the instructor are typically responded to within 48 hours. |
|
Assignments and Activities |
Please review the Course Assignments and Activities in Section 12. Students must sign the honor system pledge (see below) on the exams and the research paper. Work is due when scheduled. Failure to meet deadlines may result in a reduced grade. |
|
Gradebook |
All grades will be posted in the UVACollab Gradebook |
|
Resources |
Course Materials are available on UVACollab at the site address noted above: (http://collab.itc.virginia.edu/portal). Materials are included for each class session and general materials for the course. |
- Technical Specifications: Computer Hardware
- Computer with basic audio/video output equipment
- Internet access (broadband recommended)
- Microsoft Office or compatible word processing software
- Technical Support Contacts:
- Login/Password: scpshelpdesk@virginia.edu
- UVaCollab: collab-support@virginia.edu
- BbCollaborate Support: http://support.blackboardcollaborate.com
- University of Virginia Policies
SCPS Grading Policies: Courses carrying a School of Continuing and Professional Studies subject area use the following grading system: A+, A, A-; B+, B, B-; C+, C, C-; D+, D, D-; F. S (satisfactory) and U (unsatisfactory) are used for some course offerings. For noncredit courses, the grade notation is N (no credit). Students who audit courses receive the designation AU (audit). The symbol W is used when a student officially drops a course before its completion or if the student withdraws from an academic program of the University. Please visit SCPS Grades for more information.
University Email Policies: Students are expected to check their official U.Va. email addresses on a frequent and consistent basis to remain informed of University communications, as certain communications may be time sensitive. Students who fail to check their email on a regular basis are responsible for any resulting consequences.
University of Virginia Honor System: All work should be pledged in the spirit of the Honor System at the University of Virginia. The instructor will indicate which assignments and activities are to be done individually and which permit collaboration. The following pledge should be written out at the end of all quizzes, examinations, individual assignments and papers: “I pledge that I have neither given nor received help on this examination (quiz, assignment, etc.)”. The pledge must be signed by the student. For more information please visit Honor System.
Special Needs: It is the policy of the University of Virginia to accommodate students with disabilities in accordance with federal and state laws. Any SCPS student with a disability who needs accommodation (e.g., in arrangements for seating, extended time for examinations, or note-taking, etc.), should contact the Student Disability Access Center (SDAC) and provide them with appropriate medical or psychological documentation of his/her condition. Once accommodations are approved, it is the student’s responsibility to follow up with the instructor about logistics and implementation of accommodations. Accommodations for test taking should be arranged at least 14 business days in advance of the date of the test(s). Students with disabilities are encouraged to contact the SDAC: 434-243-5180/Voice, 434-465-6579/Video Phone, 434-243-5188/Fax. Further policies and statements available: UVa. Department of Student Health.
For further policies and statements about student rights and responsibilities, please see U.Va Website.
- Course Assignments and Activities
|
Week |
Topic, Presentations, and Readings |
Discussion, Assignments, and Activities |
|
1
|
Overview for the course Instructor and student introductions
Introduction to IoT Security
Readings: 1. A Simple Explanation of the Internet of Things 2. Secure all the (Internet of) Things http://searchsecurity.techtarget.com/feature/Secure-all-the-things 3. Internet of things security is relevant to business, says researcher 4. Hacked by your fridge? When the Internet of Things bites back 5. The Internet of Things Brings Far-Reaching Security |
Delivery Mode:
Online Activities:
|
|
2
|
IoT Ethics and Privacy
Readings: 1. Ethical Challenges of the Internet of Things http://www.scmagazine.com/ethical-challenges-of-the-internet-of-things/article/331460/ 2. The Ethics of Autonomous Cars http://www.theatlantic.com/technology/archive/2013/10/the-ethics-of-autonomous-cars/280360/ 3. Wolf Richter: Goal of Booming “Internet of Things’: Monitoring, Sensing, Remote Control – Factory Workers First, You Next http://www.nakedcapitalism.com/2014/08/wolf-richter-goal-of-booming-internet-of-things.html 4. Tech savvy homeowners expect connected homes, woory about privacy, breaches 5. Privacy matters in the ‘internet of things; innovation race 6. Does Privacy Exist on the Internet of Things? http://www.business2community.com/tech-gadgets/privacy-exist-internet-things-0985734 7. 80% of consumers fear privacy invasion in the Internet of Things revolution |
Delivery Mode:
Online Activities:
Assignments:
|
|
3
|
Building Automation and Security Readings: 1. Tridium vulnerability throws building controls wide open to hackers 2. Another Honeywell ICS vulnerability rears it head in building control Videos: 1. How hackers can invade your home http://money.cnn.com/video/technology/2013/08/14/t-hack-my-baby-monitor-and-house.cnnmoney 2. How hackers can unlock your door
http://money.cnn.com/video/technology/2013/12/10/t-hackers-unlock-door.cnnmoney/index.html http://money.cnn.com/video/technology/2013/12/10/t-hackers-turn-out-your-lights.cnnmoney/index.html |
Delivery Mode:
Online Activities:
|
|
4
|
IoT in Energy and Environment
Readings: 1. Report: Australia energy grid, govt’t, vulnerable to cyber threat 2. The ‘Smart Grid’ Will Expose Utilities to Smart Computer Hackers 3. Smart Grids Require Better Protection from Cyberattacks, Experts Say http://www.smartplanet.com/blog/bulletin/smart-grids-demand-better-protection-from-cyberattacks/ |
Delivery Mode:
Online Activities:
Assignments:
|
|
5
|
IoT in Infrastructure
Readings: 1. NY Times: Stuxnet was a US-Israeli effort to disrupt Iran’s nuclear program 2. Stoking the Flames of Cyber War http://www.infosecurity-magazine.com/view/27434/stoking-the-flames-of-cyber-war 3. Hacking a Car with a $20 Gadget http://www.infosecurity-magazine.com/view/36867/hacking-a-car-with-a-20-gadget/ Videos: 1. Hackers control car’s steering and brakes http://money.cnn.com/video/technology/security/2013/08/02/t-hack-my-car.cnnmoney/ |
Delivery Mode:
Online Activities:
Assignments:
|
|
6
|
IoT in Healthcare
Readings: 1. The Prognosis for Medical Device Security http://money.cnn.com/video/technology/security/2013/08/02/t-hack-my-car.cnnmoney/ 2. GAO Report – FDA Should Expand Its Consideration of Information Security for Certain Types of Devices http://www.gao.gov/products/GAO-12-816 3. The Insecure Pacemaker: FDA Issues Guidance for Wireless Medical Device Security 4. Radio Frequency Wireless Technology in Medical Devices. Guidance for Industry and Food and Drug Administration Staff. |
Delivery Mode:
Online Activities:
|
|
7
|
IoT Consumer Electronics
Readings 1. Hey does your Smart TV have a mic? Enjoy your surveillance, bro http://www.theregister.co.uk/2014/05/10/smarttv_bugging/ 2. 5 Things to Consider before Wiring up your Smart Home http://www.theregister.co.uk/2014/05/10/smarttv_bugging/ 3. Man Hacks Monitor, Screams at Baby Girl http://www.nbcnews.com/tech/security/man-hacks-monitor-screams-baby-girl-n91546 4. Refrigerator among devices hacked in Internet of things cyber attack Videos 1. The camera in your TV is watching you http://money.cnn.com/video/technology/security/2013/08/01/t-tv-is-watching-you.cnnmoney/ |
Delivery Mode:
Online Activities:
Assignments:
|
|
8
|
Finalize research paper
|
Assignments:
|
Final Research Paper Project
You will be expected to write a final research paper on an Internet of Things security topic of your choice. The research paper must be completed according to the following guidelines:
- Select an IoT security topic of interest to you. Submit a research paper proposal prior to class time on Week 2. The proposal is a minimum one-page paper that clearly presents the topic you have chosen, an identified problem in security within the topic, and a solution to the problem. The instructor shall provide feedback and approval or disapproval of the topic within one week.
- Identify relevant articles for your topic and build a collection of sources to support the development of your paper and to cite within your paper.
- Submit a draft of your research paper prior to class time on Week 4. The draft shall include a minimum of 5 sources cited, and a substantial amount of writing in the format presented in #5. The instructor shall provide feedback on your draft within one week.
-
Paper Guidelines:
- Minimum of 2500 words, typed in MS Word or compatible word processor
- Double-spaced
- Times New Roman 12 pt font
- Margins 1” top, 1” bottom, 1” left, 1” right
- 6pt before and after a paragraph.
- Suggested structure for the Research Paper:
- Table of contents providing detailed subheadings
- Executive summary of the paper
- Introduction (purpose, methodology, structure)
- Formulation of the problem and elaboration
- A Brief literature review
- Approach methodology/presentation/body of discussion
- Conclusions
- References and bibliography
- Appendices (if applicable)
- Paper Due Date – Your final research paper is due prior to midnight on Tuesday of Week 8.
-
Paper Evaluation – The final research paper will be evaluated based on the following elements:
- Organization: Following format and structure requirements, sequence and flow of the paper
- Content: relevance and comprehensive coverage of topic, application of course topic concepts, reflection of critical thinking skills
- Inclusion of a minimum of 5 references.
Class Overview for SIS
The Securing the Internet of Things course will examine the security and ethical issues of the vast implementation of smart devices known as the Internet of Things (IoT). The IoT is an environment where smart devices sense, anticipate, and respond to our needs as we manage them remotely. These smart devices often act as the gateway between our digital and physical world. The IoT touches many aspects of life including transportation, health care, safety, environment, energy, and more. This course will examine and discuss IoT technology and market specific topics, relevant case studies of IoT security vulnerabilities and attacks, and mitigation controls. Students will assess the health, safety, privacy, and economic impacts of IoT security events.