Prerequisite/Recommended prerequisite for
participation in the module
The project unit requires basic knowledge about network security,
e.g. obtained by following the first semester of the education. The
project unit makes use of elements from the other courses of the
Content, progress and pedagogy of the
In this project unit, the students learn to protect a given
system against cyber attacks and/or to test how a given system can
be attacked. The system to be used can be based either on software
alone, or it can be a cyber physical system consisting of both
hardware and software elements. It can also be an embedded system,
or a distributed system connected through one or more networks.
The students achieve both theoretical understanding and
practical experience in protecting and security testing systems,
which are important elements in the education, and important
competencies for the candidates after graduation.
Must have knowledge about:
- ethical and legal aspects of security testing.
- handling of results from security tests, including responsible
disclosure of newly found vulnerabilities.
- how to formulate own competences related to PBL.
Must have skills in:
- protecting a system against attacks, including one or more of
the following elements:
o Analysis of systems in order to uncover relevant
cyber risks and attack vectors.
o Prevention of cyber attacks by selecting and
establishing relevant countermeasures.
o Section and implementation of techniques to monitor
systems in order to detect cyber attacks.
o Selection and implementation of techniques for
detecting cyber attacks based on relevant information, possibly
including information from monitoring systems.
o Mitigating and dealing with cyber attacks when they
are discovered, and considering conditions related to forensics.
- security testing how a given system is protected and might be
attacked, including one or more of the following elements:
o Analysis of attack vectors
o Conducting reconnaissance, including the selection of
relevant methods and tools.
o Network scanning and vulnerability scanning,
including the selection of relevant methods and tools.
o Conducting security tests.
- reflecting over own use of PBL methods and how these methods
can be used in the future projects and work situations.
Must have competencies in:
- assessing, selecting and applying methods in order to secure
and/or to conduct security testing of a given system, evaluate the
specific results generated by using these methods, as well as
reflecting over approach and results.
Type of instruction
Types of instruction are listed at the start of §17; Structure
and contents of the programme
|Name of exam||Secure Systems: Attack and Defence|
|Type of exam|
Oral exam based on a project
|Assessment||7-point grading scale|
|Type of grading||External examination|
|Criteria of assessment||The criteria of assessment are stated in the Examination
Policies and Procedures|