Study information

Building Secure and Trustworthy Systems - 2025 entry

MODULE TITLEBuilding Secure and Trustworthy Systems CREDIT VALUE15
MODULE CODEECMM463 MODULE CONVENERProf Achim D. Brucker (Coordinator)
DURATION: TERM 1 2 3
DURATION: WEEKS 11
Number of Students Taking Module (anticipated)
DESCRIPTION - summary of the module content
Building secure and trustworthy systems, i.e. systems that are hard to attack and protect the privacy of their users, are extremely hard to build. In this module, you will learn the foundations of building secure (software) systems ‘right from the beginning’. You will learn how to assess the threats of a system that need to be mitigated while building it, the risk assessment of vulnerabilities, as well as various approaches (e.g., defensive programming) and techniques for building secure systems. The module focuses on defensive security techniques that might be used by “blue teams.”
 

 

AIMS - intentions of the module
This module aims to give you a broad understanding of techniques for assessing the risks a modern IT system is exposed to. Driven by these risks, we will discuss several defensive security techniques for building security and trustworthy (software) systems. In more detail, the aims of the module are to enable you to assess the security of software architectures understand the principles of secure software architectures understand software vulnerabilities, their causes, and impact to develop secure software using defensive programming techniques to understand the principles of security testing and verification techniques.

 

INTENDED LEARNING OUTCOMES (ILOs) (see assessment section below for how ILOs will be assessed)

On successful completion of this module you should be able to:

Module Specific Skills and Knowledge:

  1. Develop secure and trustworthy systems

  2. Select the appropriate security controls for a given system

Discipline Specific Skills and Knowledge:

  1. Understand the importance of building systems that are “secure by design”

  2. Understand the concept of defensive security

Personal and Key Transferable/ Employment Skills and Knowledge:

  1. Being able to balance potentially contradicting goals such as security and costs

  2. Assess and manage the (security) risk of a specific system

SYLLABUS PLAN - summary of the structure and academic content of the module
The module will cover:
  • Security Development Life Cycle (SDLC)
  • Threat modelling
  • Software vulnerabilities
  • Defensive programming
  • Security testing
  • Verification and Certification of high assurance systems

 

LEARNING AND TEACHING
LEARNING ACTIVITIES AND TEACHING METHODS (given in hours of study time)
Scheduled Learning & Teaching Activities 33 Guided Independent Study 117 Placement / Study Abroad
DETAILS OF LEARNING ACTIVITIES AND TEACHING METHODS

Category 

Hours of study time

Description

Scheduled Learning and Teaching activities

22

Lectures 

Scheduled Learning and Teaching activities

11

Tutorials or Practical Work 

Guided Independent Study 

117

Background Reading and Self-Study 

 

ASSESSMENT
FORMATIVE ASSESSMENT - for feedback and development purposes; does not count towards module grade

Form of Assessment

Size of Assessment (e.g. duration/length)

ILOs Assessed

Feedback Method

Tutorials and Practical Work 

11 hours 

1-6

Oral

 

SUMMATIVE ASSESSMENT (% of credit)
Coursework 30 Written Exams 70 Practical Exams
DETAILS OF SUMMATIVE ASSESSMENT

Form of Assessment

% of Credit

Size of Assessment (e.g. duration/length)

ILOs Assessed

Feedback Method

Written exam 

70

2 hours

1-6

Oral on request 

Coursework (Project)

30

50 hours 

1-6

Written 

 

DETAILS OF RE-ASSESSMENT (where required by referral or deferral)

Original Form of Assessment

Form of Re-assessment

ILOs Re-assessed

Time Scale for Re-assessment

Written exam

Written exam (2 hours, 70%) 

1-6

Referral/deferral period

Coursework (project)

Coursework (project) (60 hours, 30%)

1-6

Referral/deferral period

 

RE-ASSESSMENT NOTES

Reassessment will be by coursework and/or written exam in the failed or deferred element only. For referred candidates, the module mark will be capped at 50%. For deferred candidates, the module mark will be uncapped.

 

RESOURCES
INDICATIVE LEARNING RESOURCES - The following list is offered as an indication of the type & level of
information that you are expected to consult. Further guidance will be provided by the Module Convener

Reading list for this module:

There are currently no reading list entries found for this module.

CREDIT VALUE 15 ECTS VALUE 7.5
PRE-REQUISITE MODULES ECMM462
CO-REQUISITE MODULES
NQF LEVEL (FHEQ) 7 AVAILABLE AS DISTANCE LEARNING No
ORIGIN DATE Tuesday 6th October 2020 LAST REVISION DATE Tuesday 6th May 2025
KEY WORDS SEARCH Software security, Threat modelling, Security by design, SDLC, Defensive security

Please note that all modules are subject to change, please get in touch if you have any questions about this module.