7026CEM Assignment Help
Security of Emerging Connected Systems Assignment help
Task and Mark Distribution
For this task you will be given access to an simulated IoT system. This represents an office environment, and its associated interfaces.
The developers of the system have contacted you for advice around performing security audit of the system, and for recommendations onhow they can secure their networks.
In this coursework you are required to write a report for the client. This report will:
advise their software development team on how they can perform a security audit of their system.
provide recommendations on how they could improve the security of the product.
Marks are allocated as follows:
Security Audit Methodology (40%)
In this section you are expected to provide a guide (or tutorial), on how to perform a security audit of their system.
The guide to describe the overall testing methodology, as well as discussing, and explaining why the steps at each stage are required.
You are encouraged to use a well known testing methodology (such as OWASP, PTES, etc.) and contextualise the stages for the targetsystem.
Proof Of Concept Attack (20%)
To provide clarity to the developers undertaking a security audit, you are expected to provide a POC (Proof Of Concept), for an attack on
of the test system.
For this element you are expected to provide a clear, demonstration of how following the audit instructions given, can highlight a flaw in thecurrent system.
You are expected to follow the methodology you set out in the previous section of the report, and discuss how each of the stages in themethodology helps you successfully find the flaw.
Security Recommendations (30%)
In the final stage of the report, you are expected to make security recommendation for the System.
These should be:
General recommendations, that apply to all IoT based systems, or are good practice for software development / network security.
Any Specific Recommendations, based on the target system (for example from the POC, or other analysis of the system)
Report Structure (10%)
Your Report should be suitable for a
audience, aimed at the software development team.
You should make use of appropriate structure and language.
to use references to support the arguments and analysis you make.