Topic outline

  • General


    Lecture schedule
    Time Location  Topic
    Thu 28.02. at 14:15 - 16:00      T3 Concepts and basic INFOSEC-principles, assignment of seminar topics
    Thu 07.03. at 14:15 - 16:00     T3 Cyber risk management basics
    Thu 14.03. at 14:15 - 16:00     T3 Regulation of cybersecurity
    Thu 21.03. at 14:15 - 16:00     T3 [cancelled]
    Thu 28.03.      - (Easter Thursday, no lecture)
    Thu 04.04. at 14:15 - 16:00     T3 Threat modelling basics
    Thu 11.04. at 14:15 - 16:00     T3 OT cyber risk management 
    Thu 18.04.     - (Exam week, no lecture)
    Thu 25.04. at 14:15 - 16:00     T3
    		 AI cyber risk management
    Thu 02.05. at 14:15 - 16:00     T3
    		 Seminar presentations, OT-1, OT-4, Gen-5 
    Thu 09.05.      -
    		 ('Helatorstai', national holiday, no lecture)
    Thu 16.05. at 14:15 - 16:00     T3 Seminar presentations Gen-3,  AI-3, 
    Thu 23.05. at 14:15 - 16:00      T3        
    		 Seminar presentations AI-USR-1, AI-4, AI-5
    Lectures end - Deadline for student seminar presentations and essays 23.5!
    Thu 06.06. at 13:00 - 16:00      T1        Exam

    All lectures are held in the CS building (Konemiehentie 2)
    Lectures are not recorded.

    • Forum icon
      Announcements Forum

    • Student seminar topics 

      (order of presentations - see the general timeline above)

      The allocated topics are presented below. Seminar presentations start from 25.4. 

      ID

      Topic

      Allocated to:

      Gen-3

      Personally identifiable information security via ISO27k

      Bista

      Gen-5

      Use of OWASP DSOMM in SDLC

      Soininen

      AI-USR-1

      LLMs in risk/cybersecurity management

      Aro

      AI-3

      EU AI Act: High-risk AI classification and conformity assessment process

      Poikela

      AI-4

      Measuring AI trustworthiness (as per NIST AI RMF)

      Gonzalez Torres

      AI-5

      Cybersecurity risks of deepfakes via biometrics standardization (NIST SP 800-76)

      Tekeste

      OT-1

      OT cybersecurity management in ships

      Saarinen

      OT-4

      Threat modelling for OT cybersecurity

      Autio

    • Background materials

      NIST Cybersecurity Framework: Cybersecurity Framework | NIST

      IEC 62443-standard series: https://primo.aalto.fi/permalink/358AALTO_INST/ha1cg5/alma997721664406526 (login via Aalto Intranet to SFS Online, then search all documents with keyword "62443")

      ISO 270xx-standards: SFS Online (check your preferred standard number, and follow the same link and procedure as above)

      EU AI Act: The AI Act Explorer | EU Artificial Intelligence Act

      NIST AI RMF: AI Risk Management Framework | NIST  (look for at least AI.100-1 through 100-3 and the AI RMF Playbook)


    • Required exam materials

      1) Published lecture slides, with notes

      2) Published student seminar materials

      3) NIST Cybersecurity Framework main document ( https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf ). From the appendices, only Tables 1 and 2 are required.

      4) NIST AI RMF main document AI.100-1 ( https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-1.pdf ). Function subcategories are not required.

      5) IEC 62443-standard Zone and Conduit Model, security levels and foundational requirements (look for the required standard documents in the Aalto SFS webstore). More exactly: 62443-1-1: chapters 5.9-5.12 and 6.5; 62443-3-2; 62443-3-3 to the level that you can identify and explain Foundational requirement categories.


    • Not available unless: You are a(n) Student
      Folder icon
      Lecture materials Folder
      This folder will contain the lecture materials as they appear. Powerpoint slides are saved as PDF with notes pages visible.