ITKST50 Secure Systems Design (5 cr)

Study level:
Advanced studies
Grading scale:
0-5
Language:
English
Responsible organisation:
Faculty of Information Technology
Curriculum periods:
2020-2021, 2021-2022, 2022-2023, 2023-2024

Description

Content

Core Security Concepts. Security Attacks. Implementing Information Security. Security Standards. Introduction to Systems Development Lifecycle. Common Development Methods. Secure System Lifecycle. Common Tools for Secure Systems Development.


Completion methods

Spring 2020: intensive course for week 11 (Mon 09.03.2020 - Sat 14.03.2020). In-class participation is mandatory.


Class activities, individual essay, group project and individual report.


Assessment details

Spring 2020: (pass/fail) based on active in-course participation


Class Activities 15%; Case Study 1: Individual Essay 20%; Case Study 2: Group Project 40%; Post-course Individual Report 25%

Learning outcomes

Spring 2020:

Capability in the design of systems that meet security goals is an increasingly important skill. This course explores how cost-effective solutions to security needs can be achieved by following well-established architectural practices and detailed security principles. Central to these considerations is meeting the requirements with established solutions, and striking a balance between security and other system requirements.


Students learn how to identify the security requirements relevant to a given context. Students become familiar with the most common security flaws, treats and vulnerabilities. Students learn about the secure development Best Practices and techniques. Students become familiar with available secure design tools. Students discover available resources for secure systems development.

Description of prerequisites

This course assumes that you have already completed your bachelor’s studies and you are currently doing your master’s or doctoral studies. This course also assumes, you’ve already studied basics about system development life-cycle and common development methods and practices. Basics of information security and common attacks, threats and vulnerabilities.

Study materials

Publicly available online materials such as OWASP, US-CERT.

Literature

  • Andress, Jason. The basics of information security: understanding the fundamentals of InfoSec in theory and practice. Syngress, 2014. ISBN: 9780128007440; Tipton, Harold F., and Kevin Henry, eds. Official (ISC) 2 guide to the CISSP CBK. Auerbach Publications, 2006. ISBN: 0849382319.; McGraw, Gary. Software security: building security in. Vol. 1. Addison-Wesley Professional, 2006. ISBN: 0321356705.

Completion methods

Method 1

Select all marked parts
Parts of the completion methods
x

Teaching (5 cr)

Type:
Participation in teaching
Grading scale:
Pass - fail
Language:
English

Teaching