The seminar will be held in pure synchronous distance mode. That is, the seminar appointments will take place online and online attendance is required. MS-Teams needed.

The digital economy increasingly builds upon the Internet of Things (IoT). The IoT connects physical objects such as buildings, vehicles, production facilities and wind turbines with the Internet enabling them to collect and exchange an increasing amount of data. With Internet connectivity and data collection built into all physical objects, cyber risks are not further restricted to the cyberspace. They threaten the functioning of society’s critical services such as food, energy and water supply and endanger human privacy.

As Marc Elsberg has contemplated in his novel “Blackout”, cyberterrorist attacks on the smart electricity grid may trigger a power breakdown of nearly global reach. Global corporate and government networks compromised by advanced persistent threats (APTs) cannot only threaten the digital economy but additionally enable attackers to destroy industry facilities and public infrastructure on a mouse-click. The possibility of effective and universal cyberwarfare has become an alarming reality. Personal health data aggregated from different smart health devices may have the potential to expose a meaningful health status of patients to employers, and the government infringing their privacy. In these technology-driven ecosystems fostering sustainable human development is challenging and requires novel approaches and methods.

This research-guided seminar approaches how IoT-connected cyberphysical systems can be designed to be resilient against these risks by rigorously following a Security and Privacy by Design process. Risks and mitigating controls specific to essential services for different critical industry sectors in the digitally enabled economy such as energy, transport, banking, financial market infrastructure, health, drinking water supply and telecommunication are elucidated.

After attending this course, students will have the following skills.

Subject-related skills

• Know about threats, risks and controls to security and data protection in the Internet of Things.
• Understand the specific challenges to security and crisis protection specific to essential services in critical sectors (energy, transport, banking, financial market infrastructure, health, drinking water supply and telecommunication) of the digitally enabled economy.
• Understand the regulatory context of security and data protection in the Internet of Things within the European Union.
• Judge on the impact IoT technologies have on human safety, privacy, freedom and autonomy as well as on the security of connected ICT systems.

Transferable skills

• Apply a Security and Privacy by Design process in the lifecycle of IoT systems.
• Discuss research-oriented topics related to the design, security, privacy, resilience, ethical and legal foundations of information technology in the IoT and in critical infrastructures.
• Apply scientific research and academic writing.

Standard FS (=”Forschungsseminar”) attendance policy applies. Attendance in the first unit and overall for 80% of the time is required. Attendance in the first unit is mandatory (unqualified absence will result in deregistration from the course). For more information on the WU FS attendance policy please refer to https://www.wu.ac.at/studierende/mein-studium/bachelorguide/lv-und-pruefungsinfos/forschungsseminar-fs
See below for mandatory attendance policy in the first unit.

The research-driven seminar is guided by current research results. Students are expected to elaborate on a topic of their choice, write an extensive individual seminar paper (min. 30 norm pages á 2.000 characters excl. spaces per page) and present the results to their peers. During this process, students will be intensively and individually coached. The seminar is complemented by interactive teaching and discussions.

Grading involves 3 independent components, including:

55% Seminar paper
30% Seminar presentation (online) and accompanying materials (e.g., slides)
15% Active participation in the online units, online in-class exercises and seminar-paper coaching

Grading system

87.5% - 100%             = "Sehr gut" (Excellent)
75% - 87.49%             = "Gut" (Good)
62.5% - 74.99%          = "Befriedigend" (Satisfactory)
50% - 62.49%             = "Genügend" (Sufficient)
Below 50%                 = "Nicht Genügend" (Fail)

Successful completion of course 1 (“Basics of ICT” / “Grundzüge der IKT”) of the SBWL Business Information Systems.
It is strongly recommended to also have completed course 2 to 4 of the SBWL before commencing with this course.
If you hold a valid registration for the course but are unable to participate, please deregister during the open registration period in LPIS. Your spot can be granted to other fellow students.
Spots are allocated on a first-come, first-served basis during the registration period.
After completion of the registration period, available spots will be allocated to students on the waiting list who have no valid registration for the relevant curricula's point. Students will be ranked by their study progress as determined by the vice rectorat for teaching ("hardship principle"), not by their rank on the waiting list.
Important Note: The participation in the first unit is mandatory; students who fail to come forfeit their place to students on the waiting list (in the  sequence of the waiting list). Students can excuse themselves if the reason for missing the first unit is serious and will concern only the first unit.