THIS MODULE WILL NOT BE RUNNING IN 2021/22
CS263-15 Cyber Security
The module aims to provide students with a grounding in the specification, design, implementation and evaluation of secure systems.
The module aims to provide students with a grounding in the specification, design, implementation and evaluation of secure systems. This includes coverage of formal, pattern-based and domain-specific approaches to development, as well as the human factors relevant to secure systems.
This is an indicative module outline only to give an indication of the sort of topics that may be covered. Actual sessions held may differ.
The emphasis of the module is on the specification, design, implementation and evaluation of secure systems. The outline below is illustrative of what will be covered, though the nature of computer security means that the specific topics covered will vary as developments dictate.
Secure Systems Development Context
- Core concepts - confidentiality, availability, authenticity, control, trust, etc.
- Core technologies - authentication, permissions and access control, privacy controls,
communication protocols, event monitoring, sandboxing, cryptographic hashes, etc.
- Architectures - Distributed systems, centralised systems, etc.
Specification and Design
- Formal specification methods and secure systems
- Secure model-driven development
- Secure architecture and pattern-based design
- Methodologies and standards for secure systems development
Implementation and Testing
- Secure programming techniques
- Security and design-patterns for systems implementation
- Obfuscation and de-obfuscation
- Reverse Engineering
Evaluation and Maintenance
- Validation methods and system hardening
- Human factors and organisational security
- Software and threat evolution
- Remote protection
- Penetration testing
By the end of the module, students should be able to:
- Understand core security concepts and technologies relating to the development of secure systems.
- Understand the significance of context in the development of secure systems.
- Understand how software development methodologies can be augmented to account for the development of secure systems, including coverage of pattern and model-driven development approaches.
- Understand and have experience applying defensive programming approaches in the development and analysis of secure systems.
- Understand and have experience the principles of state-of-the-art approaches for the testing of secure testing, including penetration testing and fuzzing.
- Appreciate the long-term challenges surrounding and approaches for managing secure systems in an organisational context.
Indicative reading list
Please see Talis Aspire link for most up to date list.
Subject specific skills
|Lectures||20 sessions of 1 hour (13%)|
|Supervised practical classes||20 sessions of 1 hour (13%)|
|Private study||110 hours (73%)|
Private study description
Background reading of recommended texts.
Work on unsupervised practical assignment
No further costs have been identified for this module.
You do not need to pass all assessment components to pass the module.
Students can register for this module without taking any assessment.
Assessment group D1
|Unsupervised practical assignment||30%|
~Platforms - AEP
Assessment group R
~Platforms - AEP
Feedback on assessment
Written Feedback given via Tabula
This module is only available to students in the second year of their degree and is not available as an unusual option to students in other years of study.
This module is Optional for:
- Year 2 of UCSA-I1N1 Undergraduate Computer Science with Business Studies
- Year 2 of UCSA-G406 Undergraduate Computer Systems Engineering
- Year 2 of UCSA-G408 Undergraduate Computer Systems Engineering
This module is Option list A for:
- Year 2 of UCSA-G500 Undergraduate Computer Science
- Year 2 of UCSA-G503 Undergraduate Computer Science MEng
This module is Option list B for:
- Year 2 of UCSA-G4G1 Undergraduate Discrete Mathematics
- Year 2 of UCSA-G4G3 Undergraduate Discrete Mathematics