Course staff: N. Asokan*, Andrew Paverd*,Thomas Nyman* (IRC handle: tajnyman), Samuel Marchal*, Hien Truong

The course staff can be reached by email at  (where indicated by *) or (where indicated by ).

The course has


As the evaluation in the course will be based entirely on continuous assessment, we need to limit the total number of students allowed to take the course for credit. Interest for the course has exceeded our expectations. For this reason we want to make sure that the participants taking the course for credit have the necessary background and are committed to completing the course. To this end, we ask all students signed up for the course to confirm their participation by sending an e-mail to the course staff explicitly confirming each of the four items below:

Participation must be confirmed in this manner by Tuesday, January 12 at the latest.

Students must register to the course as well here for Aalto University and here for University of Helsinki.

Tentative Schedule

The lectures are conducted on Tuesday mornings (10-12). We will attempt to stream lectures using a video conference channel from Otaniemi campus to Kumpula campus, however we cannot guarantee the availability or quality of this streaming. The lectures are held at:

If the video conferencing does not work satisfactorily, then lectures will take place only in T3 (Otaniemi).

Exercise sessions are conducted only at Aalto University. The exercise sessions are held on Thursday afternoons (12:15-14:00) in lecture hall TU6 in the TUAS building (Otaniementie 17). The TUAS building is adjacent to the CS building. Attending exercises sessions is compulsory. You are required to achieve 80% attendance in order to pass the course.



DateLectureExercisesProgramming assignmentsSurvey
Tue 5.1

Thu 7.1
No lectureNo exercise session- 

Tue 12.1

Thu 14.1

L1: Introduction to the course (slides, recording), and
L1: Overview of Platform Security (slides, recording)

Exercise 1, due Tue 19.1

General briefing on Thu 14.1

1st programming assignment, due 25.1

Survey topics published.
Sign up for survey topics
via this form before Thu 14.1

Tue 19.1
Thu 21.1

L2: Platform Security in Android OS (slides, recording)
Android Services (slides [updated 2.2])

Exercise 2 (helloworld.apk), due Tue 26.1
Exercise 1 solutions discussed on Thu 21.1
(example solutions published in MyCourses)

Initial survey topic assignments
Tue 26.1
Thu 28.1

L3: Mobile software platform security (slides, recording)

Preliminary course feedback (in MyCourses)

Exercise 3, due Tue 9.2 (2 weeks)

Exercise 2 solutions discussed on Thu 28.1

2nd programming assignment, due 8.2
1st assignment solutions discussed Thu 28.1

Survey topic assignments finalized
Tue 2.2
Thu 4.2

Guest lecture: SEAndroid policy exploration (slides, recording)
Jan-Erik Ekberg (Trustonic)

Preliminary course feedback results

No exercise session

Tue 9.2
Thu 11.2
L4: Mobile hardware platform security (slides, recording)

Exercise 4, due Tue 23.2 (2 weeks)
Exercise 3 solutions discussed on Thu 11.2

3rd programming assignment, due 22.2
2nd assignment solutions discussed Thu 11.2

Tue 16.2
Thu 18.2
No lecture

No exercise session


Tue 23.2
Thu 25.2

Optional Q&A session for Exercise 4

Optional exercise (SEAndroid), due Tue 1.3
Exercise 4 solutions discussed on Thu 25.2

4th programming assignment, due 14.3 (3 weeks)
3rd assignment solutions discussed Thu 25.2
Tue 1.3
Thu 3.3
Sun 6.3 

L5: Usability of platform security (slides, recording)

Exercise 5, due Tue 15.3 (2 weeks)
Optional exercise (SEAndroid) solutions discussed on Thu 3.3


Draft survey due Sun 6.3

(submit your draft)

Tue 8.3
Thu 10.3
No lecture

No exercise session

Tue 15.3
Thu 17.3

Lecture moved to Thursday 17.3 -> (slides, recording)

L6: Recent research and summary on Thu 17.3

Tue 22.3
Thu 24.3
Extra lecture: IoT Security (slides1, slides2, recording)

Exercise 5 solutions discussed on Thu 24.3

4th assignment solutions discussed Thu 24.3


Sun 10.4




Survey due Sun 10.4

(submit your survey)


Homework and evaluation

In addition, each student is required to complete one of the following (estimated time use: ca. 40 hours total):

Requirements for completing the course

To complete the course you must:


Please note that late submissions are grounds for 0 points; we recommend that you set your personal deadline a day or two earlier to have some buffer for disasters, particularly if you tend to leave work close to deadlines.

Supplementary book

There is a supplementary course book: Mobile Platform Security by Asokan, Davi, Dmitrienko, Heuser, Kostiainen, Reshetova and Sadeghi (2013). Aalto students will have free access to the book online (PDF). For UH students, Hien has a few copies to lend for short periods (ask Hien).