Accessibility statement

Rigour in Secure System Development & Assessment - COM00116M

« Back to module search

  • Department: Computer Science
  • Module co-ordinator: Dr. Rob Alexander
  • Credit value: 10 credits
  • Credit level: M
  • Academic year of delivery: 2022-23

Related modules

Co-requisite modules

  • None

Prohibited combinations

  • None

Module will run

Occurrence Teaching cycle
A Spring Term 2022-23

Module aims

This module provides a unifying framework in which the taught content of the cyber-security programme can be brought to bear. It addresses the context for secure systems including security management and legal issues, together with rigorous approaches to assurance in such systems. It aims to equip the students with knowledge of the mechanics of how secure systems are evaluated, certified and reach deployment and provide hands on experience of processes used to evaluate security. It aims to identify crucial issues that are not yet well developed, e.g. determining return on investment.

Module learning outcomes

  • Define an appropriate high-level security management approach for a security-sensitive  system in a defined regulatory environment.
  • Apply a standard risk assessment approach to identify threats to a system and to identify and prioritise countermeasures.
  • Evaluate different approaches to risk assessment and the tradeoffs between different established approaches to evaluation.
  • Define a high-level software development approach that takes account of the security implications of a given software-intensive system.


Task Length % of module mark
Technical Report
N/A 100

Special assessment rules



Task Length % of module mark
Technical Report
N/A 100

Module feedback

Students will receive oral feedback during the classroom week, and written feedback on their assessment submission.

Indicative reading

Taylor (ed), Information Security Management Principles, 2nd edition, 2013

The information on this page is indicative of the module that is currently on offer. The University is constantly exploring ways to enhance and improve its degree programmes and therefore reserves the right to make variations to the content and method of delivery of modules, and to discontinue modules, if such action is reasonably considered to be necessary by the University. Where appropriate, the University will notify and consult with affected students in advance about any changes that are required in line with the University's policy on the Approval of Modifications to Existing Taught Programmes of Study.