2022 SPRING STEM Online Program
Introduction to Embedded Security and Hardware Hacking Course
Students will be introduced to multiple facets of cyber security including cyber security foundational concepts and learning how cyber security fits into today’s connected world. In addition, students will receive instruction on the Python programming language including the use of conditional branching, loops, functions, and structured & object-oriented programming. Advanced cybersecurity concepts such as cryptography, data integrity with hashing, and side channel & fault injection attacks will also be introduced.
Students will use a personal computer or laptop to access the cloud-based JupyterHub project environment to complete assignments.
Program Overview
Most of us are aware of our reliance on computers throughout our everyday lives, but what we typically think of as computers (from the servers that run our favorite websites, to our laptops and smartphones) are only the tip of the iceberg. Hidden just beneath the surface is a substantial and diverse group of computers referred to as embedded systems. Although the concept may be unfamiliar to many, embedded systems are pervasive and have existed for decades. They commonly work within larger pieces of technology, performing specific tasks, such as operating one element of a car, medical device, aircraft, or even a musical instrument. Their security affects the security of the larger system. And they are being hacked!
Participants
High school students (grades 9-12) interested in Science, Technology, Engineering, and Math (STEM)
Prerequisites
Basic use of a computer and navigating the Internet
Mandatory Equipment
Computer or laptop with a reliable Internet connection
Class Structure
All classes will be held live online via Zoom. Classes will meet once a week on Saturday mornings for three hours.
Upon registration, attendance is mandatory due to the progression of the instructions.
Instructors and Learning Assistants are available to answer questions via email during the week. Online office hours may be available if there is a high demand.
Class Duration
Start March 26th, 2022 through May 18th, 2022 (eight defined classes – a ninth class may be added on special topics).
Weekly Class Objectives
Part 1: Introduction to Programming with Python
Class 1 Intro to course, Introduction to Git, Introducing Python
- Security, why it matters? What is embedded security?
- Welcome, Environment Setup, Intro to GitHub Classroom and Git:
- Introduction to Python
Class 2 More Python: Conditional Statements and Loops
- Introduction to Conditional Branching (if, elif, else statements)
- Introduction to Loops and Iteration (for, while, in, range statements)
Class 3 Finishing Python: Functions and Built-In Collections
- Introduction to Functions and Scope
- Built-In Collections: Lists, Dictionaries, and Tuples
Class 4 Finishing Python: Classes and Objects
- Classes and Objects
- Introduction to Inheritance and Inheritance Diagrams
Part 2: Introduction to Cybersecurity
Class 5 Introduction to Cybersecurity
- Introduction to cybersecurity and different fields, hacker mindset?
- Understanding how things work, looking for vulnerabilities in systems
Class 6 Applied Cryptography I: Intro and Symmetric Crypto
- Introduction to Cryptography and the One-Time Pad
- Goals: Confidentiality, integrity, non-repudiation, etc.
- Introduction to Symmetric cryptography, Advanced Encryption Standard (AES)
Class 7 Applied Cryptography II: Integrity and Hashing
- Introduction to One-way functions and password hashing, Secure Hash Algorithm [2] (SHA [2]), password storage, salts
- File Hashes and Data Integrity
- Introduce: SHA of downloaded file matched with hash sum, Hash Message Authentication Code (HMAC)
Class 8 Applied Cryptography III: Asymmetric Crypto, Key Exchanging, and Certificates
- Asymmetric Cryptography and why we need it
- Teaching: Problem with Symmetric: Key Distribution -> Asymmetric Crypto/RSA
- Diffie-Hellman Key Exchange
- Introduce: Why do we need to exchange keys? What is the Diffie-Hellman Key Exchange protocol?
- Certificates, Cryptographic Signing and Public-Key Infrastructure
- Introduce: Signatures, Certificates, Certificate Authorities, Public Key Infrastructure
Class 9 To be determined