ScheduleΒΆ
The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send an email to the instructor.
| Monday | Tuesday | Wednesday | Thursday | Friday |
| Aug 23 |
Aug 24: Introduction to CPS and IoT Security LEC 1: Course Logistics and Overview |
Aug 25 |
Aug 26: Introduction to CPS and IoT Security LEC 2: Project Introduction |
Aug 27 |
| Aug 30 |
Aug 31: Attack Surface and Vulnerabilities LEC 3: Attack Surface and Vulnerabilities Project Group Formation |
Sep 1 |
Sep 2: Attack Surface and Vulnerabilities Reading: Comprehensive Experimental Analyses of Automotive Attack Surfaces [Security'11] Presentation 1: Shiven Pandya Project Discussion 1 |
Sep 3 |
| Sep 6 Labor Day |
Sep 7: Automotive Vehicles Reading: Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study [Security'10] Presentation 2: Sydney Medina LEC 4: Automotive Vehicles |
Sep 8 |
Sep 9: Automotive Vehicles Reading: Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps [NDSS'20] Presentation 3: Shiven Pandya Project Discussion 2 |
Sep 10 |
| Sep 13 |
Sep 14: Packet Sniffing and Analysis Reading: CANnon: Reliable and Stealthy Remote Shutdown Attacks via Unaltered Automotive Microcontrollers [S&P'21] Presentation 4: Emily Wojciechowski LEC 5: Packet Sniffing and Analysis |
Sep 15 |
Sep 16: Packet Sniffing and Analysis Reading: Exposing New Vulnerabilities of Error Handling Mechanism in CAN [Security'21] Presentation 5: Alex Armstrong Project Discussion 3 |
Sep 17 |
| Sep 20 |
Sep 21: Penetration Testing Reading: Evading Voltage-Based Intrusion Detection on Automotive CAN [NDSS'21] Presentation 6: William Ryder LEC 6: Penetration Testing |
Sep 22 |
Sep 23: Penetration Testing Reading: Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT [Security'20] Presentation 7: Emily Wojciechowski Project Discussion 4 |
Sep 24 |
| Sep 27 | Sep 28 Class Cancelled (No Class) |
Sep 29 |
Sep 30: Project Discussion Reading: LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks [Security'21], AVGuardian: Detecting and Mitigating Publish-Subscribe Overprivilege for Autonomous Vehicle Systems [EuroS&P'21] Presentation 8: William Ryder Presentation 9: Simin Chen Project Discussion 5 |
Oct 1 |
| Oct 4 |
Oct 5: Fuzz Testing Reading: Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems [Security'21] Presentation 10: Ramin Nourbakhsh LEC 7: Fuzz Testing |
Oct 6 |
Oct 7: Fuzz Testing Reading: Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing [Security'21] Presentation 11: James Landry Project Discussion 6 |
Oct 8 |
| Oct 11 | Oct 12 Mid-term Week (No Class) |
Oct 13 | Oct 14 Mid-term Week (No Class) |
Oct 15 |
| Oct 18 |
Oct 19: Project Pitch Day DUE: Project Pitch Presentation |
Oct 20 |
Oct 21: Program Analysis Reading: Phantom of the ADAS: Securing Advanced Driver-Assistance Systems from Split-Second Phantom Attacks [CCS'20] Presentation 12: Ishpreet Bhasin LEC 8: Proram Analysis |
Oct 22 |
| Oct 25 |
Oct 26: Self-Driving Cars Reading: Too Good to Be Safe: Tricking Lane Detection in Autonomous Driving with Crafted Perturbations [Security'21] Presentation 13: Ramin Nourbakhsh LEC 9: Self-Driving Cars |
Oct 27 |
Oct 28: Self-Driving Cars Reading: Dirty Road Can Attack: Security of Deep Learning based Automated Lane Centering under Physical-World Attack [Security'21] Presentation 14: Ajey Bangalore Subrahmanya Project Discussion 7 |
Oct 29 |
| Nov 1 |
Nov 2: Drones Reading: SoK: Security and Privacy in the Age of Commercial Drones [S&P'21] Presentation 15: Ajey Bangalore Subrahmanya LEC 10: Drones |
Nov 3 |
Nov 4: Drones Reading: PHYSFRAME: Type Checking Physical Frames of Reference for Robotic Systems [FSE'21] Presentation 16: Simin Chen Project Discussion 8 |
Nov 5 |
| Nov 8 |
Nov 9: IoT Devices and Platforms Reading: The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle [Security'21] Presentation 17: Kunal Mukherjee LEC 11: IoT Devices and Platforms |
Nov 10 |
Nov 11: IoT Devices and Platforms Reading: MPInspector: A Systematic and Automatic Approach for Evaluating the Security of IoT Messaging Protocols [Security'21] Presentation 18: James Landry Project Discussion 9 |
Nov 12 |
| Nov 15 |
Nov 16: Industrial Control Systems Reading: HoneyPLC: A Next-Generation Honeypot for Industrial Control Systems [CCS'20] Presentation 19: Kunal Mukherjee LEC 12: Control Systems |
Nov 17 |
Nov 18: Industrial Control Systems Reading: Jetset: Targeted Firmware Rehosting for Embedded Systems [Security'21] Presentation 20: Alex Armstrong Project Discussion 10 |
Nov 19 |
| Nov 22 Fall Break |
Nov 23 Fall Break |
Nov 24 Fall Break |
Nov 25 Thanksgiving Day |
Nov 26 Black Friday |
| Nov 29 |
Nov 30: ARM Instruction Set LEC 13: ARM Instruction Set |
Dec 1 |
Dec 2: Project Demo Day DUE: Final Project Demo & Presentation |
Dec 3 |
| Dec 6 | Dec 7 Last Day of Classes (No Class) DUE: Final Project Submission |
Dec 8 | Dec 9 Final Exam Period (No Exam) |
Dec 10 Final Exam Period (No Exam) |
| Dec 13 Final Exam Period (No Exam) |
Dec 14 Final Exam Period (No Exam) |
Dec 15 Final Exam Period (No Exam) |
Dec 16 | Dec 17 |