COMP3020J Information Security for the Internet of Things

Academic Year 2024/2025

The Internet of Things (IoT) Security is the area of endeavour concerned with safeguarding connected devices and networks in the Internet of things (IoT). IoT world may be exciting, but there are serious technical challenges that need to be addressed, especially by developers. In this module, the students will learn how to meet the security, analytics, and testing requirements for IoT applications. The module covers the following four major themes in the security:
• Cryptography
• Access Control
• Protocols
• Software
This module is intended to introduce students to the theory and applications of cryptography - the science of secrecy; access control; security protocols and security in software. We explain the fundamental concepts concerning computer and network security, the mathematics and the algorithms behind several well-known cryptosystems. We introduce and discuss the vulnerabilities exploitable by attacks, including recent attacks, involving the Internet of Things. We explain to students how to design correct security protocols. We show how to identify these vulnerabilities and discuss possible countermeasures. We introduce students to formal verification techniques and show practically how to apply these techniques.

Show/hide contentOpenClose All

Curricular information is subject to change

Learning Outcomes:

On completion of this module, students should have gained an overall introduction to the theory and applications of cryptography - the science of secrecy; access control; security protocols and security in software. They will gain an understanding of the fundamental concepts concerning computer and network security; have an understanding of the mathematics and the algorithms behind several well known cryptosystems; conceptually identify vulnerabilities, including recent attacks, involving the Internet of Things; conceptually describe countermeasures for Internet of Things devices; develop critical thinking skills and formal techniques to verify the security protocols.

Indicative Module Content:

Crypto: Crypto Basics; Symmetric Key Crypto; Public Key Crypto; Hash Functions and other topics
Access Control: Authentication; Authorization
Protocols: Simple Authentication Protocols; Real World Security Protocols; Weaknesses and Attacks
Software: Security Vulnerabilities and Malware

Student Effort Hours: 
Student Effort Type Hours




Autonomous Student Learning




Approaches to Teaching and Learning:
Key teaching and learning approaches used in this module: active/task-based learning; group work; lectures; lab/studio work; enquiry & problem-based learning; student presentations. 
Requirements, Exclusions and Recommendations

Not applicable to this module.

Module Requisites and Incompatibles
BDIC1047J - English for Uni Studies BDIC, BDIC1048J - English Gen Acad Purposes BDIC, BDIC2007J - English for Spec Acad Purposes, BDIC2015J - Acad Wrt & Comm Skills

Assessment Strategy  
Description Timing Component Scale Must Pass Component % of Final Grade In Module Component Repeat Offered
Practical Skills Assessment: Practical assignment to implement an encryption algorithm. Week 7 Alternative linear conversion grade scale 40% No


Exam (In-person): Standard written exam. End of trimester
2 hr(s)
Alternative linear conversion grade scale 40% Yes



Carry forward of passed components
Remediation Type Remediation Timing
In-Module Resit Prior to relevant Programme Exam Board
Please see Student Jargon Buster for more information about remediation types and timing. 
Feedback Strategy/Strategies

• Feedback individually to students, on an activity or draft prior to summative assessment
• Feedback individually to students, post-assessment
• Online automated feedback
• Peer review activities
• Self-assessment activities

How will my Feedback be Delivered?

The grading scheme used is Alternative Linear Conversion Grade Scale 40% Pass (85% = A -).

“Information Security: Principles and Practice”, 2nd edition, Mark Stamp, (Wiley, May 2011, ISBN-10: 0470626399, ISBN-13: 978-0470626399).

In addition, the lecturer will provide his own articles that contain all of the required material. However, interested students might wish to consult the following for additional reading:

[1] “Practical Internet of Things Security”, 2nd edition, Brian Russell and Drew Van Duren, (Packt, November 2018, ISBN- 978-1-78862-582-1)
[2] “Computer Security: Principles and Practice”, Global Edition, 3/E, William Stallings and Lawrie Brown, (Pearson, 2015, ISBN-10: 1292066172 • ISBN-13: 9781292066172)
[3] “Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software”, Michael Sikorski and Andrew Honig, No Starch Press, 2012. An excellent book for information on reverse engineering (whether for malware analysis or other purposes). Includes many hands-on exercises.

Name Role
Dr Anca Delia Jurcut Lecturer / Co-Lecturer
Shahrin Chowdhury Tutor
Pasika Ranaweera Tutor
Furqan Rustam Tutor