Checking date: 28/04/2023


Course: 2024/2025

Systems security engineering
(12397)
Master in Cybersecurity (Plan: 325 - Estudio: 288)
EPI


Coordinating teacher: GONZALEZ-TABLAS FERRERES, ANA ISABEL

Department assigned to the subject: Computer Science and Engineering Department

Type: Electives
ECTS Credits: 3.0 ECTS

Course:
Semester:




Requirements (Subjects that are assumed to be known)
Not appropriate
Objectives
CB6: Master the knowledge required to propose original designs or developments, often in a research process within the area of cyber security. CB7: Ability to apply acquired knowledge to solve problems under novel or almost novel situations or within broader (multidisciplinar) contexts related with cyber security. CB8: Ability to state critical opinions and judgements having incomplete or limited information in the field of cyber security. These judgements must take into account include considerations about social and ethical responsibilities CB9: Discuss in a public audience about their acquired knowledge, and the conclusions from the work. Students will be able to give their foundational and most convincing reasons to a specialized and non specialized audience in a clear way, without ambiguities . CB10: Students should have the learning skills required to continue studying in a autonomous or self-directed way. CG2: Create, design, deploy and maintain a cyber defense global system in a given context CG3: Create and refine concise and comprehensively documents, plans and projects in the scope of cyber security. CG4: Know the relevant technique part of the legal regulation in cyber security and its implications in the design of systems and security tools. CE4: Analyze systems to find attack evidences and to adopt the required measures to maintain the custody chain of the found evidences. CE5: Apply the suited services, mechanisms and security protocols to a given case. CE6: Design and evaluate security architectures of systems and networks. CE7: Know and apply the cryptographic and steganographic mechanisms required to protect data stored in a system or data transiting a network. CE8: Analyze the risks of introducing personal devices in a corporate professional environment (Bring your own device). Know and apply the measures to control the risks. LEARNING OUTCOMES This course contributes to the following learning outcomes: Understand the principles of development of secure systems, including the development and acquisition of software components during all the lifecycle
Skills and learning outcomes
Description of contents: programme
1. Concepts of Secure Systems Engineering 2. Secure software requirements 3. Secure software design 4. Security of implementations 5. Testing and other issues
Learning activities and methodology
ACTIVITIES Lectures Laboratory practices Tutoring sessions Team work Individual work TEACHING METHODOLOGIES Class lectures in which the main concepts of the subject are developed and the literature is provided to supplement student learning. Resolution of laboratory practices and problems posed by the teacher individually or in group Elaboration and oral presentation of technical works by the students
Assessment System
  • % end-of-term-examination 55
  • % of continuous assessment (assigments, laboratory, practicals...) 45

Calendar of Continuous assessment


Basic Bibliography
  • Adam Shostack. Threat modeling: Designing for security.. John Wiley & Sons. 2014
  • Mano Paul. Official (ISC)2® Guide to the CSSLP® CBK®. Second edition.. CRC Press. 2014

The course syllabus may change due academic events or other reasons.