course development plan - isses.etf.bg.ac.rsisses.etf.bg.ac.rs/wp-content/uploads/2020/03/... ·...

ISSES – Information Security Services Education in Serbia

Supported by the Erasmus+ Capacity Building in

the field of Higher Education (CBHE) grant N° 586474-EPP-1-2017-1-RS-EPPKA2-CBHE-JP

The European Commission support for the production of this publication does not constitute

endorsement of the contents which reflects the views only of the authors, and the Commission cannot

be held responsible for any use which may be made of the information contained therein.

Course Development Plan

Version 1.8.2

Author(s)/Organisation(s):

Imre Lendak / UNS (P1)

Dejan Simić, Igor Tartalja, Žarko Stanisavljević, Pavle Vuletić / UBG (P5)

Dragan Stojanović, Dejan Rančić / UNI (P6)

Igor Furstner, Robert Pinter, Zlatko Čović / VTŠ (P9)

Levente Buttyan, Holczer Tamas / BME (P3)

Stefano Zanero / Polimi (P4)

Miroslav Baca, Markus Schatten / FOI (P2)

Viktor Varga / UT (P8)

Date of final release:

November 2nd, 2018

Relevant Work Package(s):

WP1 – Preparation

Short Description:

This document contains the Course Development Plan (CDP) of the Information Security Services

Education in Serbia (ISSES) project.

Keywords:

Information Security; Course Development; Plan;




Revision History:

Revision Date Author(s) Status Description

V1.0 Feb 16, 2018 Imre Lendak Working

draft

First edition

V1.1 Mar 26, 2018 Multiple authors Release Edition with consolidated content from

partners P5, P6 and P9.

v1.2 Jun 11, 2018 Imre Lendak Release Updated the list of authors

V1.3 Jun 27, 2018 Pavle Vuletić Release Small additions in the course 6.2

v1.4 Oct 23rd, 2018 Imre Lendak Release 2.1 clarifications after trainings.

2.14 Security Data Science added.

2.5 & 2.8 distinguished and polished.

V1.5 Oct 11th, 2019 Imre Lendak Release Updated course descriptions and

lectures for 2.14 based on ELTE

experience and NSM book

Course description added for 2.5

V1.6 Oct 20th

, 2019 Imre Lendak Release 2.2 content aligned with course content

developed.

V1.7 Oct 30th

, 2019 Imre Lendak

Veljko Petrovic

Draft Added references to 2.7

Added WiFi Security to 2.5

Added 2.15 Computer Security

V1.8 Dec 26th, 2019 Imre Lendak (P1)

Dragan Stojanovic (P6)

Release 2.8 integrated into 2.5

2.3 integrated into 2.15

2.15 added by SC decision

2.14 added by SC decision

Revised timeline (at the end of the

document)

V1.8.1 Jan 2nd, 2020 Igor Tartalja (P5)

Imre Lendak (P1)

Minor

update

Minor typos and inconsistencies

following the course swap-related

changes

V1.8.2 Mar 10, 2020 Imre Lendak (P1) Minor

update

Minor modifications in 2.5, 2.12 and

2.14




CONTENTS

Introduction ............................................................................................................................................. 6

1 Critical Infrastructure Security (2.1) ................................................................................................ 7

1.1 Current state-of-the-art .......................................................................................................... 7

1.2 Course Outline ......................................................................................................................... 7

1.3 Course documentation ............................................................................................................ 8

2 Secure Software Development (2.2) ............................................................................................... 9

2.1 Current state-of-the-art .......................................................................................................... 9

2.2 Course Outline ......................................................................................................................... 9

2.3 Course documentation .......................................................................................................... 10

3 Cloud Security (2.3) – INTEGRATED INTO 2.15 .............................................................................. 12

3.1 Current state-of-the-art ........................................................................................................ 12

4 Security and privacy in the Internet of Things (2.4) ...................................................................... 13


4.2 Course Outline ....................................................................................................................... 13


5 Applied Cryptography and Cryptanalysis (2.5) .............................................................................. 15


5.2 Course Outline ....................................................................................................................... 15


5.4 References ............................................................................................................................. 16

6 Advanced Network Security (2.6) .................................................................................................. 17


6.2 Course Outline ....................................................................................................................... 17


7 Cyber Security Strategies (2.7) ...................................................................................................... 19


7.2 Course Outline ....................................................................................................................... 19


7.4 References ............................................................................................................................. 22




8 Security in E-business Systems (2.8) – INTEGRATED INTO 2.5 ...................................................... 23


9 Risk Analysis and Threat Modelling (2.9) ...................................................................................... 24


9.2 Course Outline ....................................................................................................................... 24


10 Cyber Incident Analysis and Response (2.10) ............................................................................ 26


10.2 Course Outline ....................................................................................................................... 26


11 Data Mining in Digital Forensics (2.11) ...................................................................................... 28


11.2 Course Outline ....................................................................................................................... 28


12 Digital Forensics Tools and Techniques (2.12) .......................................................................... 30


12.2 Course Outline ....................................................................................................................... 30


13 Mobile and Multimedia Forensics (2.13) .................................................................................. 32


13.2 Course Outline ....................................................................................................................... 32


14 Security Data Science (2.14) ...................................................................................................... 35

14.1 Goals ...................................................................................................................................... 35


14.3 Course Outline ....................................................................................................................... 35


14.5 References ............................................................................................................................. 36

15 Computer Security (2.15) .......................................................................................................... 38


15.2 Course Outline ....................................................................................................................... 38





15.4 References ............................................................................................................................. 39

16 Course development plan ......................................................................................................... 40

17 Course progress indicators and measurement plan ................................................................. 42




Introduction

The Serbian HEIs, both the 4 partner institutions and a very limited number of other universities and colleges outside the consortium provide limited content in information security education. The existing courses which are actually implemented and taught are limited to basic data protection (e.g. basic cryptographic algorithms and communication protocols) and network security (e.g. network design and equipment). The key teachers and researchers create their teaching materials and textbooks in an uncoordinated manner. The course content delivered to students is not standardized and the level of expertise the students gain varies between the HEIs. Therefore, the main goal of

Work Package 2 (WP2) – Curriculum Development is to fix these problems, namely to avoid effort duplication in the preparation of the same courses at different institutions, standardize information security education and ensure that the students obtain relevant and up-to-date knowhow, thereby making their transition to the labor market after graduation as smooth as possible. This goal will be realized by creating new, state-of-the-art courses and modernizing the existing courses. A total of 13 courses will be created as part of WP2. The materials prepared will consist of teaching materials (e.g. Power Point presentations) and textbooks, when the appropriate textbook does not exist. Additionally, at least 10 existing courses will be modernized by including some of the content developed for the above listed courses. This document, the Course Development Plan (CDP), will be one of key inputs to WP2.

From the EU partners, P2 will focus on the digital forensics domains, P3 will focus on the infrastructure security domain, and P4 will be involved in activities in both domains to a limited extent. They will closely monitor the curriculum development process and perform their tasks in WP5 Quality Plan. From the Serbian partners, P1 and P5 will create the majority of course content, while P9 and P6 will assist and create part of the materials. This work package will be executed in parallel and continuously aligned with WP3 – Laboratory Development. Its outputs will be the key inputs to WP4 – Education Programme Development.

The information security courses will be created in an iterative fashion:

- Phase I: Introductory trainings will be carried out by P2, P3 and P4 during the preparation phase and jointly with the kick-off and 1st Steering Committee meetings.

- Phase II: More detailed trainings will be organized at the EU HEIs for the representatives of the Serbian HEIs. Teachers and researchers will analyse the course content and delivery methods (e.g. attend lectures) while onsite.

- Phase III: The Serbian HEIs will work on course content at home, carefully aligning all content with the RISC (output 1.2), thereby allowing smooth projects progress and quality monitoring.

- Phase IV: Additional onsite training and tuning of course content at the EU HEIs. - Phase V: Sharing the completed course content with the other Serbian HEI partners. - Phase VI: Translation of teaching materials (Power Point presentations) as the new courses will

be prepared in English, and they will be translated to Serbian, as they will be accredited in both English and Serbian (in some study programs).

The following sections of this document contain a more detailed course development plan for each of the courses.




1 Critical Infrastructure Security (2.1)

Work Package and Outcome reference number 2.1

EU partner(s):

Industrial partner(s):

Main partner(s) to develop the course UNS (P1 – 100%)

Due date: M21 (July 2019)

Partners to use the entire course -

Partners to use elements of the course -

Part of specialization (for involved Serbian HEIs): Critical Infrastructure Security

Stakeholders: Teaching staff, students, trainees

Dissemination level: Department, local, national

Course plan author(s): Imre Lendak

1.1 Current state-of-the-art

P1 possesses limited capabilities in teaching critical infrastructure security, which they have been delivering as part of their Security and Safety in Smart Grids course. The new course will be developed based on the existing, but limited experience at P1 and the expert knowledge provided by partners CrySys Lab (P3) and Polimi (P4).

1.2 Course Outline

Prerequisites (educational background and/or information security courses passed)

1 Advanced network security

2 Advanced cryptography

3 BSc in Computer Science or Software Engineering

Lecture list

1 Types of critical infrastructures and key resources

2 Historical overview of failures and attacks: Ukraine 2015 & 2016, Stuxnet, Mirai botnet, Fukushima, Chernobyl, examples from the 20th century, examples from before the 1900s

3 Internet-of-Things (IoT) security (home automation, smart devices, medical devices)

4 Equipment, communication infrastructure and processes

5 Traditional & novel CI security architectures (Industry V4.0)

6 Physical and personnel security

7 Protection against cyber threats and cybercrime

8 Vulnerability and risk analysis, Design Basis Threat (DBT) (in nuclear)

9 Network theory and its implementation in CI protection, Systems-of-systems (interconnected CIs)

10 Cyber incident analysis and response




11 Standards and specifications in CI protection: NERC CIP, IANA, ENISA, NIST, ISO

Lab exercise list

1 Industrial Testbed #1: Robotic arms & conveyer belts – Physical Access Points (PAP) & Electronic Access Points (EAP)

2 CIS zones & firewalls

3 Security Data Collection in Industrial Control Systems (Security Onion, syslog, syslog-ng, Moloch)

4 Security Data Analysis in Industrial Control Systems (ELSA?, BRO?, Suricata, Snort, OSSIM)

5 Red vs Blue Team Exercise – Defending and attacking the industrial testbed (conveyor belt + robotic arms)

---

6 Industrial Testbed #2: Feedback Instruments processes (3 pieces) – Physical Access Points (PAP) & Electronic Access Points (EAP)

7 Security data collection & analysis on the Feedback Instruments testbed, i.e. repeat steps 3 & 4

8 Incident Response – Solving issues in the testbed which is in a failed state

1.3 Course documentation

The course will be documented via Power Point presentations and other e-materials.




2 Secure Software Development (2.2)


EU partner(s): CrySys/BME


Main partner(s) to develop the course UNS, UNI, UB-ETF

Due date: M12 (September 2018)

Partners to use the entire course UNS, UNI

Partners to use elements of the course UB-ETF, VTS

Part of specialization (for involved Serbian HEIs): ?



Course plan author(s): Nikola Luburić, Milan Stojkov


The goal of the Secure Software Development course is that students become familiar with the secure software development lifecycle, covering the following major lifecycle phases: requirements, design, testing, development and deployment. The course covers API and managed language vulnerabilities.

P1 possesses enough capabilities in teaching secure software development, which they have been delivering as part of their Security and Safety in Smart Grids and Security in E-business Systems courses. The new course will be developed based on the existing experience at P1 and the expert knowledge provided by industrial partner Schneider Electric DMS LLC (P7).

2.2 Course Outline



Lecture list

1 Overview and motivation behind the secure software development lifecycle

2 Security requirements engineering

3 Secure software design

4 Threat modeling

5 Web application vulnerabilities

6 Script language vulnerabilities

7 Application programming interface vulnerabilities

8 Managed language attack

9 Managed language defense




10 Security testing

11 Secure deployment

12 Penetration testing

Lab exercise list

1 Security design patterns

2 Threat modeling

3-4 Attacks and defenses on web applications

5 Security code review and analysis

6 Secure deployment environment

7 Penetration testing exercises 1

8 Penetration testing exercises 2



References

[1] Seymour Bosworth, M. E. Kabay, Eric Whyne, Computer Security Handbook, Set 6th Edition,

Wiley; 6 edition (March 24, 2014), 2014.

[2] Alan J White, Ben Clark, Blue Team Field Manual (BTFM), CreateSpace Independent

Publishing Platform (January 13, 2017), 2017.

[3] Ben Clark, Rtfm: Red Team Field Manual, CreateSpace Independent Publishing Platform; 1.0

edition (February 11, 2014), 2014.

[4] Lee Brotherston, Amanda Berlin, Defensive Security Handbook: Best Practices for Securing

Infrastructure, O'Reilly Media; 1 edition (April 21, 2017), 2017.

[5] Jon Erickson, Hacking: The Art of Exploitation, No Starch Press; 2nd edition (February 4,

2008), 2008.

[6] Michael Sikorski, Andrew Honig, Practical Malware Analysis: The Hands-On Guide to

Dissecting Malicious Software, No Starch Press; 1 edition (February 1, 2012), 2012.

[7] James Ransome, Anmol Misra, Core Software Security: Security at the Source, Auerbach

Publications, 2013.

[8] Daniel Deogun, Dan Bergh Johnsson, Daniel Sawano, Secure By Design, Manning

Publications, 2019.

[9] Michal Zalewski, The Tangled Web: A Guide to Securing Modern Web Applications, No Starch

Press, 2011.

[10] Wm. Arthur Conklin, Daniel Paul Shoemaker, CSSLP Certification All-in-One Exam Guide,

McGraw-Hill Education; 2 edition (March 22, 2019), 2019.




[11] O. Sami Saydjari, Engineering Trustworthy Systems: Get Cybersecurity Design Right the First

Time, McGraw-Hill Education, 2018.




3 Cloud Security (2.3) – INTEGRATED INTO 2.15


EU partner(s): University of Zagreb (P2)

Industrial partner(s): Schneider Electric DMS LLC (P7)

Main partner(s) to develop the course UNS, UB-ETF

Due date: M32 (May 2020)

Partners to use the entire course UNS

Partners to use elements of the course UB-ETF, VTS






The new course will be developed based on the trainings provided by the international partner(s) University of Zagreb (P2) and inputs received from industrial partner(s) Schneider Electric DMS LLC (P7).




4 Security and privacy in the Internet of Things (2.4)


Main partner(s) to develop the course UNI, VTS (P6-50%, P9 – 50%)

Period of implementation: M16-M24 (February - October 2019)

Partners to use the entire course


Part of specialization: Information Security and Digital Forensics

Course plan author(s): Dragan Stojanović


Dissemination level: Department, Local, National


Main partner(s) to develop the course UNI, VTS (P6-50%, P9 – 50%)


Partner UNI has experience in the fields of Mobile and Ubiquitous Systems and Services and Information security at BSc and Master level courses at UNI. The new course will be developed by extending security and privacy topics of the existing courses, and with the help of the expert knowledge provided by partners CrySys Lab (P3) and Polimi (P4).

4.2 Course Outline


1 Operating Systems

2 Computer Networks

3 Information Security

4 Mobile and Ubiquitous Systems and Services

5 BSc in Computer Science, Software Engineering or Mathematics

Lecture list

1 Cybersecurity and the Internet of Things

Introduction to IoT and security and privacy

2 IoT system architecture, components and technologies

• Sensors and actuators in IoT

• Communication and networking in IoT

• Real-time data collection in IoT

• Data processing analytics in IoT




3 Security and privacy requirements and challenges in IoT applications

• Security concerns in IoT Applications

4 Security threats and attacks in IoT

• Threats to Access Control, Privacy, and Availability

• Vulnerabilities, Attacks, and Countermeasures in IoT

5 Data trustworthiness and privacy in IoT

• Privacy challenges introduced by the IoT

• Privacy preservation in IoT applications

6 Demonstration of IoT security issues and countermeasures using example systems and case studies

• IoT application-driven security goals and measures

7 Security challenges, intrusion detection and prevention, as well as privacy preservation in IoT and the Industrial Sector and connected home

8 Security and Privacy Engineering for IoT Development

• Building security in to design and development

• Technology selection – security products and services

9 The secure IoT system implementation lifecycle

• IoT Security Engineering

10 IoT Incident Response

• Planning and executing an IoT incident response

• Detection and analysis, recovery and Post-incident activities

Lab exercise list

1 Hands-on experience on IoT security through case studies and projects

2 Analyzing IoT security and privacy requirements for real-world use cases

3 Setting up development environment for lab exercise

4 Simulation of attacks and defensive tools and techniques

5 Realization of the authentication system.

6 Implementation of cryptographic techniques

7 Detection of attacks and recovery






5 Applied Cryptography and Cryptanalysis (2.5)


EU partner(s): CrySys/BME (P3)

Industrial partner(s): Unicom-Telecom Ltd – UT (P8)

Main partner(s) to develop the course UNS



Partners to use elements of the course UB-ETF






The goal of the Applied Cryptography and Cryptanalysis course is to teach students how to properly deploy and protect cryptographic systems. Apart from the state-of-the-art crypto systems, the course contains lectures on novel topics, e.g. homomorphic encryption, post-quantum cryptography.

The new course is developed with the support of trainings provided by the international partners (P3 – CrySys/BME) and inputs received from industrial partners Schneider Electric DMS LLC (P7) and Unicom-Telecom Ltd – UT (P8).

5.2 Course Outline


1 BSc in Computer Science, Software Engineering, Mathematics or Physics

2 Introduction to Information Security

Lecture list

1 History of cryptography and cryptanalysis

2 Stream ciphers, block ciphers, block encryption modes

3 Random number generation and one-way functions

4 Secure channels, message authentication and integrity protection

5 Key exchange protocols, public key encryption and digital signature schemes

6 WiFi security

7 Transport Layer Security (TLS), secure e-mail, IPsec

8 Authentication in practice, passwords and one-time passwords

9 Protocols for resource constrained networks




10 Homomorphic encryption,

11 Perfect forward secrecy

12 Post-quantum cryptography

13 Applied cryptography in blockchains (Bitcoin, smart contracts)

Lab exercise list

1 Stream and block ciphers

2 Random number generation, hash functions and digital signatures

3 Creating, storing and using passwords

4 Authentication and authorization in practice (Kerberos)

5 Perfect forward secrecy

6 Homomorphic algorithms

7 Email security

8 WiFi security #1

9 WiFi security #2


The course will be documented via Power Point presentations, a textbook and other e-materials.

5.4 References

• Dooley J.F., History of Cryptography and Cryptanalysis: Codes, Ciphers, and Their Algorithms (History of Computing), Springer, 2018.

• Stallings W., Cryptography and Network Security: Principles and Practice (7th Edition), Pearson, 2017.

• Ferguson N., Schneier B., Kohno T., Cryptography Engineering, Wiley, 2010.

• Menezes, P. van Oorschot, S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.




6 Advanced Network Security (2.6)


EU partner(s):


Main partner(s) to develop the course ETF (P5 – 100%)

Period of implementation: M15 (January 2019)

Partners to use the entire course P1, P6, P9


Part of specialization: Advanced network Security

Course plan author(s): Pavle Vuletić, Žarko Stanisavljević




P5 teaches only basic concepts of network security as part of their Computer Security course. The new course will be developed based on the exaustive literature review and the existing, but limited experience at P5 and the expert knowledge provided by partners Polimi (P4) and CrySys Lab (P3).

6.2 Course Outline


1 Data security

2 Computer networks

3 Operating systems


Lecture list

1 Attack methodology and phases. Reconnaissance - footprinting, scanning, enumeration. Physical security, social engineering.

2 Gaining access - Network attacks: IP spoofing, DNS spoofing, ARP spoofing, ARP cache poisoning, Session hijacking, BGP Hijacking, ping, smurf, syn flood, ip fragmentation attack, SSL attacks…

3 Gaining access - System attacks: password guessing, viruses, Trojans, worms, ransomware, malware, exploits, SQL injections, cross site scripting, operating system vulnerabilities,…

4 Network defense tools: network security architecture, DMZ, Access lists, Firewalls, IDS/IPS, Honeypots, DNSSEC, BGP security

5 (D)DoS attacks, classification, botnets, Network DoS protection (RTBH, BGP FlowSpec,…),…

6 Wireless, Bluetooth security

7 Anonymity, Tor, Onion routing




8 Mobile device security, threats and malware

9 Other types of attacks and vulnerabilities: Attack economics - Click frauds, phishing

10 Other types of attacks and vulnerabilities: Hardware Trojans


Lab exercise list

1 Reconnaissance: packet capture, Wireshark, tcpdump, netstat, nmap, Shodan

2 Network attack examples: ARP spoofing, DNS spoofing,…

3 System attack examples: SQL injections, EternalBlue and similar

4 Network protection: Firewall, IPS, IDS, packet filters (iptables)

5 Log management + SIEM

6 DDoS attack/defense







7 Cyber Security Strategies (2.7)

Work Package and Outcome reference number 2.7.

EU partner(s):


Main partner(s) to develop the course UB-FOS (P5 – 100%)

Period of implementation: M7-M15 (15.04.2018.-15.12.2018.)



Part of specialization: Cyber Security Strategies

Course plan author(s): Dragan Mladenović, Nataša Petrović, Dragana Makajić-Nikolić




The course will be developed based on the existing experience and knowledge in Cyber Security Strategies of teaching team members.

7.2 Course Outline


1 BSc in Management, Computer Science, Software Engineering or Security Studies

Learning Outcomes

1 Students will be able to assess the complex impact and importance of cyber security strategies on organizational objectives as well as policies, processes, and actions which enable the achievement of business goals while working in cyberspace. They will acquire the knowledge and skills to assess needs, create an appropriate cyber security strategy that supports business goals, mission of the organization and enables the maintenance of security work.

Lecture list

1 What is cyberspace environment

The lesson examines what cyberspace is in general, from the technological, business, and security aspect. A short history of cyber space development is described. In a specific way, the importance of cyberspace for different types of organizations in the public, private, community, industrial, technological, security and defense sectors is being addressed. Another issue discussed is the impact of the activities, plans and policies used in cyberspace by these sectors. Types of main stakeholders are identified. It is estimated how successfully




applied are the cyberspace strategies for each type of stakeholder. It is assessed what is the effective functioning of the listed stakeholders in cyberspace and what kinds of threats and risks are most important.

2 What is a strategy and cyber security strategy in cyberspace

The lesson explores what the organization's policy is, what are the key differences in the policies of different types of organizations, and in the activities of different types of their stakeholders. The requirements, needs, goals of these organizations and stakeholders in the general sense and in cyberspace are identified, as well as the forms and timeframes for their strategies. Similarities and differences between business cyberspace strategies and cyber security strategies are identified.

3 Security in Cyberspace

The difference between computer security, information security and cybersecurity is examined. Contemporary cyber security is analyzed, its elements and the tendency of constant development in relation to emerging technologies. Identification of the values, the appropriate risks and significance of people, processes and fluctuations in the implementation of cyber security.

• Concepts examined: information security, computer security, ICT security, cyber security.

4 Risk Management in Cyberspace

Risk management in cyberspace. What are Risk Management, Cyber Threats, and Vulnerabilities. Cyber security as a constant balance between risks and opportunities. Students conduct an assessment of opportunities and risks and assess how to achieve an optimal compromise regarding cyber security.

5 How to manage complex relationships in cyberspace

Select and create an appropriate risk assessment model. Basic risk categories in relation to the business policy of the organization. Choice of characteristic threats. Influence of resources and selected business policies and standards on cyber security of an organization.

6 Cyber Security and Information Security Standards and Frameworks

Overview of basic standards and frameworks of importance for cyber security: ISO/IEC 27000 series; NIST, COBIT, etc. What is Information Security Management System (ISMS) according to ISO/IEC 27001. Significance of the information security standard for the implementation of cyber security strategies and the way they are comprehensively implemented in the organization. What is Governance framework for European standardization. The most important standards within the ISO/IEC 27001 series.

• Concepts examined: ISO/IEC 27000, NIST, COBIT 5.

7 Cyber Security Management Concepts

Definition of basic concepts of the Cyber Security Management process and elements of the Cyber Security Management System.

• Effective Cyber Security Management Policy.

• Management models, roles, and functions.

• Technologies within the Cyber Security Management System.




• Security governance.

8 Contemporary conflict in cyberspace

Definition of basic concepts and categories of aggressive use of information and ICT assets in cyberspace. Identification and analysis of what affects the cyber-attack surface of an organization, how it can be reduced, and what are the factors that an organization must influence in order to improve its own information security. Different forms of conflict are dealt with in cyberspace, and different forms of power manifestation (hard vs. soft vs. smart cyber power). The nature of an information asset is defined as a target and as a resource. The effect of technology on security and aggressive activity is identified. New dynamics in the functioning of new types of organizations in cyber space is analyzed. New importance of public opinion on the work of the organization.

• Concepts examined: information security; information security event, incident, and attack; risk; threat; risk management; cyber-attack, cyber weapon, cyber effect; cyber conflict, war, and warfare; hard vs. soft. Vs. smart cyber power.

9 Policy planning for the use of cyber space

Organizational, agency, and national cyber strategies - characteristics, similarities and differences. Differences and similarities of policy and security planning in the physical environment and cyberspace. Impact of constitution, laws, regulations, and practices of legislative, executive and judicial authorities on planning and implementation of cyber security strategies.

• Concepts examined: National Security Strategy; National Cyber Security Strategy; Department and Agency Cyber Security Strategy; Business Organization Cyber Security Strategy.

10 Budget planning and implementing

The process of planning and execution of the budget at the organizational and national level in terms of cyber security issues.

11 Protection of civil rights and personal data

This lesson provides a review of cyber security strategies and policies’ impact on human rights and personal data protection.

Application of constitutional and legal provisions. An analysis of how new technologies affect human rights with emphasis on privacy.

12. Physical Security and Environmental Risks and Events

• Physical and Environmental Security Procedure.

• Protecting Against External and Environmental Threats.

• Natural environmental threats (floods, earthquakes, storms, fires, extreme temperature conditions).

• Environmental Risk Management.

• Enterprise physical and environmental security standard, ISO IEC 17799 2000. Student Cyber Security Exercise

1 • Integration of learned knowledge in a real scenario through practical work on a cyber security related incident.

• Students are divided into teams representing different sectors, agencies and types




of organizations, and react differently to the incident.

• Different roles and responsibilities are identified, modes of conduct and possible outcomes in relation to different stakeholder objectives.

• The goal of the exercise is to identify key threats, risks, vulnerabilities, assess the values and weaknesses of selected strategies, key steps in addressing the incident, as well as information security measures.

2 • Enterprise physical and environmental security standard, ISO IEC 17799 2000.

3 • Risk assessment tools and applications.

4 • Designing a cyber defense exercise (steps, the attacker side and the defender side, the components of a cyber defense exercise: defender team, target system, infrastructure, attacker team, attacker system).

5 • Planning the risk treatment actions and budget allocation



7.4 References

[1] Timothy Shimeall, Jonathan Spring, Introduction to Information Security: A Strategic-Based

Approach, Syngress, 2013

[2] Yuri Diogenes, Erdal Ozkaya, Cybersecurity – Attack and Defense Strategies: Infrastructure

security with Red Team and Blue Team tactics, Packt Publishing, 2018

[3] Mike Chapple, James Michael Stewart, Darril Gibson, (ISC)2 CISSP Certified Information

Systems Security Professional Study Guide 2018: With 150+ Practice Questions, Sybex, 2018

[4] Douglas W. Hubbard, Richard Seiersen, How to Measure Anything in Cybersecurity Risk,

Wiley, 2016

[5] Gregory J. Touhill, C. Joseph Touhill, Cybersecurity for Executives: A Practical Guide, Wiley-

AIChE, 2014

[6] William Stallings, Effective Cybersecurity: A Guide to Using Best Practices and Standards,

Addison-Wesley Professional, 2018

[7] Alan Calder, Nist Cybersecurity Framework: A Pocket Guide, Itgp, 2018




8 Security in E-business Systems (2.8) – INTEGRATED INTO 2.5


EU partner(s): CrySys Lab/BME


Main partner(s) to develop the course UNS (P1 – 100%)?

Due date: M28 (March 2020)


Partners to use elements of the course VTS – Using 2.5 instead of 2.8

Part of specialization (for involved Serbian HEIs): Security in E-business Systems



Course plan author(s): Goran Sladić


P1 possesses limited capabilities in teaching security of e-business systems, which they have been delivering as part of their E-Business Systems Security course. The new course will be developed based on the existing, but limited experience at P1 and the expert knowledge provided by the partner Polimi (P4).




9 Risk Analysis and Threat Modelling (2.9)


EU partner(s):


Main partner(s) to develop the course FON (P5 – 100%)

Period of implementation: M25-M33 (15.10.2019.-15.06.2020)



Part of specialization: Risk Analysis and Threat Modelling

Course plan author(s): Dragana Makajić-Nikolić




The course will be developed based on the existing experience in general risk analysis and assessment methodologies and the knowledge in IT area of teaching team members.

9.2 Course Outline


1 Cyber Security Strategies


Lecture list

1 Risk

• basic terms:asset, hazard, threat, vulnerability, attack, impact (consequence), likelihood (probability), countermeasure, risk mitigation

2 Risk management process

• establishing the context, communication and consultation, risk assessment, risk treatment, monitoring and review

3 Risk assessment process

• risk identification, risk analysis, consequence analysis, likelihood analysis and probability estimation, risk evaluation

4 Vulnerabilities an weaknesses analysis

5 Atack

6 Threat analysis

• threats in: client, web, application, data tiers; threat sources; threats motivations 7 Threat modeling:

• PASTA (The Process for Attack Simulation and Threat Analysis)




• OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation),

• Threat Modeling Web Applications,

• VAST (The Visual, Agile, and Simple Threat modeling) 8 Uncertainties and sensitivities in risk analysis

9 Risk analysis documentation, Monitoring and reviewing risk assessment, Application of risk assessment during life cycle phases

10 Standards related to risk assessment

• ISO 27001, ISO 31000, ISO Guide 73, ISO/IEC 31010

Lab exercise list

1 Mapping Threats and Vulnerabilities

2 PASTA

3 OCTAVE

4 Threat Modeling Web Applications

5 VAST

6 Risk assessment tools and applications






10 Cyber Incident Analysis and Response (2.10)


EU partner(s):



Period of implementation: M10-M17 (June 2018 - February 2019)



Part of specialization: Cyber Incident Analysis and Response

Course plan author(s): Miroslav Minović, Miloš Milovanović




FON possesses limited capabilities in teaching cyber Incident analysis and response, which they have been delivering as part of their Computer networks and Computer systems security course. The new course will be developed based on the existing, but limited experience at P5 and the expert knowledge provided by partner FOI (P2).

10.2 Course Outline


1 Computer networks

2 Computer systems security


Lecture list

1 Introduction to Incident Response and Handling

2 Risk management processes, application Security Risks

3 Basics of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy

4 Cybersecurity and privacy principles, cyber threats and vulnerabilities

5 Basics of computer networking concepts and protocols, and network security methodologies

6 Network security architecture concepts including topology, protocols, components, and principles

7 Incident categories, incident responses, and timelines for responses




8 Intrusion detection methodologies and techniques for detecting host and network-based intrusions

9 Network traffic analysis methods, packet-level analysis

10 Different classes of attacks, behavior of cyber attackers, cyber attack stages

11 Basics of malware analysis concepts and methodologies

Lab exercise list

1 Networking Security Monitoring

2 Penetration testing in IP networks

Concepts: packet capture, Wireshark, tcpdump, netstat, nmap

3 Network investigation tools and Windows Events, Firewall, Logs, Processes, and

Registry introductions

4 Actual attack and defensive tools and techniques

5 Static Malware Analysis/Dynamic Malware Analysis

6 Analyzing Malicious Windows Programs






11 Data Mining in Digital Forensics (2.11)


EU partner(s):


Main partner(s) to develop the course FON (P5 – 50%) UNS (P1- 50%)

Period of implementation: M17-M24 (February 15th 2019 – September 15th 2019)



Part of specialization: Data Mining in Digital Forensics

Course plan author(s): Boris Delibašić




P5 possesses limited capabilities in digital forensics, but huge experience in data mining. The new course will be developed based on the existing, but limited experience at P5 and the expert knowledge provided by partners FOI (P2) and POLIMI (P4).

11.2 Course Outline


1 Engineering Mathematics courses done

2 Basics of databases

3 BSc in Information Systems, Computer Science, Software Engineering, Electrical Engineering, Mechanical Engineering, Mathematics, or similar

Lecture list

1 Introduction to data mining (motivation, case studies)

2 Exploratory analysis in data mining (K-means like clustering, and A-priori association rules)

3 Predictive analysis in data mining (Decision trees, Logistic regression)

4 Visualization (of data, data mining models, and parameters)

5 Documenting the data mining process (CRISP DM like methodologies)

6 Data preparation

7 Advanced evaluation of data mining models (silhouette plots, AUC, AUPRC, F Measure, Alpha, Beta, mistakes)

8 Advanced algorithms for clustering (DB SCAN, OPTICS, Spectral clustering)

9 Advanced algorithms for prediction (Ensemble algorithms, SVMs, NNs)




10 Advanced setting of data mining algorithms parameters

11 Case study: Using data mining tools for digital forensics

Lab exercise list

1 Introduction to Orange data mining software

2 Advanced options in Orange data mining software

3 Introduction to Python

4 Building your first predictive data mining models in Python

5 Building clustering models in Python

6 Visualization in Python






12 Digital Forensics Tools and Techniques (2.12)


EU partner(s):



Period of implementation: M10-M17 (September 2018 - June 2019)



Part of specialization: Digital Forensics Tools and Techniques

Course plan author(s): Miroslav Bača, Svetlana Jovanovic




FON possesses limited capabilities in teaching digital forensics tools and techniques, which they have been delivering as part of their Cyber crime program. The new course will be developed based on the existing, but limited experience at P5 and the expert knowledge provided by partner FOI (P2).

12.2 Course Outline


1 Computer networks


Lecture list

1 Forensic objectives and principles

2 Forensic Media Preparation

3 Write blockers

4 Acquisition of media

5 Digital chain of custody

6 Basic forensic document analysis

7 Internet and web artifacts analysis

8 Forensic recovery

9 Mobile device forensic




10 Documents and reports

11 Presenting evidence

12 ISO 27037 and DCoC

Lab exercise list

1 Investigating data streams

2 File storage dates and times

3 File deletion/recovery

4 Recovering Internet Usage Data

5 Recovering: Swap Files/Temporary Files/Cache Files

6 Preservation and safe handling of original media

7 Making bitstream copies of original media

8 Word document forensics and password cracking

9 Practical use digital forensics tools: Forensic TookKit (FTK)

10 Practical use digital forensics tools: Autopsy

11 Practical use digital forensics tools: Mobile device forensics






13 Mobile and Multimedia Forensics (2.13)


Main partner(s) to develop the course FON, UNI (P5-50%, P6 – 50%)

Period of implementation: M22-M30 (July 2019-March 2020)



Part of specialization: Mobile and Multimedia Forensics

Course plan author(s): Miloš Milovanović, Bratislav Predić, Miroslav Minović, Dragan Stojanović




Main partner(s) to develop the course FON, UNI (P5-50%, P6 – 50%)


FON possesses limited capabilities in teaching mobile and multimedia forensics. Topics from this area were incorporated in to courses Mobile computing and Computer system security taught at final year of undergraduate studies. Partner UNI has some experience in the field of Digital forensics with the existing master level course at UNI. The new course will be developed based on the existing course at UNI and experience at FON and the expert knowledge provided by partners FOI (P2), CrySys Lab (P3) and Polimi (P4).

13.2 Course Outline


1 Multimedia/Multimedia computing/Computer graphics

2 Mobile computing

3 Computer systems security


Lecture list

1 • Introduction to Mobile Forensics

2 • Introduction to Multimedia Forensics

3 Analysis of computer components

• Examination stages, components of computer system, computer processes. 4 Analysis of computer digital storage devices

• Data storage and data management, data acquisition, recovering of data, deriving evidence. 5 Mobile device analysis

• Operating principles of mobile computer, communication in mobile networks, mobile




computer components, file systems, operating systems. 6 Data in mobile device analysis

• Data retrieval, analysis and deriving evidence. 7 SIM / UICC card forensics

• Concepts: SIM / UICC structure and File Systems, SIM security, SIM cloning 8 Properties of Multimedia

• Concepts: multimedia devices and data formats

• Types of multimedia content, multimedia content structure and metadata, multimedia encoding.

9 Multimedia data analysis

• Reparation of corrupted multimedia data, enhancing multimedia data for analysis. 10 Multimedia device fingerprints

• Concepts: Extraction and representation of device fingerprints, Enhancement of device fingerprints, Source device identification based on device fingerprints

11 Watermarking

Concepts: watermarking for different multimedia data formats, watermarking resilience

12 Reporting

Report formats in digital forensics.

13 Testimony

• Introducing court procedures and legislative topics. Methods of providing expert testimonial in court procedure.

Lab exercise list

1 Performing a thoroughcomputer analysis

• Developing work environment (storage preparation), retrieving data, data analysis, deriving evidence from partition session information, file types and metadata.

• Android: operating system specifics, file system, data storage

• Android: rooting, malware, Android Debug Bridge

• Android device analysis Tools: Oxygen Forensic Suite 2 Performing analysis of mobile computer

• Accessing onboard storage, acquiring evidence, identify device information, retrieve timestamp information, and prepare analytical report.

• Android: evidence sources (contacts, SMS, phone logs), timeline analysis, application analysis, data recovery

• Mobile SIM analysis Tools: MOBILedit! Forensic, pySIM, AccessData Mobile Phone Examiner (MPE) Plus, SIMpull

3 Performing multimedia data analysis

• Analyze video, image and text. Deal with video playback issues, perform recovery. Analyze data retrieved from video. Salvage analog data and convert to digital data.

4 Practical excersises

• Image watermarking Tools: Digimark, Icemark

• Super-resolution Tools: neural-enhance 5 Generating reports

• Writing a structured report base on real life scenario.




6 Court case studies

• Doing a study case based on known example.






14 Security Data Science (2.14)


EU partner(s): FOI (P2), BME/CrySys (P3)

Industrial partner(s): UT (P8)

Main partner(s) to develop the course UNS (P1 – 70%), UNI (P6 – 30%)



Partners to use elements of the course UB




Course plan author(s): Imre Lendak, Dragan Stojanovic

14.1 Goals

The goal of the Security Data Analytics course is to prepare students for higher-level security analyst roles (L2/L3). Experts possessing relevant skills in this domain are highly sought after in various industries, e.g. financial infrastructures (e.g. banks, credit card system operators), big multi-national companies, ministries and various Computer Emergency Response Teams (CERT). The students will become familiar with the different security monitoring data types. They will learn the necessary techniques for collecting, preprocessing and storing security monitoring data. They will become familiar with different data analysis and visualization solutions. They will acquire detailed knowledge of anomaly detection techniques and challenges. Additionally, they will become familiar with the operating environment in modern Security Operations Centers (SOC).


P1 and P6 possess entry-level capabilities in teaching general data science topics, e.g. existing courses in statistics, machine learning and artificial intelligence, which they have been delivering as part of their existing study programs in computer science. The new course will be developed based on the existing, but limited experience at P1/P6 and the expert knowledge provided by partners FOI (P2), BME/CrySys (P3) and industrial partner UT (P8), who are developing a Security Operations Center (SOC) as a service business.

14.3 Course Outline


1 Advanced network security

2 Introduction to data science and machine learning


Lecture list

1 Latest threats and the traces they leave in Information Systems. Security baseline. Full packet capture




(FPC), packet string (PSTR) and session data acquisition and storage

2 Operating system and application log data collection, storage, analysis and visualization

3 Security appliance and intelligence data feed acquisition and storage

4 Indicators of compromise, rule- and reputation-based data analysis

5 Security data visualization and visual analytics

6 Anomaly detection with statistical data analysis (point-, contextual- and collective anomalies)

7 Applied machine learning and big data analytics in cybersecurity (classification, clustering, prediction, real-time stream analysis)

8 Anomaly-based detection with machine learning techniques, anomaly detection challenges in Information Security (unbalanced, verification latency)

9 Adversarial machine learning

10 Protecting e-commerce system and financial fraud detection

11 Malware detection and analysis

12 Data science methods and metrics in Security Operations Centers (SOC), Computer Emergency Response Teams (CERTs). Common Vulnerability Scoring System (CVSS v3.0)

Lab exercise list

1 Full packet capture (FPC) data acquisition and analysis

2 Packet string (PSTR) and session data acquisition and analysis

3 Operating system (OS)/application log data acquisition and analysis.

4 Security data feed data acquisition and analysis (Common Vulnerabilities and Exposures (CVE) databases, live data feeds)

5 Security data normalization and correlation. NSM, IDS/IPS and SIEM data analysis tools (Security Onion, Snort, Sguil, Bro)

6 Statistical data analysis in anomaly detection

7 Rule- and reputation-based data analysis in cybersecurity, Intrusion Detection/Prevention Systems

8 Machine learning in anomaly detection

9 Anomaly detection challenges (e.g. unbalanced data, verification latency)

10 Advanced data filtering and visualization in network security monitoring


The course will be documented via Power Point presentations, a textbook and other e-materials.

14.5 References

[1] Sanders, C., & Smith, J. (2013). Applied network security monitoring: collection, detection, and

analysis. Elsevier.

[2] Halder S. (2018). Hands-on Machine Learning for Cybersecurity. Packt Publishing.

[3] Chio C., Freeman D (2018). Machine Learning and Security: Protecting Systems with Data and

Algorithms. O'Reilly Media.




[4] Akidau, T., Chernyak, S., & Lax, R. (2018). Streaming Systems: The What, Where, When, and how

of Large-scale Data Processing. O'Reilly Media, Inc.

[5] Bhattacharyya, D. K., & Kalita, J. K. (2013). Network anomaly detection: A machine learning

perspective. Chapman and Hall/CRC.

[6] Jacobs, J., & Rudis, B. (2014). Data-driven security: analysis, visualization and dashboards. John

Wiley & Sons.

[7] Collins, M., & Collins, M. S. (2014). Network security through data analysis: building situational

awareness. O'Reilly Media, Inc.




15 Computer Security (2.15)


EU partner(s): BME/CrySys (P3), Polimi (P4)

Industrial partner(s): UT (P8)

Main partner(s) to develop the course UNS (P1 – 100%)

Due date: M35


Partners to use elements of the course UB




Course plan author(s): Veljko Petrović


The goal of Computer System Security is to equip students with a practical understanding of single-system security, and security considerations on a computer architecture and operating system level. This information includes likely attack surfaces of such systems and detailed analysis of attack vectors such as malware and memory-corruption attacks as well as methods of protection including techniques of operating system configuration and hardening. This gives students a solid technical foundation for further specialization and equips them with foundational skills for practical work in the construction of secure computer systems.

P1, P5, P6 and P9 possess entry-level capabilities in teaching general computer architecture and operating systems courses, e.g. existing courses in computer architecture, operating systems and compiler design, which they have been delivering as part of their existing study programs in computer science. The new course will be developed based on the existing, but limited experience at P1, P5, P6 and P9 and the expert knowledge provided by partners BME/CrySys (P3) and Polimi (P4), as well as industrial partner UT (P8), who are a solution provider in the cybersecurity domain with broad experience in information security.

15.2 Course Outline



Lecture list

1 Introduction to security; the history of computer system security; attack surfaces and vulnerabilities.

2 Hardware security and physical security as a basis; the human element and operational vulnerability.

3 Side-channel attacks, trusted computing, trusted execution environments, and crypto-modules.

4 IoT technology as an example of weaknesses at an architecture level; IoT attack vectors.

5 Operating system security; POSIX model of security; Windows model; policies and ACLs.




6 Kernel adaptations to security; MMU and memory security; software counters to hardware issues.

7 Hardening an OS to attack; operating system security through configuration and adjustment

8 Memory management attacks; the x86 and ARM architectures and their weaknesses; stack attacks

9 Buffer attacks: static, heap, overrun, and underrun;RTL and ROP attacks. Printf attacks.

10 Memory management attack mitigation: NX/XN bits, address space randomization, compiler defense

11 Nature of malware; history and development; common malware attack and infection vectors

12 The anatomy of a virus: historical and current examples; botnets and mining viruses

Lab exercise list

1 Operating system security essentials: simple configuration for security

2 Advanced operating system security management

3 Kernel-level adaptations to operating system security

4 Exploiting memory management weaknesses I: buffers and stack attacks

5 Exploiting memory management weaknesses II: RTL and ROP; hardware weakness exploitation

6 Defense against memory management weaknesses

7 Malware dissection and analysis; writing a simple virus in a virtual machine environment


The course will be documented via Power Point presentations, and other e-materials.

15.4 References

[1] Yuri Diogenes, Diogenes Oyakza, Cybersecurity – Attack and Defense Strategies:

Infrastructure security with Red Team and Blue Team tactics, 2018

[2] Christopher Hadnagy, Social Engineering: The Science of Human Hacking, 2nd Edition, 2018

[3] Shancang Li Li Da Xu, Securing the Internet of Things, 2017

[4] Phil Bramwell, Hands-On Penetration Testing on Windows: Unleash Kali Linux, PowerShell,

and Windows debugging tools for security testing and analysis, 2018

[5] Monnappa K A, Learning Malware Analysis: Explore the concepts, tools, and techniques to

analyze and investigate Windows malware, 2018

[6] Seymour Bosworth, M. E. Kabay, Eric Whyne, Computer Security Handbook, Set 6th Edition,

2014

[7] Swarup Bhunia, Mark Tehranipoor, Hardware Security: A Hands-on Learning Approach 1st

Edition, 2017




16 Course development plan

The table below contains data on each planned course: EU partner(s) that will supervise the course development, the Serbian HEI(s) that will develop the course, Serbian HEI(s) that will use the developed course (completely or partially – only some material in other current courses), and finally – planned development period.

ID Title EU Partner Developed by Used by Period

2.1 Critical Infrastructure Security BME, Polimi UNS M13-M21

2.2 Secure Software Development BME UNS, UNI, ETF VTS M7-M12

2.3 Cloud Security – INTEGRATED INTO 2.15

FOI UNS, ETF (PhD-level)

VTS M25-M32

2.4 Security and privacy in the Internet of Things

FOI, BME VTS, UNI M16-M24

2.5 Applied Cryptography and Cryptanalysis BME UNS ETF (partially) M16-M24

2.6 Advanced Network Security Polimi ETF, VTS UNS, UNI, FON M7-M15

2.7 Cyber Security Strategies BME FON UNS, UNI M7-M15

2.8 Security in E-business Systems – INTEGRATED INTO 2.5

Polimi UNS VTS M19-M28

2.9 Risk Analysis and Threat Modelling Polimi FON, UNS FON M25-M33

2.10 Cyber Incident Analysis and Response FOI FON, UNS M10-M17

2.11 Data Mining in Digital Forensics FOI, Polimi FON, UNS M17-M24

2.12 Digital Forensics Tools and Techniques FOI FON, UNI UNS, ETF (partially) M13-M21

2.13 Mobile and Multimedia Forensics FOI FON, UNI VTS M29-M36

2.14 Security Data Science FOI UNS, UNI UNS, UNI M24-M32

2.15 Computer Security BME UNS VTS M22-M34

The table below contains overview of planned course by the month of completion.

Month of completion ID Title

M12 2.2 Secure Software Development

M15 (Course Dev. Phase I) 2.6 Advanced Network Security

2.7 Cyber Security Strategies

M17 2.10 Cyber Incident Analysis and Response

M21 2.1 Critical Infrastructure Security

2.12 Digital Forensics Tools and Techniques

M24 (Course Dev. Phase II – aligned with the start of the 2019 winter semester)


2.5 Applied Cryptography and Cryptanalysis

2.11 Data Mining in Digital Forensics

M32 2.14 Security Data Science

M34 2.15 Computer Security (with elements of 2.3 Cloud Security)




M33 2.9 Risk Analysis and Threat Modelling

M36 (Course Dev. Phase III – aligned with the start of the 2020 winter semester)

2.13 Mobile and Multimedia Forensics

There will be three main course development phases:

• Phase I will last until M15, i.e. January 2019. During this phase courses 2.2, 2.6 and 2.7 will be

completed.

• Phase II will last until M24, i.e. October 2019. The following courses will be completed in this

course development phase: 2.1, 2.4, 2.5, 2.11 and 2.12.

• Phase III will cover the last project year, i.e. month range M25-M36. During this phase the

following courses will be completed: 2.9, 2.10, 2.13, 2.14 and 2.15.




17 Course progress indicators and measurement plan

The table below contains information on planned course outputs and outcomes, indicators of progress and measures for the indicators measurement.

Outputs and outcomes

WP2 - Curriculum Development - Training & learning materials:

2.1 Critical Infrastructure Security

2.2 Secure Software Development


2.5 Applied Cryptography and Cryptanalysis

2.6 Advanced Network Security

2.7 Cyber Security Strategies

2.9 Risk Analysis and Threat Modelling

2.10 Cyber Incident Analysis and Response

2.11 Data Mining in Digital Forensics

2.12 Digital Forensics Tools and Techniques

2.13 Mobile and Multimedia Forensics

2.14 Security Data Science

2.15 Computer Security

Indicators of progress

• 13 Textbooks or Wiki-like web-based content • 13 Documented laboratory exercise instructions • 39 training materials created by the EU partners • 39 Curricula development trainings organized

How indicators will be measured

• Training attendance sheets • Training materials attached to interim and final project report • Project dissemination, e.g. web portal • Textbooks stored in the libraries of Serbian HEIs • Web-based content: Wiki-based lectures • Web-based content: documented laboratory exercise instructions • Project interim report