Durham University
Programme and Module Handbook

Undergraduate Programme and Module Handbook 2022-2023 (archived)

Module COMP3657: Security Engineering

Department: Computer Science

COMP3657: Security Engineering

Type Open Level 3 Credits 10 Availability Available in 2022/23 Module Cap None. Location Durham

Prerequisites

  • COMP2211 Networks and Systems

Corequisites

  • None

Excluded Combination of Modules

  • None

Aims

  • To understand security protocol design and analysis, security architectures, cryptographic protocols and security considerations in various environments such as software, web and hardware infrastructures.

Content

  • Secure systems and architecture: principles of architecting a secure system.
  • System evaluation and assurance: threat models and ways to distinguish various attacks.
  • Cryptographic protocols: the role of cryptographic primitives in secure systems.
  • Security protocols: mechanisms that enforce policy using cryptography and structured human interaction together with verification and validation processes.
  • Secure communications: principles of secure networks together with mechanisms to maintain secrecy, integrity and authenticity in connected systems.
  • Software-based security: principles of secure coding, the origin of vulnerabilities, reverse-engineering and code obfuscation.
  • Hardware-based security: mechanisms to protect physical components in different platforms such as mobile, PC or IoT.

Learning Outcomes

Subject-specific Knowledge:
  • An understanding of cryptographic primitives.
  • A basic understanding of various communication platforms (such as network, IoT, web, etc.).
  • An understanding of operating system principles.
  • An understanding of programming languages and compiler design.
Subject-specific Skills:
  • An ability to critically analyse security measurements and architectures.
  • An ability to recognise comprehensive threat models and design security architectures accordingly.
  • An ability to evaluate secure protocols.
Key Skills:
  • An ability to design and implement countermeasures against various attack scenarios.
  • An ability to employ suitable cryptographic premiers to enforce secrecy, integrity and availability of design of security protocols.

Modes of Teaching, Learning and Assessment and how these contribute to the learning outcomes of the module

  • Lectures enable students to learn the principles of security engineering and mechanisms to implement them in various infrastructures.
  • Preparation reading and suggested lists of articles and books enable students to develop and apply their knowledge to real-world problems.
  • Coursework assesses the knowledge acquired and the practical implementation of this knowledge.

Teaching Methods and Learning Hours

Activity Number Frequency Duration Total/Hours
Lectures 20 1 per week 1 hour 20
Preparation and reading 80
Total 100

Summative Assessment

Component: Coursework Component Weighting: 100%
Element Length / duration Element Weighting Resit Opportunity
Summative Assignment 100% No

Formative Assessment:

Formative feedback will be given on the coursework students undertake.


Attendance at all activities marked with this symbol will be monitored. Students who fail to attend these activities, or to complete the summative or formative assessment specified above, will be subject to the procedures defined in the University's General Regulation V, and may be required to leave the University