====== Cyber Security Education at DISI ====== ==== Academic Degrees ==== The following courses are offered in the framework of the [[https://masterschool.eitdigital.eu/programmes/cse/|Cyber Security track]] of the [[https://www.eitdigital.eu/|European Institute of Innovation and Technology (EIT Digital)]] Master School programme in Trento. Since 2017/2018 they are available as possible curriculum in the Master degree in [[http://offertaformativa.unitn.it/en/lm/computer-science|Computer Science]]. They are also available as individual courses for the [[http://web.unitn.it/en/dmath/7875/master-of-science-in-mathematics|Mathematics (Coding theory)]], [[http://offertaformativa.unitn.it/en/lm/information-and-communications-engineering|Information and Communications Engineering]] at the University of Trento. ==== Industrial Training ==== UniTn also holds training day activities on the [[https://www.first.org/cvss|Common Vulnerability Scoring System]] for professionals. [[teaching_activities:cvss|Click here]] for additional information. ===== Cyber Security track - EIT Digital Master School ===== ==== Presentation of the Curriculum ==== The first year of the EIT Digital track on Cyber Security starts with four entry points (Rennes 1, Trento, Twente, Turku) with introductory courses on Network Security, System and Software Security, Security Management, Cryptography and Privacy. The program also offers courses in Innovation and Enterpreneurship (I&E). The I&E Basic course provides an introduction to business and management. The Business Development Lab includes abilities to understand market survey, a business model generation process (based on business canvas), and a venture development exercise. The ICT Innovation Course is a project course (based on the concept of research canvas) where the students start with a research/technology idea and develop all steps needed to make it a product. A number of activities on ICT Innovation takes place at the [[https://www.eitdigital.eu/about-us/locations/trento-node/|EIT Digital Trento's Co-Location Center]]. The CSE major offers 5 specialisations, each at a different location (ELTE, Eurecom, Renens 1, Trento, Twente, Turku). Students participating in the CSE track are offered an internship in a partner industry or research centre of the EIT Digital to work on a thesis project. Directly linked to the master thesis, there is an I&E Studies course that specifies the requirements, strategy and business plan for the selected thesis project. Trento's specialisation is on //applied security// and focuses on the challenge of guaranteeing the right level of security to an application that is substantiated by empirical evidence. Our graduates should be able to * identify the appropriate security technology that can be deployed. * develop appropriate solutions for the industry scenarios of cybersecurity and citizen’s security. * describe and justify the benefits for such choices based on empirical results ==== Foundational Courses ==== Click on the course's name for further information. ^Title ^Credits ^Year ^Semester ^Lecturer ^Brief Info^ |[[https://sites.google.com/view/intro2cns|Introduction to Computer and Network Security]]|6ECTS| 1 | 1 | Silvio Ranise | It is an introductory course on Network and Computer Security for Students who have had no previous course in their Bachelor.| |Cryptography |6ECTS | 1 | 1 | Massimiliano Sala | An introductory course on symmetric and public key cryptography| |[[https://sites.google.com/site/sectestunitn|Security Testing]]|6ECTS| 1 | 1 | Mariano Ceccato| Courses on software security testing and reverse engineering. It is an introductory course on software vulnerabilities and attacks.| |[[Security Engineering|Cyber Security Risk Assessment]] |6ECTS | 1,2 | 2 | Fabio Massacci| Security Management and Security Risk Assessment. Requires students to work on industry case studies and sign NDAs. | |[[course_netsec_2016|Network Security]] |6ECTS| 1 | 2 | Bruno Crispo|An advanced course on network and web Security| |Privacy and IPR|6ECTS| 1,2 | 1 | Vincenzo D'Andrea, Andrea Rossato |An introductory course into the intricacies of intellectual protection and privacy legislation. It is taught in cooperation with lawyers| ==== Advanced and Eligible Courses ==== ^Title ^Credits ^Year ^Semester ^Lecturer ^Brief Info^ |[[http://disi.unitn.it/~passerini/teaching/2018-2019/MachineLearning/|Machine Learning]]|6ECTS| 1,2 | 1 | Andrea Passerini | An introductory course in Machine Learning. SandP students will conclude the course with a project on Intrusion Detection. Recommended to those who wants to continue with Cyber Data Analytics in Twente.| |{{https://www.esse3.unitn.it/Guide/StampaContenutiCorso.do?AD_ID=92750|Multimedia Data Security}}|6ECTS| 1,2 | 1 | Giulia Boato|This optional course is specifically devoted to DRM, digital watermarking and digital forensics. (You need to log in with UNITN credential to see the material)| |[[http://disi.unitn.it/~zunino/teaching/formalTechniques/|Formal Techniques for Crypto Protocol Analysis]]|6ECTS| 1,2 | 2 | Roberto Zunino | This optional course introduce formal methods for security using the Coq proof assistant.| | [[Course on Offensive Technologies|Laboratory on Offensive Technologies]] | 12ECTS | 2 | 1 | Not in 2018-2019 | This optional course targets the development of one or more real-world exploits with actual malware.| |Finite Fields and Symmetric Cryptography|6ECTS| 1,2 | 2 | Massimiliano Sala | An advanced course on Cryptography (follow-up course on Cryptography)| |[[http://cricca.disi.unitn.it/montresor/teaching/ds2/|Distributed Systems 2]]|6ECTS| 1,2 | 1 | Alberto Montresor | An advanced course on Distributed Systems (Byzantine Failures, blockchains)| |[[Cryptography and Financial Technology]]|6ECTS| 2 | 1 | Fabio Massacci, Chan Nam Ngo | An advanced course on modern crypto-based Financial Technology (currencies, virtual markets) and their foundations, in cooperation with INNOPAY NL| ==== Innovation and Enterpreneurship Courses ==== Click on the course's name for further information. ^Title ^Credits ^Year ^Semester ^Lecturer ^Brief Info^ |Innovation and Entrepreneurship Basic |6ECTS |1|1|Milena Soycheva| An introductory course on Innovation, Entrepreneurship and Epistemology of Science | |[[http://international.unitn.it/blt/start-up-lab|Business Development Lab]] | 9ECTS |1|2|Vittorino Filippas and Alessandro Rossi |A laboratory course on how to make a start-up | |[[ICT Innovation|ICT Innovation - Product Design and Development]] | 6-9ECTS |1|2|Fabio Massacci, Marco Fontana, Massimo Donelli| A laboratory course on how to pass from a research idea to a product. The course includes credits for the students participating to the EIT Summer School | |[[https://www.esse3.unitn.it/Guide/PaginaADErogata.do;jsessionid=BA096CC09D7F6CBD136BCD5942E296D3.esse3-unitn-prod-04?ad_er_id=2017*N0*N0*S1*40342*92759&ANNO_ACCADEMICO=2017&mostra_percorsi=S | I&E Studies]] | 6ECTS |2|1|Maurizio Marchese| The final step of the I&E Minor, to reflect on the minor and prepare your working future | Among the extra-curricular activities students can also participate to the following extra activities: ^Title ^Effort ^Lecturer ^Brief Info^ |[[http://international.unitn.it/blt/innovation-olympics|Innovation Olympics]] | 10 hours/week in the evening | Alessandro Rossi, Vittorino Filippas and other tutors from companies | Students work in multidisciplinary teams under the supervision of an expert mentor and report their progress to company's top managers. Participants get a certificate of attendance and winners have access to the final exam to get the GIMI certification. NO ECTS are awarded. | ==== Internships and Thesis Topics ==== The last semester (30ECTS) is normally taken by the internship at a company and the thesis. Some information on some places where students have gone. ^Company ^Location ^Description ^ |[[http://www.utrc.utc.com|Ales-UTC]] | Italian Subsidiary of United Technologies (US) | The lab specialized in model based technologies and methodologies for the design and verification of distributed security and safety critical embedded systems. ALES-UTC competences cross several application domains, such as avionics, refrigeration and building automation. ({{:teaching:internship:ales_intership-thesis.pdf|Short Presentation}})) | |[[https://www.atlassian.com/|Atlassian]] | Australian subsidiary of Atlassian | Atlassian is a leading provider of collaboration, development, and issue tracking software for teams. The Sideny team is particularly focussed on security bugs (Aka Bug Bounties). | |[[http://auxiliumcybersec.com/en/| Auxilium Cyber Security Gmbh]] | Company based in Ettlingen (DE)| Auxilium offers information security consultancy in several areas including information security management systems (ISO27001, NIST CBF) as well as technical security focusing especially on IoT, automotive and industrial security. | |[[https://chino.io/|Chino.io]]| Startup based in Trento/Rovereto (IT) | Chino.io helps digital health companies to solve security and regulatory compliance issues by offering a secure Backend and Database as a Service (BAAS) | |[[https://cybertrap.com/|Cybertrap]] | Company based in Vienna (AT) | Cybertrap specialises in deception technology for government organisations and large enterprises. It is a spin-off of SEC Consult, a leading European Cybersecurity consulting firm | |[[http://www.endian.com/|Endian]]| Company Based in Appiano and Milano (IT) | Endian offers Firewalls, Unified Threat Management, IoT Security, and other Industrial Security Appliances. Mostly known for the open source Linux firewall. | |FBK| Applied Research Center based in Trento (IT) | FBK has two major research units working on security, safety and software engineering | |[[https://www.quarkslab.com/en/|Quarkslab]]| Company based in Paris (FR) | Quarkslab offers services related to vulnerability research, vulnerability intelligence, reverse engineering and software and hardware security. Moreover, the company develops a software protection solution, Epona, and a file analysis platform, IRMA. They publish internship offers on their [[https://blog.quarkslab.com/index.html|blog]] in autumn. | |SAP AG | [[https://d.dam.sap.com/m/UUAxmd/53596_GB_53596_enUS.pdf|Security Research Lab in Sofia-Antipolis (FR)]] | The Security Team of SAP has often internship positions in a variety of topics from security testing to cloud security. They circulate two calls, one in winter for the spring semester and one in summer for the winter semester. They are normally circulated to interested students. | | Others | | Students in the past have done their internships at Apple Inc (US) on fuzzing, Bosch (DE) on IoT Security, Ernst & Young (IT) on Network Forensics, as well as the research centres CISPA (DE) and SICS (SE) on a variety of topics. As a student you may also bring your own company. |