• Student home
• Things to know this week
• Student news
• Student events
• New students' welcome
• Studying at York
  • Semesters
  • Teaching hours
  • Enrolment
  • Manage your studies
    • Enrol or re-enrol
    • Your student record
    • Your timetable
    • Change your plan
    • Programmes and modules
      • Programme specifications
      • Studying beyond your department
      • Module catalogue
    • University study spaces
  • Student Visa holders
  • Study skills
  • Assessment and examination
  • Academic progress issues
  • Graduation
• Support and advice
• Health and wellbeing
• Work, volunteering and career planning
• Study and work abroad
• Accommodation
• IT and online services
• Finance
• Student life in York
• If things go wrong
• Student Centre

Rigour in Secure System Development & Assessment - COM00116M

« Back to module search

• Department: Computer Science
• Module co-ordinator: Dr. Rob Alexander
• Credit value: 10 credits
• Credit level: M
• Academic year of delivery: 2022-23
  • See module specification for other years: 2021-22

Related modules

Module will run

Occurrence	Teaching period
A	Spring Term 2022-23

Module aims

This module provides a unifying framework in which the taught content of the cyber-security programme can be brought to bear. It addresses the context for secure systems including security management and legal issues, together with rigorous approaches to assurance in such systems. It aims to equip the students with knowledge of the mechanics of how secure systems are evaluated, certified and reach deployment and provide hands on experience of processes used to evaluate security. It aims to identify crucial issues that are not yet well developed, e.g. determining return on investment.

Module learning outcomes

• Define an appropriate high-level security management approach for a security-sensitive  system in a defined regulatory environment.
• Apply a standard risk assessment approach to identify threats to a system and to identify and prioritise countermeasures.
• Evaluate different approaches to risk assessment and the tradeoffs between different established approaches to evaluation.
• Define a high-level software development approach that takes account of the security implications of a given software-intensive system.

Assessment

Task	Length	% of module mark
Essay/coursework Technical Report	N/A	100

Special assessment rules

None

Reassessment

Task	Length	% of module mark
Essay/coursework Technical Report	N/A	100

Module feedback

Students will receive oral feedback during the classroom week, and written feedback on their assessment submission.

Indicative reading

Taylor (ed), Information Security Management Principles, 2nd edition, 2013