Security of Emerging Connected Systems

Faculty of Engineering, Environment and Computing
7026CEM Security of Emerging Connected
Systems
Assignment Brief

Module Title
Security of Emerging
Connected Systems
Individual Cohort
2122JANMAY
Module Code
7026CEM
Coursework Title
Coursework 1 – Policy and Legal Aspects Report
analysis.
Hand
out
date:
19
th Nov 2022
Lecturer
Dr. Basil Elmasri
Due date and
time:
5
th Dec 2022
18:00 UK time.
Estimated Time (hrs): 15-20.
Word Limit*: 1500, not including
appendices, logs, screenshots, PoC
code, etc.
Coursework
type: Report
This assessment
is worth 5 credits
Submission arrangement online:
File types and method of recording: docx
only.
Mark and Feedback date: 10
th Jan 2023.
Mark and Feedback method: TurnItIn/Aula online grading and feedback.

 

Module Learning Outcomes Assessed:
1. Critically evaluate the role of a security policy for protecting information
assets and be able to propose appropriate security policies to defend those
assets based on an understanding of security concepts and their
application to internet-based technologies.
2. Demonstrate a sound understanding of the key legislation that relates to
information security and how it influences the security policy of an
organisation.

 

VERY IMPORTANT NOTES
You MUST create a folder in the VM desktop, name it exactly “<first_name>
<last_name>-<ID>”, unzip and place the
domus.zip inside the folder you created,
the unzipped folder MUST be the same name,
i.e., domus. In each command line,
you MUST show this folder path in EVERY screenshot
within your report. Screenshots
MUST be clear and easy to read.
For example, if your first name is “Alice” your last name is “Bob”, and your ID is
123456”, then the folder’s name on the desktop is:
Alice Bob-123456
Full path to the given system MUST include:
…/Alice Bob-123456/ domus

You MUST include proper evidence of performing the experiments in CW2 such as
screenshots,
failure to do so will result in failing CW1.
You
MUST write and ONLY submit MS Word “.docx” file.
Task and Mark distribution:
This coursework consists of two pieces. Students MUST do both pieces.
For this coursework, you should have done CW2; successfully tested all or part of domus
system. Discuss the laws and the legal background related to copyright and the leaked
Personal Identifiable Information (PII) in CW2 domus system.
1. First piece: Copyright laws and legal background of “domus”.
Domus developers are considering distributing or selling for profit domus system in the UK
and US markets.
Discuss the related copyright and copyleft matters related to the system, according to both
UK and US legal systems.
Discuss, with references, both scenarios, either the system will be an open source or not,
discuss the end users’ licence agreement, terms and conditions, contracting, developing
extra features by others, adding libraries, sensors… etc.
Consider all legal aspects (not just copyright), penalties, legal implications, and the legal
consequences on the related parties party that might be related to a system breaching; the
attacker, the system developer or vendor, the distributer (e.g. re-seller) and the end user.
2. Second piece: laws and legal background of the leaked PII.
There is PII leakage in CW2 domus system, discuss the legal background of the PII leakage
in domus in CW2. What laws, regulations, in UK and US that are concerned with such
leakage. Consider legal aspects, penalties, legal implications, and the legal consequences
on the related parties; the attacker, the system developer or vendor, the distributer (e.g. re
seller) and the end user.

 

Laws and legal background:
For each piece, the report must discuss the UK and US legislation that might be applicable.
Covering the legal aspects, penalties, legal implications, and the legal consequences on the
related parties – the attacker, the system developer, the distributer (e.g. re-seller), and the
end user. Your report must clearly link the issues found in pieces 1 and 2 to the relevant
sections of legislation explaining why the legislation is relevant.
UK Law understanding and coverage (50%, ~800-900 words): coverage of all applicable
legal aspects and a demonstration of a good understanding of the relevant legislation and
the applicable legal consequences or penalties resulting from the legislation.
US Law understanding and coverage for both pieces (40%, ~600-700 words): coverage of
key aspects to be considered and the applicable legal consequences or penalties.
Report (10%): a report suitable for both technical staff and non-technical management; the
style/structure of the report, and the use of language and grammar. Use proper way of citations,
check Coventry University’s guide on writing. Style recommendations:
o Use 3rd person and passive voice rather than 1st and 2nd person.
o Use MS Word with Arial /Sans Serif font or Times New Roman, size 12, and 1.15 line
spacing.
o Paragraphs are left alignment or justified.
o Acronyms should be capitalised, explained, and added to a table of acronyms at the
beginning of the report.
o Figures, tables, and graphs should be captioned and added to list of figures, tables, and
graphs.
o Add a table of contents at the beginning of the report.
o Avoid using American English and use British English.
o Wikipedia must not be used as a reference, through it can be used as a key point or a
start for reading and gaining knowledge, with checking the right references.
o All legislation must be properly referenced.
General report structure recommendations, but numbered heading and sections:

Copyright Section
o UK Subsection
o US Subsection
PII leak Section
o UK Subsection
o US Subsection
OR UK Section
o Copyright Subsection
o PII leak Subsection
US Section
o Copyright Subsection
o PII leak Subsection
OR UK Copyright
UK PII leak Subsection
US Copyright Subsection
US PII leak Subsection

Marking scheme and criteria next page…

 

Marking distribution:

Criteria Legal Discussion Sum
Copyright PII leak
UK Law 25% 25% 50%
US Law 20% 20% 40%
Fail
<40
No laws were discussed, or no discussion of the impact of the
legislation. No evidence of specific issues relation to the domus
system.
Bare Pass
<50
Barely mentioning the legal issues related to the above matter, very
little discussion, or discussion of one related legal side per issue.
Discussion of the legal implications on the attacker only
Pass
<60
Fair discussion of some of the legal sides of each issue. Listing some
of the possible legal consequences against any breach or attack, for
some of the possible related parties; discussion of the legal
implications on two parties only, of which the attacker is one of them.
Merit
<70
Good discussion covering most sides of the legal systems for each
issue. Listing some of the possible legal consequences against any
breach or attack, for most of the possible related parties; discussion
of the legal implications on three parties only, of which the attacker is
one of them.
Distinction
≥70
Full analysis of the legal systems that are related to each issue,
Listing all the possible legal consequences against any breach or
attack, for all the possible related parties.
Higher
grades
Technical examples of how to protect or avoid any legal
consequences.
Report Fail marks will be granted for unprofessional poorly written
report, having legal phrases being copied and pasted without
discussion or paraphrasing. poor grammar, poor stye, poor or
INCORRECT citation and referencing… etc. blurred or
unclear screenshots Minor academic misconduct.
Reduced marks if report was way more than the word limit.
See CW2 brief for more details on report marking criteria.
10%
Total 100%

Notes on some rule and regulations on next page…

 

Notes:
1. You are expected to use the
Coventry University APA style for referencing. For support
and advice on this students can contact
Centre for Academic Writing (CAW).
2. Please notify your registry course support team and module leader for disability support.
3. Any student requiring an extension or deferral should follow the university process as
outlined
here.
4. The University cannot take responsibility for any coursework lost or corrupted on disks,
laptops or personal computer. Students should therefore regularly back-up any work
and are advised to save it on the University system.
5. If there are technical or performance issues that prevent students submitting
coursework through the online coursework submission system on the day of a
coursework deadline, an appropriate extension to the coursework submission deadline
will be agreed. This extension will normally be 24 hours or the next working day if the
deadline falls on a Friday or over the weekend period. This will be communicated via
your Module Leader.
6. You are encouraged to check the originality of your work by using the draft Turnitin links
on Aula.
7. Collusion between students (where sections of your work are similar to the work
submitted by other students in this or previous module cohorts) is taken extremely
seriously and will be reported to the academic conduct panel. This applies to both
courseworks and exam answers.
8. A marked difference between your writing style, knowledge and skill level demonstrated
in class discussion, any test conditions and that demonstrated in a coursework
assignment may result in you having to undertake a Viva Voce in order to prove the
coursework assignment is entirely your own work.
9. If you make use of the services of a proof reader in your work you must keep your original
version and make it available as a demonstration of your written efforts.
10. You must not submit work for assessment that you have already submitted (partially or
in full), either for your current course or for another qualification of this university, with the
exception of resits, where for the coursework, you maybe asked to rework and improve
a previous attempt. This requirement will be specifically detailed in your assignment brief
or specific course or module information. Where earlier work by you is citable, i.e. it has
already been published/submitted, you must reference it clearly. Identical pieces of work
submitted concurrently may also be considered to be self-plagiarism.