At UQAC, you can navigate from one building to another without ever having to go outside, by tunnel or footbridge, just like with Montreal Underground. There's no excuse not to go to class either: buses run whatever the weather, devouring snow-covered hills even if the snowplough hasn't cleared yet. Fortunately, some courses are held in hybrid mode, meaning you can take part in both face-to-face and distance learning.
UQAC residences at night, under the snow
My course selection
The organization is the same as for the first term: four 2.45-hour courses per week, to choose from among fifteen or so.
🧑💻IT project management, presented by Ph.D. professors Bruno Bouchard & Gilles Imbeau
At ISEN, I had the opportunity to take a course on project management methods to help me improve my project planning. This course covers the same topics, applied to concrete cases, presented by two pedagogical Ph.D.'s from Quebec. It was a pleasure to take part in these weekly sessions, in which discussion was given its rightful place. I learned how to produce a set of documents to justify a project as part of its planning, as well as documents to define a Sprint (Agile method):
› Draw up a functional analysis
› Split the project into tasks (WBS)
› Determine resources
› Draw up a budget
› Draw up a GANTT chart
› Identify risks
› Develop corrective measures
› Justify your mandate to a sponsor
› Establish and refine a Product Backlog
› Determine an initial Sprint Backlog
I also discovered different project management methods and tools: LEAN, AGILE, Scrum, Spotify, ... I was able to make use of my knowledge from this course to some of my projects, one of which I'll develop in the next section.
📲Internet of Things, presented by Professor Laurent Ferrier
The professor is himself involved in building systems with connected objects. Here are two of his projects:
- Tracking the position of a train between Sept-Îles and Schefferville (northern Quebec) to allow HiRail pick-ups to work safely, performing track maintenance. 🛻👷♂️
- Setting up a platform to monitor the health of fishing boats using connected devices. ⛴⚕️
In this course, I learned how to create a system of connected devices communicating via long-range radio. First, there was some theory, notably on the range of telecommunication systems with bit rate calculations. Then I saw the architecture of a connected node, which includes the sensors, the microcontroller and the radio module. And finally we were able to put this knowledge into practice by creating our own system, choosing our modules and imagining the needs of a company. You can find out more about the project developed with Erwan Renault and Théo Dubois: Demonstrative video, Github, Documentation. We've mainly used Arduino, The Things Network with LoRaWAN and Cayenne.
IoT application dashboard view
🔐Security for the Internet of Things, presented by Professor Ph.D. Fehmi Jaafar
Now that I know more about how an IoT system works, I can look at the cybersecurity aspect. This course focuses on student evaluation of scientific articles. I reviewed the basic concepts and challenges of connected devices security, as well as cyber resilience and some tools for detecting infected objects. I worked on two projects:
- The first one was to find vulnerabilities in a connected camera loaned by UQAC, while at the same time collecting traces on the network and the device's energy consumption that our attacks left behind for analysis.
- The second one was the implementation of an IDS (Intrusion Detection System) for the same connected camera. We evaluated the effectiveness of different Machine Learning (ML) models for detecting the presence of attacks on connected devices. If you'd like more information, you can read our report or take a look at our Github. We had to go through several stages: collecting, preparing, analyzing and processing the data, then interpreting the results and finally analyzing the ML model.
🕵️Practical cybersecurity workshop, presented by Professor Ph.D. Fehmi Jaafar
This course allowed us to synthesize the knowledge acquired so far. We worked on three workshops:
- The first concerned the OWASP (Open Worldwide Application Security Project) top 10 vulnerabilities. We used tools such as BurpSuite, Docker, OWASP ZAP and information sources such as cwe.mitre.org. We explain how to reproduce and correct them.
- The second project was to carry out a forensic analysis on an android device as part of a fictitious investigation, while following a rigorous procedure to avoid infecting the evidence. We used tools such as Magnet Forensics, TWRP, ADB and Autopsy. We also applied Data Carving and Reverse Steganography techniques.
- The last project was to recreate an enterprise ecosystem, carry out attacks and explain how to defend against them. I'll tell you all about it in the next section.
Introductory video to our investigation presentation
Between two study sessions, you can relax or let off steam by going to an ice hockey match. You can either go and watch the school team (Les Saguenéens) train in the UQAC Arena, or book a seat for a game with a typical atmosphere in one of the Chicoutimi arenas.
Comments