14-829 / 18-638: Mobile and IoT Security - Fall 2021

Rules of Engagement:

In general, our goal is to foster a supportive learning environment in which students can explore, be creative, and expand their knowledge and abilities. This requires courtesy and action from everyone involved in the course, and there are many things to take into consideration, including caring for yourself and supporting each other. An important part of learning is participation, including asking questions when something is unclear or when you'd like to know more than what is covered in class. While we try to provide a bias- and judgement-free environment where students are free to speak up, we acknowledge that not everyone is comfortable speaking during class, so we will provide ample opportunity to ask questions privately, anonymously, or publicly. Asking the instructor for clarification or to repeat something is not disrespectful, but rather shows that you are actively engaged and eager to learn. Disagreeing with the instructor is not disrespectul, and you are strongly encouraged to start a discussion in class in such a case.

Academic Policies:

Students are expected to follow all academic policies set forth by departments, colleges, and the university. A (likely incomplete) list of such policies is included here for ease of access.

• CMU Academic Integrity Policy
• College of Engineering Policies
• INI Student Handbook
• ECE MS Policies (w/ link to handbook)

In addition, students are expected to adhere to these additional policies put in place for this course. If any of these are unclear, please contact the instructor directly.

• Collaboration Policy: For individual assignments, discussion about the assignment is encouraged, but students must complete the assignment individually - this means no sharing of code, figures, algorithms, design, etc. beyond discussing the approach to be taken. Copying and sharing are cheating and will result in reporting an Academic Integrity Violation.
• Plagiarism & Citation Policy: Do not copy, paraphrase, or mention any existing material without a full bibliographic citation of where the material was obtained from - in the case of direct inclusion of written material, use quotations appropriately. Plagiarism is cheating and will result in reporting an Academic Integrity Violation.
• Wiki Policy: Do not cite Wikipedia or other similar wiki pages - these are not reliable sources of information. Most reasonably good wiki pages include their own references, so follow those links and cite those sources instead. Including such citations will result in a 50% penalty in the corresponding assignment/deliverable.
• Grading Policy: We will always re-grade work upon reasonable and polite request. We sometimes make mistakes, and we're happy to fix them.
• Deadlines: All deadlines are fixed by the first day of class. Late submission of all deliverables (except the exam) will be penalized using the penalty function described in class materials. Unpenalized extensions will only be granted in extreme circumstances, and please ask as soon as you are aware of such circumstances.

Ethics of Security Education and Research:

As with any course or project related to security, students should be aware of ethical implications of what they are learning and doing. This includes, but is not limited to the following:

• Research, development, and experimentation with sensitive information, attack protocols, misbehavior, etc. should be performed with the utmost care and respect. Students are responsible for seeking IRB approval when needed and understanding potential legal implications of actions taken outside of a controlled environment. Students are expected to follow a strict ethical code, especially when dealing with potentially sensitive information.
• Students are encouraged to consult with the instructor if there is any shred of uncertainty around ethical or legal implications.

Additional Guidelines, Resources, and Policies:

Every individual must be treated with respect. The ways we are diverse are many and are critical to excellence and an inclusive community. They include but are not limited to: race, color, national origin, sex, disability, age, sexual orientation, gender identity, religion, creed, ancestry, caste, belief, veteran status, or genetic variability. We at CMU will work to promote diversity, equity, and inclusion because it is just and necessary for innovation. Therefore, while we are imperfect, we will work inside and outside of our classrooms, to increase our commitment to build and sustain a community that embraces these values. It is the responsibility of each of us to create a safer and more inclusive environment. Bias incidents, whether intentional or unintentional in their occurrence, contribute to creating an unwelcoming environment for individuals and groups at the university. If you experience or observe unfair or hostile treatment on the basis of identity, we encourage you to speak out for justice and support in the moment and and/or share your experience anonymously through the CMU Center for Student Diversity and Inclusion or Report-It.

Active Shooter Advice: To prepare for the unlikely event of a campus shooting, please refer to CMU's Active Shooter Awareness Resources.

Earthquake Preparation: During an earthquake, "drop, cover, and hold on." Helpful details are available via Earthquake Country Alliance.

Accommodations for Students with Disabilities: If you have a disability and have an accommodations letter from the Disability Resources office, I encourage you to discuss your accommodations and needs with me as early in the semester as possible. I will work with you to ensure that accommodations are provided as appropriate. If you suspect that you may have a disability and would benefit from accommodations but are not yet registered with the Office of Disability Resources, I encourage you to contact them at access@andrew.cmu.edu.

Take Care of Yourself: Please do your best to maintain a healthy lifestyle this semester by eating well, exercising, avoiding drugs and alcohol in excess, getting enough sleep and taking some time to relax. This will help you achieve your goals and cope with stress. All of us benefit from support during times of struggle. You are not alone. There are many helpful resources available on campus and an important part of the college experience is learning how to ask for help. Asking for support sooner rather than later is often helpful. If you or anyone you know experiences any academic stress, difficult life events, or feelings like anxiety or depression, I strongly encourage you to seek support. Counseling and Psychological Services (CaPS) is here to help: call 412-268-2922 or visit the CaPS website. Consider reaching out to a friend, faculty, or family member you trust for help getting connected to the support that can help. Please let me know if I can be of assistance to you in this way. It is not my intention to know the details of what might be bothering you, but simply to let you know I am concerned and that help, if needed, is available.

CMU Academic Integrity Policy: In the midst of self-exploration, the high demands of a challenging academic environment can create situations where some students have difficulty exercising good judgment. Academic challenges can provide many opportunities for high standards to evolve if students actively reflect on these challenges and if the community supports discussions to aid in this process. It is the responsibility of the entire community to establish and maintain the integrity of our university. This site is offered as a comprehensive and accessible resource compiling and organizing the multitude of information pertaining to academic integrity that is available from across the university. These pages include practical information concerning policies, protocols and best practices as well as articulations of the institutional values from which the policies and protocols grew. The Carnegie Mellon Code, while not formally an honor code, serves as the foundation of these values and frames the expectations of our community with regard to personal integrity.

THE CARNEGIE MELLON CODE
Students at Carnegie Mellon, because they are members of an academic community dedicated to the achievement of excellence, are expected to meet the highest standards of personal, ethical and moral conduct possible. These standards require personal integrity, a commitment to honesty without compromise, as well as truth without equivocation and a willingness to place the good of the community above the good of the self. Obligations once undertaken must be met, commitments kept. As members of the Carnegie Mellon community, individuals are expected to uphold the standards of the community in addition to holding others accountable for said standards. It is rare that the life of a student in an academic community can be so private that it will not affect the community as a whole or that the above standards do not apply. The discovery, advancement and communication of knowledge are not possible without a commitment to these standards. Creativity cannot exist without acknowledgment of the creativity of others. New knowledge cannot be developed without credit for prior knowledge. Without the ability to trust that these principles will be observed, an academic community cannot exist. The commitment of its faculty, staff and students to these standards contributes to the high respect in which the Carnegie Mellon degree is held. Students must not destroy that respect by their failure to meet these standards. Students who cannot meet them should voluntarily withdraw from the university.
This policy applies, in all respects, to this course.

Carnegie Mellon University's Policy on Cheating states the following:
According to the University Policy on Academic Integrity, cheating "occurs when a student avails her/himself of an unfair or disallowed advantage which includes but is not limited to:

• Theft of or unauthorized access to an exam, answer key or other graded work from previous course offerings.
• Use of an alternate, stand-in or proxy during an examination.
• Copying from the examination or work of another person or source.
• Submission or use of falsified data.
• Using false statements to obtain additional time or other accommodation.
• Falsification of academic credentials."

This policy applies, in all respects, to this course.

Carnegie Mellon University's Policy on Plagiarism states the following:
According to the University Policy on Academic Integrity, plagiarism "is defined as the use of work or concepts contributed by other individuals without proper attribution or citation. Unique ideas or materials taken from another source for either written or oral use must be fully acknowledged in academic work to be graded. Examples of sources expected to be referenced include but are not limited to:

• Text, either written or spoken, quoted directly or paraphrased.
• Graphic elements.
• Passages of music, existing either as sound or as notation.
• Mathematical proofs.
• Scientific data.
• Concepts or material derived from the work, published or unpublished, of another person."

This policy applies, in all respects, to this course.

Carnegie Mellon University's Policy on Unauthorized Assistance states the following:
According to the University Policy on Academic Integrity, unauthorized assistance "refers to the use of sources of support that have not been specifically authorized in this policy statement or by the course instructor(s) in the completion of academic work to be graded. Such sources of support may include but are not limited to advice or help provided by another individual, published or unpublished written sources, and electronic sources. Examples of unauthorized assistance include but are not limited to:

• Collaboration on any assignment beyond the standards authorized by this policy statement and the course instructor(s).
• Submission of work completed or edited in whole or in part by another person.
• Supplying or communicating unauthorized information or materials, including graded work and answer keys from previous course offerings, in any way to another student.
• Use of unauthorized information or materials, including graded work and answer keys from previous course offerings.
• Use of unauthorized devices.
• Submission for credit of previously completed graded work in a second course without first obtaining permission from the instructor(s) of the second course. In the case of concurrent courses, permission to submit the same work for credit in two courses must be obtained from the instructors of both courses."

This policy applies, in all respects, to this course.

Carnegie Mellon University's Policy on Research Misconduct states the following:
According to the University Policy For Handling Alleged Misconduct In Research, "Carnegie Mellon University is responsible for the integrity of research conducted at the university. As a community of scholars, in which truth and integrity are fundamental, the university must establish procedures for the investigation of allegations of misconduct of research with due care to protect the rights of those accused, those making the allegations, and the university. Furthermore, federal regulations require the university to have explicit procedures for addressing incidents in which there are allegations of misconduct in research." The policy goes on to note that "misconduct means:

• fabrication, falsification, plagiarism, or other serious deviation from accepted practices in proposing, carrying out, or reporting results from research;
• material failure to comply with Federal requirements for the protection of researchers, human subjects, or the public or for ensuring the welfare of laboratory animals; or
• failure to meet other material legal requirements governing research."

"To be deemed misconduct for the purposes of this policy, a 'material failure to comply with Federal requirements' or a 'failure to meet other material legal requirements' must be intentional or grossly negligent." To become familiar with the expectations around the responsible conduct of research, please review the guidelines for Research Ethics published by the Office of Research Integrity and Compliance.
This policy applies, in all respects, to this course.