Year one lays the foundations for you to develop a deeper understanding of cyber space. You will be studying topics such as software development, computer architecture, networks, operating systems and the fundamentals of cyber security. Discrete mathematics is introduced to support a range of other topics.
Year two deepens and broadens your experience by exploring software engineering, programming languages, human-computer interaction, secure systems, managing and securing information, all from a cyber security perspective.
The third year incorporates advanced topics in cyber security, incident management, digital forensics, low-level techniques such as identifying how potentially obfuscated code behaves, and the science associated with dealing with bulk data. You will also complete an individual project, where you will apply your skills and knowledge to an area of your choice under the supervision of our academics.
All modules are subject to annual curriculum review and enhancement so may vary slightly from what is described here and currently visible on the module catalogue.
Modules
Year 1 lays the foundations of computer science with a focus in cyber security for students to develop a deeper understanding of cyber space. The following core modules are included in your first year of study:
Programming for Cyber Security
Fluency in the process of software development is a prerequisite to the study of much of the remainder of this programme. This module brings together the fundamental concepts and skills related to the software development process. It will provide you with a foundation for other software-oriented aspects of the programme, such as: programming languages for cyber security, data science for algorithms and complexity in the cyber context, and the cyber context of software engineering.
Computer Architecture and Operating Systems
Computer architecture and operating systems are crucial for providing a deep understanding of how computers function at a fundamental level. This knowledge is essential for effectively designing, developing, and troubleshooting software applications. It helps in optimising performance, identifying bottlenecks, and ensuring efficient resource utilisation. Studying computer architecture and operating systems from a cyber security perspective helps gain insights into the vulnerabilities that arise from design choices, implementation flaws, or misconfigurations. It also allows the development of effective security measures and countermeasures to protect computer systems from attacks.
Discrete Mathematics
Discrete mathematics forms the mathematical foundation of computer science and cyber security. It forms the basis of how computers work, allows us to prove system correctness and security, and underlies modern cryptography. On this module, you will be introduced to the discrete structures used by computers, as well as how to use them to solve problems in cyber security.
Algorithms and Data Structures
Algorithms are the fundamental building blocks of computer science – but how can we prove that an algorithm does what we want it to? How can we improve the efficiency of existing algorithms? This module will provide you with a comprehensive understanding of the fundamental principles and techniques in algorithm design and optimisation. You will explore a wide range of topics, including sorting, searching and pathfinding algorithms, while evaluating their correctness and efficiency.
Computer Networks
The Internet and computer networks have become pervasive, playing an increasingly vital role in our interconnected world. The smooth operation of computer networks is crucial for a wide range of computing activities. Currently, networks, whether wired or wireless, are an integral component of the present and future computing landscape. Computer networks form the foundation of modern information technology systems. They enable the seamless communication and transfer of data between devices and systems. As technology continues to advance, our reliance on networks is likely to increase. The future promises even greater integration of networks into various aspects of our lives. Emerging technologies like the Internet of Things (IoT), smart cities, autonomous vehicles, and augmented reality are all heavily reliant on the underlying network infrastructure. This module develops a theoretical understanding of core networks and communications concepts, instantiation of these concepts in the dominant suite of protocols comprising Ethernet, Internet Protocol (IP), Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), the practical realisation of devices to operate these protocols (switches, routers and firewalls in particular) and the cyber consequences of the organisation and configuration of these devices.
Cyber Security Fundamentals
Understanding the steps and common attack patterns associated with cyber is essential to detecting, identifying, mitigating and responding to cyber-attacks.
Working on this module you will develop knowledge of these core concepts. You will also gain insight into how adversaries move from initially probing and performing reconnaissance of targets, to implementing a way to persist and maintain access to a device/network once compromised.
Security Testing I
Increasing the robustness and resiliency of systems against threats and attacks is a key cyber security goal. Although, cyber security practitioners should be involved in system design early enough to design cyber-resiliency into the system, quite often, they are presented with legacy systems designed with little consideration to cyber security. Notwithstanding, even well-designed systems are prone to cyber-attacks from both organised and ill-organised perpetrators.
Penetration testers (red teams) must possess a good understanding of network protocols and design. This enables practitioners to gain a basic understanding of the root causes of network vulnerabilities and the associated remedial measures that can be taken, particularly where the root cause relates to network misconfiguration issues (both hardware and protocol related).
Digital Forensic Fundamentals
At its core, this module is concerned with doing science well. It is about drawing the correct inference from the digital data which pervades modern society. There are a number of challenges with drawing inference from modern digital data: it is fragile, its quantity may be overwhelming, it may be transient or volatile, it may not be legally accessible, it may not be technically accessible, its structure may be unclear. And it is not merely that drawing inference from the data is complicated; attributing inference back to an individual or organisation is especially vexed.
Year 2 deepens and broadens students’ experience. The following core modules are included:
Secure Software Development
Software engineering is concerned with the application of theory, knowledge, and practice to effectively and efficiently build reliable and secure software systems that satisfy the requirements of customers and users. This discipline is applicable to small, medium, and large-scale systems. It encompasses all phases of the lifecycle of a software system, including requirements elicitation, analysis and specification; design; construction; verification and validation; deployment; and operation and maintenance. Whether small or large, following a traditional plan-driven development process, an agile approach, or some other method, software engineering is concerned with the best way to build good software systems. This module will look at software engineering in the context of cyber security, applying frameworks such as Trustworthy Software Framework, Secure Software Development Life Cycle, etc. when developing software systems.
Behavioural Cyber Security
Human-computer interaction (HCI) is concerned with designing interactions between human activities and the computational systems that support them, and with constructing interfaces to afford those interactions. Interaction between users and computational artefacts occurs at an interface that includes both software and hardware. Human behaviour should influence interface design and implementation of core functionality. For end-users, the interface is the system, meaning design in this domain must be interaction-focused and human-centred. It is therefore imperative that during the design phase of this human-computer interface cyber security component of human behaviour is addressed. One of the most significant challenges in the cyber domain is the transfer of meaning between the fully human agent, and the fully digital sub-system. Failure to correctly align human behaviour with computing sub-system behaviour has contributed to numerous, historic cyber security problems.
In addition, psychological traits and individual differences among computer system users can further explain vulnerabilities to cyber security attacks and crimes, as cognitive biases can make individuals more susceptible to exploitation by cyber criminals. Cyber security procedures and policies are prevalent countermeasures for protecting organisations from cybercrimes and security incidents, however, without considering human behaviours, implementing these countermeasures will remain to no effect or even become counterproductive.
Consequently, this module places the person at the centre of the cyber domain by addressing issues of usability and human factors. As such, the focus is on trade-offs between usability and security on the one hand, and human psychology and human error on the other hand. Human vulnerabilities will be addressed in detail to build greater cyber resilience, and narrative around security awareness/training programmes and security culture will also be introduced for understanding broader, non-technical influences on security through minimising human related risks.
Cryptosystems
Secure systems aim to create a trusted environment that protects sensitive data, maintains system functionality, and mitigates risks associated with unauthorised access, data breaches, and other security threats. The goal of a secure system is twofold: to ensure the protection and integrity of information and resources by enabling authorised and desired actions while preventing unauthorised access, malicious activities, and undesirable incidents. However, achieving this goal poses significant challenges. These challenges include defining which events are acceptable and which are not, predicting future possibilities, and determining the system's boundaries. Notwithstanding these challenges, there exist established approaches to constructing secure systems that provide robust protection and maintain system functionality while minimising the occurrence of unwanted incidents. Cryptography plays a crucial role in achieving these goals. It is an essential tool that allows us to protect information and ensure confidentiality, integrity, and authentication. It provides mechanisms to protect sensitive information, verify the identity of users and devices, and enable secure communication over unsecured networks. Cryptographic techniques, such as symmetric-key and public-key cryptography, are used in various contexts including secure messaging, online transaction protection, and virtual private networks (VPNs). This module introduces concepts of cryptography and explores how they are practically applied to ensure strong security measures in secure systems.
Secure Networks
In today's digitally connected world, where vast amounts of information are exchanged over networks, ensuring the security and protection of data has become paramount. Network security plays a crucial role in safeguarding the integrity, confidentiality, and availability of information transmitted across computer networks. It encompasses a set of measures, technologies, and best practices designed to prevent unauthorised access, mitigate threats, and maintain the overall security posture of networked systems. As organisations rely heavily on networks to carry out their operations, any compromise in network security can have severe consequences. Breaches in network security can lead to data theft, financial loss, reputational damage, and legal liabilities. Consequently, businesses and individuals alike must prioritise the implementation of robust network security measures to protect sensitive information, maintain customer trust, and ensure business continuity. The module covers basic concepts of cyber security, such as confidentiality, integrity, availability, authentication, and authorisation. These concepts will be explored within the context of several generic asset configurations, enabling students to understand the potential threats that may arise and various security measures that will be used to defend against these threats.
Databases and Information Management
Databases are the backbone of modern information systems, serving as repositories for vast amounts of data. They provide structured organisation and efficient retrieval, making them essential in various industries, from business and healthcare to technology and research. Understanding databases is crucial for effective data management and decision-making. In this module, students will be introduced to the essential concepts of databases, data modelling, and optimisation. This knowledge will empower students to craft efficient databases for superior information management. As our digital world becomes increasingly data-driven, protecting this data from cyber threats is of paramount importance. Therefore, students will give particular attention to database security and cyber security, equipping them with the expertise needed to safeguard valuable data and defend against potential threats. From understanding Database Management Systems (DBMS) and data modelling to mastering Structured Query Language (SQL) and optimising queries, students will gain indispensable skills for designing and maintaining robust databases.
Information Security and Risk Management
All organisations have information that they value and that value needs protecting. Within an organisation, some individuals carry formal responsibility for protecting the value of information. Ensuring that the responsible persons within an organisation have appropriate confidence in the security measures, which are protecting the organisation's valuable information, is the realm of information security management.
Why the organisation might value the information will vary from organisation to organisation and from information point to information point. The properties of the information that give it value similarly will vary by organisation and by information point. Some information will be special secret knowledge that gives the organisation competitive advantage; if that information leaks to a competitor, then its value is reduced. Some information may control the organisation's processes; if this controlling information is changed, then its value may be reduced since it causes the organisation to behave less effectively. Some information may relate to external perception of the organisation's ability to function; if external parties perceive this publicity information is not under the control of the organisation, then future opportunities for the organisation may be degraded through loss of trust.
Determining the relationship between the properties of information that give it value, the vulnerability of those properties to degradation, threats that might take advantage of the vulnerability to degradation, and the resultant impact to the organisation when bad things happen, is the realm of information risk management. Things can be done to reduce the vulnerability, the threat, or the severity of the impact. These things enhance information security.
Security Testing II
Penetration testers (red teams) require deep understanding of the underlying technologies, such as network protocols, operating systems, and applications, as well as a range of transferable skills such as project management, team working, report writing and communication. This module covers the latest techniques of ethical hacking and provides practical experience in selecting and applying suitable tools and techniques.
The module is also designed to ensure that students are able to define the scope of testing under certain requirements and develop a relevant project plan, and carry out a security assessment by applying appropriate testing methodologies and tools. Further emphasis is given to understanding of the requirements, preparation and reporting of testing results, impact, risk and countermeasures.
Research and Professional Skills
This module is designed to familiarise you with researching cross-cutting issues in cyber security contexts, introduce you to a range of data collection methods and analytical options relevant to this, and help you develop relevant skills in data collection and analysis. You will also be introduced to ethical issues in cyber security research, as well as provided with guidance on how to design, plan and manage your dissertation effectively. Lastly, the module will present you with careers-oriented tasks, giving you the opportunity to consider your professional skills and career aspirations.
Year 3 exposes students to advanced topics in cyber security. You'll also complete an individual project, where you will apply your skills and knowledge to an area of your choice under the supervision of our academics. The following core modules are included:
Malware Analysis and Exploit Development
Modern programming approaches use high level constructs which abstract away the system's architecture. These high levels of abstraction use code generation programs such as compilers and assemblers to take the human author's input, and produce code that will execute as output. The modern programmer rarely needs to consider the underlying architecture of the machine that will execute the code.
There are situations where, rather than creating an executable from source, you need to go in the opposite direction; you need to infer what the source code might look like by analysing the executable. Perhaps you have some potential malware; perhaps you have to analyse and exploit a vulnerability which an executable might have. Either way, you want to know what the program will do, were it to run on your system. In order to reverse engineer an executable, you need to understand the typical idioms that an operating system, architecture and code generation programs will adopt to convert high level constructs into low level executables.
In addition, if the executable is malware, then it is likely the authors will have used some obfuscation in order to make the analysis more difficult. Under these circumstances you need to understand the typical idioms of obfuscation.
AI and Cyber Security
AI-based solutions are having a significant impact in a number of areas, including cyber security. This module aims to enhance your knowledge of the development and application of the most common Machine Learning (ML) models, and in particular a critical understanding of the applicability of each ML algorithms in the solution of a particular problem (class of problems). It will cover the best practice and main steps of developing AI-based solutions, including data collection/engineering and pre-processing, model design, training and evaluation, and deployment.
Cyber Security Operations
This module seeks to introduce you to the state-of-the-art in effective and proactive cyberattack deterrents, including tools and techniques that can have long-term benefits in organisational policies while maintaining the resilience of our agile and delicate cyber infrastructures.
Cyber Security and Incident Response
This module comprises two related but distinct themes: cyber incident response and digital forensics. The focus of the module is on investigations that respond to incidents in corporate environments, while it sets the scene on examining potential evidence based on the principles that have been established by the digital forensics community.
The cyber incident response theme concentrates on enabling an organisation to support its critical services in the face of a cyber incident. The incident response lifecycle is covered from preparation, through monitoring, detection, containment, eradication, restoration and post incident review.
The digital forensics part of the module concentrates on preserving and forensically analysing potential evidence as part of the incident response process. It sets the requirements for digital forensics within the incident response process and explores the techniques that should be followed by a digital forensics investigator.
Cyber Security Project
A project for BSc Cyber Security must focus on the cyber security domain. With support from a supervisor, you will undertake the full life cycle of a research or development project in the cyber security domain.
In the final year, you will be able to select two optional modules. Below are examples of existing modules but be aware that not all modules may be offered each year or may be replaced to reflect latest practice in Cyber Security.
Advanced Forensics and Investigations
Digital forensics unfold the digital trail of evidence and try topresent potential explanations of how a related incident occurred. Digital forensics can involve criminal or civil investigations, corporate or intrusion investigations and even intelligence gathering. The investigations can involve all different sorts of digital devices, such as computers, networks, mobile devices, memory, and multimedia.
This module advances on previously gained skills in digital forensics and explores different themes.
One part of the module places a strong emphasis on engagement with applied research advances on contemporary topics in the field and current professional practises.The other part of the modulestrongly focuses on the technical analysis and techniques involved when investigating different devices and technologies.
Privacy and Online Rights
Privacy is a fundamental human right frequently exploited in the digital domain through surveillance and data mining. Privacy Enhancing Technologies (PETs) are therefore essential for minimising data use, maximising security, and restoring individual control over personal information. Without such control, identity manipulation threatens both personal autonomy and democratic processes.
This module introduces the concepts and technologies required to engineer systems that inherently protect user privacy. You will explore three core paradigms—privacy as confidentiality, control, and transparency—alongside the specific technologies that underpin them. Students will develop the ability to identify privacy challenges and select adequate technical solutions to mitigate risks.
Furthermore, the course examines the business tensions between reactive regulatory compliance and proactive privacy innovation. We will cover persuasive system design to improve the usability of privacy interactions and analyse the broader relationship between privacy and cyber security. This includes debating how privacy tools can act as a double-edged sword, serving as instruments for both democratic freedom and potential anti-social behaviour. By the end of this module, you will be equipped to navigate the complex technical, ethical, and societal landscape of digital privacy engineering.
Disclaimer
Solutions to selectively revoke the protection provided by privacy technologies (i.e. adding backdoors or escrow possibilities to ease law enforcement) will not be covered as being strongly discouraged by the privacy researchers and practitioners alike. Moreover, many of the privacy technologies introduced in this module rely on the cryptographic concepts, which however will not be taught in this module. Familiarity with these basic concepts and cryptographic definitions and common primitives is therefore beneficial but not necessary to grasp the material since the focus is on more high-level perspectives as opposed to technical analysis.
Cloud and Virtualisation Security
This module considers the cyber security consequences of virtualised systems and the opportunities that they offer. Focusing on software containerisation systems such as Docker, and comparing their properties with other virtualisation tools and techniques, the module looks at the trust relationships and the available security controls between the underlying operating system, the container, or other virtualised environment, and the software executing within the container.
On the module you will explore the consequences of the fact that all software executes in some context and in some sort of container. It may be as an app on a mobile device, it may be the operating system on a laptop, it may be a virtual device hosted on the cloud, or it could be an embedded system. It is the container and the context that determine what a program does and what resources it can access. Getting this regulation correct is a significant challenge, giving away just enough resource to get the job done but limiting the resource to prevent additional undesirable things being possible.
The module provides you with practical experience of containerisation systems together with the insights necessary to think clearly about them in the context of cyber security. The module will equip you with the understanding you need to be able to hold meaningful conversations with experts in the field and will allow you to more effectively contribute to informed decision-making about cyber security.
Cyber-Physical Systems
Much attention relating to cyber security is focused on the digital aspects of cyber systems; all data tends to be represented as pure, abstract, ones and zeros. In reality, all these abstract ones and zeros need a physical representation in order to have an effect. That physical representation might be as electromagnetic radiation, travelling through space as a radio wave, it might be as electric charge in an electronic device or it could take a range of other forms.
Control systems gather information from a range of physical sensors (flow rate sensors, temperature gauges, accelerometers etc); after processing, they generate outputs which in turn produce physical effects via actuators (switches, motors, displays etc).
Much attention relating to communication in the cyber domain is focused around the Internet. A range of other communication protocols and technologies are widely deployed in industrial control, vehicle and other systems.
Understanding the significant characteristics of the physical manifestations of digital information, understanding the interconnectedness of the cyber domain with the physical domain via sensors and actuators, and understanding non-Internet technologies and protocols reduces the risk of inadvertently leaving a cyber system in a vulnerable position.
The overall aim of this module is to enable the cyber security specialist to have a meaningful conversation with practising engineers concerning the security of cyber-physical systems.
Module availability
Please note that whilst the module catalogue shows the latest approved version of each module and what is currently being taught (academic year 2025), there may be minor updates to content or learning objectives year on year, to reflect the evolving state of knowledge and the requirements of teaching best practise. Any such amends will be updated following the department 'module approvals process' and reflected in the module catalogue before the start of the next academic year in 2027.
