Introductory description
The module aims to provide students with a grounding in the specification, design, implementation and evaluation of secure systems.
Module aims
The module aims to provide students with a grounding in the specification, design, implementation and evaluation of secure systems. This includes coverage of formal, pattern-based and domain-specific approaches to development, as well as the human factors relevant to secure systems.
Outline syllabus
This is an indicative module outline only to give an indication of the sort of topics that may be covered. Actual sessions held may differ.
The emphasis of the module is on the specification, design, implementation and evaluation of secure systems. The outline below is illustrative of what will be covered, though the nature of computer security means that the specific topics covered will vary as developments dictate.
Secure Systems Development Context
- Core concepts - confidentiality, availability, authenticity, control, trust, etc.
- Core technologies - authentication, permissions and access control, privacy controls,
communication protocols, event monitoring, sandboxing, cryptographic hashes, etc. - Architectures - Distributed systems, centralised systems, etc.
Specification and Design
- Formal specification methods and secure systems
- Secure model-driven development
- Secure architecture and pattern-based design
- Methodologies and standards for secure systems development
Implementation and Testing - Secure programming techniques
- Security and design-patterns for systems implementation
- Obfuscation and de-obfuscation
- Reverse Engineering
- Fuzzing
Evaluation and Maintenance
- Validation methods and system hardening
- Human factors and organisational security
- Software and threat evolution
- Remote protection
- Penetration testing
Learning outcomes
By the end of the module, students should be able to:
- Understand core security concepts and technologies relating to the development of secure systems.
- Understand the significance of context in the development of secure systems.
- Understand how software development methodologies can be augmented to account for the development of secure systems, including coverage of pattern and model-driven development approaches.
- Understand and have experience applying defensive programming approaches in the development and analysis of secure systems.
- Understand and have experience the principles of state-of-the-art approaches for the testing of secure testing, including penetration testing and fuzzing.
- Appreciate the long-term challenges surrounding and approaches for managing secure systems in an organisational context.
Indicative reading list
Please see Talis Aspire link for most up to date list.
View reading list on Talis Aspire
Subject specific skills
See syllabus
Transferable skills
Technical skills;
Communication skills;
Critical thinking;
Multitasking;
Study time
| Type |
Required |
| Lectures |
20 sessions of 1 hour (13%)
|
| Supervised practical classes |
20 sessions of 1 hour (13%)
|
| Private study |
110 hours (73%)
|
| Total |
150 hours |
Private study description
Background reading of recommended texts.
Work on unsupervised practical assignment
Exam revision
Costs
No further costs have been identified for this module.
You do not need to pass all assessment components to pass the module.
Students can register for this module without taking any assessment.
Assessment group D3
|
Weighting |
Study time |
Eligible for self-certification |
|
Unsupervised practical assignment
|
30%
|
|
No
|
|
Unsupervised practical assignment. This assignment is worth more than 3 CATS and is not, therefore, eligible for self-certification.
|
|
|
In-person Examination
|
70%
|
|
No
|
|
CS263 Exam
- Answerbook Pink (12 page)
|
Assessment group R2
|
Weighting |
Study time |
Eligible for self-certification |
|
In-person Examination - Resit
|
100%
|
|
No
|
|
CS263 resit exam
- Answerbook Pink (12 page)
|
Feedback on assessment
Written Feedback given via Tabula
Past exam papers for CS263
Pre-requisites
This module is only available to students in the second year of their degree and is not available as an unusual option to students in other years of study.
Courses
This module is Optional for:
-
Year 2 of
UCSA-I1N1 Undergraduate Computer Science with Business Studies
-
Year 3 of
UCSA-G4G1 Undergraduate Discrete Mathematics
-
Year 3 of
UCSA-G4G3 Undergraduate Discrete Mathematics
-
Year 4 of
UCSA-G4G4 Undergraduate Discrete Mathematics (with Intercalated Year)
-
Year 4 of
UCSA-G4G2 Undergraduate Discrete Mathematics with Intercalated Year
This module is Option list A for:
-
Year 2 of
UCSA-G500 Undergraduate Computer Science
-
UCSA-G503 Undergraduate Computer Science MEng
-
Year 2 of
G500 Computer Science
-
Year 2 of
G503 Computer Science MEng
This module is Option list B for:
-
Year 4 of
UCSA-G504 MEng Computer Science (with intercalated year)
-
Year 3 of
UCSA-G500 Undergraduate Computer Science
-
Year 4 of
UCSA-G502 Undergraduate Computer Science (with Intercalated Year)
-
UCSA-G503 Undergraduate Computer Science MEng
-
Year 3 of
G500 Computer Science
-
Year 3 of
G503 Computer Science MEng
-
Year 2 of
UCSA-G4G1 Undergraduate Discrete Mathematics
-
Year 2 of
UCSA-G4G3 Undergraduate Discrete Mathematics