(objectives)
The legal questions issued by compliance and liability systems, as regulated by current sources, as well as those related to the admissibility and effectiveness of the so-called digital evidence, requires the training of jurists capable of understanding technical IT language and issues arising from cybersecurity systems; on the other hand, it is considered crucial to provide engineering students with the opportunity to acquire institutional knowledge on the legal issues involved in relationships originating from the fulfillment of cybersecurity obligations and the violation of the related systems. The immediate objective is to build a law clinic in which, through the consolidated learning by doing methodology, law and engineering teachers can share the teaching load and, after an initial part dedicated to the study of some fundamental contents, submit to student teams (composed in a mixed way) the analysis, development and proposals for solutions of practical cases. The mediated objective consists in the creation of a common grammar between jurists and engineers, called upon to deal with cyber security. In particular, the activation of the course at the Department of Law aims to provide basic knowledge on the following macro-topics: - Law regulating cyber security; - EU Directive 2555/2022 on measures for a high common level of cybersecurity across the Union, (so-called NIS 2 Directive); - EU Regulation 2841/2023, laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union; - the responsibility of the subjects required to provide Cybersecurity services, with respect to the violation of the related compliance obligations; - data protection; - the burden of the proof; - digital evidence; - elements of cybersecurity and Confidentiality-Integrity-Availability triad; - symmetric key cryptography elements; - elements of public key cryptography and digital signature; - elements of forensic analysis; - IT and OT architectures; - security elements in networks and software (IT and OT). Class will be carried out by professor Angelo Danilo De Santis, as regards the legal aspects, and by professors Stefano Panzieri and Stefano Iannucci, as regards the engineering aspects. A central role will be played by cybersecurity professionals as well as by partnerships with primary economic operators.
|
Code
|
20110795 |
Language
|
ITA |
Type of certificate
|
Profit certificate
|
Module:
(objectives)
The legal questions issued by compliance and liability systems, as regulated by current sources, as well as those related to the admissibility and effectiveness of the so-called digital evidence, requires the training of jurists capable of understanding technical IT language and issues arising from cybersecurity systems; on the other hand, it is considered crucial to provide engineering students with the opportunity to acquire institutional knowledge on the legal issues involved in relationships originating from the fulfillment of cybersecurity obligations and the violation of the related systems. The immediate objective is to build a law clinic in which, through the consolidated learning by doing methodology, law and engineering teachers can share the teaching load and, after an initial part dedicated to the study of some fundamental contents, submit to student teams (composed in a mixed way) the analysis, development and proposals for solutions of practical cases. The mediated objective consists in the creation of a common grammar between jurists and engineers, called upon to deal with cyber security. In particular, the activation of the course at the Department of Law aims to provide basic knowledge on the following macro-topics: - Law regulating cyber security; - EU Directive 2555/2022 on measures for a high common level of cybersecurity across the Union, (so-called NIS 2 Directive); - EU Regulation 2841/2023, laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union; - the responsibility of the subjects required to provide Cybersecurity services, with respect to the violation of the related compliance obligations; - data protection; - the burden of the proof; - digital evidence; - elements of cybersecurity and Confidentiality-Integrity-Availability triad; - symmetric key cryptography elements; - elements of public key cryptography and digital signature; - elements of forensic analysis; - IT and OT architectures; - security elements in networks and software (IT and OT). Class will be carried out by professor Angelo Danilo De Santis, as regards the legal aspects, and by professors Stefano Panzieri and Stefano Iannucci, as regards the engineering aspects. A central role will be played by cybersecurity professionals as well as by partnerships with primary economic operators.
|
Code
|
20110795-1 |
Language
|
ITA |
Type of certificate
|
Profit certificate
|
Credits
|
4
|
Scientific Disciplinary Sector Code
|
IUS/15
|
Contact Hours
|
32
|
Type of Activity
|
Elective activities
|
Teacher
|
DE SANTIS ANGELO DANILO
(syllabus)
- Law regulating cyber security; - EU Directive 2555/2022 on measures for a high common level of cybersecurity across the Union, (so-called NIS 2 Directive); - EU Regulation 2841/2023, laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union; - the responsibility of the subjects required to provide Cybersecurity services, with respect to the violation of the related compliance obligations; - data protection; - the burden of the proof; - digital evidence; - elements of cybersecurity and Confidentiality-Integrity-Availability triad; - symmetric key cryptography elements; - elements of public key cryptography and digital signature; - elements of forensic analysis; - IT and OT architectures; - security elements in networks and software (IT and OT).
(reference books)
Cases and materials will be provided
|
Dates of beginning and end of teaching activities
|
From 03/03/2025 to 30/05/2025 |
Attendance
|
not mandatory
|
Evaluation methods
|
Oral exam
|
|
|
Module:
(objectives)
The legal questions issued by compliance and liability systems, as regulated by current sources, as well as those related to the admissibility and effectiveness of the so-called digital evidence, requires the training of jurists capable of understanding technical IT language and issues arising from cybersecurity systems; on the other hand, it is considered crucial to provide engineering students with the opportunity to acquire institutional knowledge on the legal issues involved in relationships originating from the fulfillment of cybersecurity obligations and the violation of the related systems. The immediate objective is to build a law clinic in which, through the consolidated learning by doing methodology, law and engineering teachers can share the teaching load and, after an initial part dedicated to the study of some fundamental contents, submit to student teams (composed in a mixed way) the analysis, development and proposals for solutions of practical cases. The mediated objective consists in the creation of a common grammar between jurists and engineers, called upon to deal with cyber security. In particular, the activation of the course at the Department of Law aims to provide basic knowledge on the following macro-topics: - Law regulating cyber security; - EU Directive 2555/2022 on measures for a high common level of cybersecurity across the Union, (so-called NIS 2 Directive); - EU Regulation 2841/2023, laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union; - the responsibility of the subjects required to provide Cybersecurity services, with respect to the violation of the related compliance obligations; - data protection; - the burden of the proof; - digital evidence; - elements of cybersecurity and Confidentiality-Integrity-Availability triad; - symmetric key cryptography elements; - elements of public key cryptography and digital signature; - elements of forensic analysis; - IT and OT architectures; - security elements in networks and software (IT and OT). Class will be carried out by professor Angelo Danilo De Santis, as regards the legal aspects, and by professors Stefano Panzieri and Stefano Iannucci, as regards the engineering aspects. A central role will be played by cybersecurity professionals as well as by partnerships with primary economic operators.
|
Code
|
20110795-2 |
Language
|
ITA |
Type of certificate
|
Profit certificate
|
Credits
|
1,5
|
Scientific Disciplinary Sector Code
|
ING-INF/04
|
Contact Hours
|
12
|
Type of Activity
|
Elective activities
|
Teacher
|
PANZIERI STEFANO
(syllabus)
OT ARCHITECTURES AND SECURITY: Introduction to industrial and Infrastructures Automation. PLC SW e HW. Fieldbus, access methods. SCADA systems. Industrial IoT. Cybersecurity in industrial plants. Attacker profile. Terminology. Attack Space. Lifecycle of an attack. Attack vectors. Defence strategies. Standards. IEC 62443. Security approaches. Historical attacks.
(reference books)
notes of the theacher
|
Dates of beginning and end of teaching activities
|
From 03/03/2025 to 30/05/2025 |
Delivery mode
|
Traditional
|
Attendance
|
not mandatory
|
Evaluation methods
|
Oral exam
|
|
|
Module:
(objectives)
The legal questions issued by compliance and liability systems, as regulated by current sources, as well as those related to the admissibility and effectiveness of the so-called digital evidence, requires the training of jurists capable of understanding technical IT language and issues arising from cybersecurity systems; on the other hand, it is considered crucial to provide engineering students with the opportunity to acquire institutional knowledge on the legal issues involved in relationships originating from the fulfillment of cybersecurity obligations and the violation of the related systems. The immediate objective is to build a law clinic in which, through the consolidated learning by doing methodology, law and engineering teachers can share the teaching load and, after an initial part dedicated to the study of some fundamental contents, submit to student teams (composed in a mixed way) the analysis, development and proposals for solutions of practical cases. The mediated objective consists in the creation of a common grammar between jurists and engineers, called upon to deal with cyber security. In particular, the activation of the course at the Department of Law aims to provide basic knowledge on the following macro-topics: - Law regulating cyber security; - EU Directive 2555/2022 on measures for a high common level of cybersecurity across the Union, (so-called NIS 2 Directive); - EU Regulation 2841/2023, laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union; - the responsibility of the subjects required to provide Cybersecurity services, with respect to the violation of the related compliance obligations; - data protection; - the burden of the proof; - digital evidence; - elements of cybersecurity and Confidentiality-Integrity-Availability triad; - symmetric key cryptography elements; - elements of public key cryptography and digital signature; - elements of forensic analysis; - IT and OT architectures; - security elements in networks and software (IT and OT). Class will be carried out by professor Angelo Danilo De Santis, as regards the legal aspects, and by professors Stefano Panzieri and Stefano Iannucci, as regards the engineering aspects. A central role will be played by cybersecurity professionals as well as by partnerships with primary economic operators.
|
Code
|
20110795-3 |
Language
|
ITA |
Type of certificate
|
Profit certificate
|
Credits
|
1,5
|
Scientific Disciplinary Sector Code
|
ING-INF/05
|
Contact Hours
|
12
|
Type of Activity
|
Elective activities
|
Teacher
|
IANNUCCI STEFANO
(syllabus)
- elements of cybersecurity and Confidentiality-Integrity-Availability triad; - symmetric key cryptography elements; - elements of public key cryptography and digital signature; - elements of forensic analysis;
(reference books)
Material provided by the teacher
|
Dates of beginning and end of teaching activities
|
From 03/03/2025 to 30/05/2025 |
Delivery mode
|
Traditional
|
Attendance
|
not mandatory
|
Evaluation methods
|
Written test
|
|
|
|