Security Engineering - COM00155M
Module summary
This module teaches fundamental concepts methods, techniques and tools involved in the development of secure application systems, from security requirement analysis and specification to design of secure application systems, secure programming and security testing.
Related modules
Module will run
| Occurrence | Teaching period |
|---|---|
| A | Online Teaching Period 3 2023-24 |
Module aims
The module will provide methods, techniques and tools for the development of secure application systems, from the stage of security requirement analysis and specification to the stage of design of secure application systems, and then to the stage of secure programming and security testing.
Module learning outcomes
Be able to
1. Critically analyse the concept of security and security threats in the context of dependable systems,
2. Formulate different types of security requirements that may be required in a complex system,
3. Critically evaluate and apply security design and secure coding principles, technologies and tools
4. Communicate design decisions for security problems.
Module content
Topics:
-
Identity, Authentication and Authorisation
-
Security models
-
Origins of vulnerabilities - architectural and operating system concepts
-
Vulnerability reduction and avoidance techniques
-
Programming security mechanisms
-
Incident investigation readiness assessment
Indicative assessment
| Task | % of module mark |
|---|---|
| Essay/coursework | 100 |
Special assessment rules
None
Indicative reassessment
| Task | % of module mark |
|---|---|
| Essay/coursework | 100 |
Module feedback
Feedback will be provided in line with university policy.
Indicative reading
Freely available online texts will be introduced in the learning materials.
Elements of Pfleeger, Pfleeger,and Margulies - "Security in Computing",5th ed. Prentice-Hall 2015 may be useful.