COMSM0119 IoT and IIoT Security

This postgraduate module was delivered from 2022 to 2024 within the MSc Cyber Security (Infrastructures Security) programme at the University of Bristol. The course focuses on identifying vulnerabilities, designing mitigation strategies, and securing deployment models across internet-of-things (IoT) ecosystem architectures and industrial internet-of-things (IIoT) frameworks.

Course Overview

The integration of smart edge nodes into commercial and critical industrial applications introduces unique security vectors. This module provides a comprehensive technical overview of systemic risks, hardware constraints, and protocol vulnerabilities unique to embedded systems.

Key Topics Covered

• IoT/IIoT Architecture: Edge layer processing, gateway boundaries, cloud integration, and data lifecycle pipelines.
• Embedded Device Security: Hardware-rooted trust, secure boot sequences, firmware analysis, and encryption handling under power limitations.
• Low-Power Networks: Security evaluation of constrained communication stacks including MQTT, CoAP, Zigbee, and LoRaWAN.
• Industrial Edge Computing: Convergence of operational automation with cloud-linked smart telemetry in modern factory floors.
• Attack & Defense Models: Practical hands-on analysis of firmware modification, side-channel threats, and large-scale botnet mitigations.

Lab Exercises

Students completed hands-on security testing within the university’s specialized cyber security research labs, evaluating real-world IoT device vulnerabilities and deploying gateway firewalls.