Skip to main content

Study information

Building Secure and Trustworthy Systems - 2024 entry

MODULE TITLEBuilding Secure and Trustworthy Systems CREDIT VALUE15
MODULE CODEECMM463 MODULE CONVENERProf Achim D. Brucker (Coordinator)
DURATION: TERM 1 2 3
DURATION: WEEKS 11
Number of Students Taking Module (anticipated)
DESCRIPTION - summary of the module content
Building secure and trustworthy systems, i.e. systems that are hard to attack and protect the privacy of their users, are extremely hard to build. In this module, you will learn the foundations of building secure (software) systems ‘right from the beginning’. You will learn how to assess the threats of a system that need to be mitigated while building it, the risk assessment of vulnerabilities, as well as various approaches (e.g., defensive programming) and techniques for building secure systems. The module focuses on defensive security techniques that might be used by “blue teams.”
 
Pre-requisites: none
 
Co-requisites: ECM462 (Fundamentals of Security)
 

 

AIMS - intentions of the module
This module aims to give you a broad understanding of techniques for assessing the risks a modern IT system is exposed to. Driven by these risks, we will discuss several defensive security techniques for building security and trustworthy (software) systems.
 
In more detail, the aims of the module are to enable you to
  • assess the security of software architectures
  • understand the principles of secure software architectures understand software vulnerabilities, their causes, and impact
  • to develop secure software using defensive programming techniques to understand the principles of security testing and verification technique

 

INTENDED LEARNING OUTCOMES (ILOs) (see assessment section below for how ILOs will be assessed)

On successful completion of this module you should be able to:

Module Specific Skills and Knowledge

1. Develop secure and trustworthy systems 
2. Select the appropriate security controls for a given system 

Discipline Specific Skills and Knowledge

3. Understand the importance of building systems that are “secure by design” 
4. Understand the concept of defensive security 

Personal and Key Transferable / Employment Skills and Knowledge

5. Being able to balance potentially contradicting goals such as security and costs 
6. Assess and manage the (security) risk of a specific system 
 

 

SYLLABUS PLAN - summary of the structure and academic content of the module
The module will cover:
  • Security Development Life Cycle (SDLC)
  • Threat modelling
  • Software vulnerabilities
  • Defensive programming
  • Security testing
  • Verification and Certification of high assurance systems
 

 

LEARNING AND TEACHING
LEARNING ACTIVITIES AND TEACHING METHODS (given in hours of study time)
Scheduled Learning & Teaching Activities 33 Guided Independent Study 117 Placement / Study Abroad
DETAILS OF LEARNING ACTIVITIES AND TEACHING METHODS
Category Hours of study time Description
Scheduled Learning & Teaching 22 Lectures 
Scheduled Learning & Teaching 11 Tutorials or Practical Work 
Guided Independent Study  117 Background Reading and Self-Study 
 

 

ASSESSMENT
FORMATIVE ASSESSMENT - for feedback and development purposes; does not count towards module grade
Form of Assessment Size of Assessment (e.g. duration/length) ILOs Assessed Feedback Method
Tutorials and Practical Work  11 hours  All  Oral 
       
       
       
       
 

 

SUMMATIVE ASSESSMENT (% of credit)
Coursework 40 Written Exams 60 Practical Exams
DETAILS OF SUMMATIVE ASSESSMENT
Form of Assessment % of Credit Size of Assessment (e.g. duration/length) ILOs Assessed Feedback Method
Written exam  60 2 hours (Summer) all Oral on request 
Coursework (Project) 40 50 hours  all Written 
         
         
         
 

 

DETAILS OF RE-ASSESSMENT (where required by referral or deferral)
Original Form of Assessment Form of Re-assessment ILOs Re-assessed Time Scale for Re-assessment
Written Exam Written exam (2 hours)  All August Ref/Def Period 
Coursework (project) Coursework (project) All August Ref/Def Period
 

 

RE-ASSESSMENT NOTES

Reassessment will be by coursework and/or written exam in the failed or deferred element only. For referred candidates, the module mark will be capped at 50%. For deferred candidates, the module mark will be uncapped.

 

RESOURCES
INDICATIVE LEARNING RESOURCES - The following list is offered as an indication of the type & level of
information that you are expected to consult. Further guidance will be provided by the Module Convener

https://vle.exeter.ac.uk/

Reading list for this module:

There are currently no reading list entries found for this module.

CREDIT VALUE 15 ECTS VALUE 7.5
PRE-REQUISITE MODULES None
CO-REQUISITE MODULES None
NQF LEVEL (FHEQ) 7 AVAILABLE AS DISTANCE LEARNING No
ORIGIN DATE Tuesday 6th October 2020 LAST REVISION DATE Wednesday 20th December 2023
KEY WORDS SEARCH Software security, Threat modelling, Security by design, SDLC, Defensive security

Please note that all modules are subject to change, please get in touch if you have any questions about this module.