Secure Systems: Attack and Defence

2020/2021

Prerequisite/Recommended prerequisite for participation in the module

The project unit requires basic knowledge about network security, e.g. obtained by following the first semester of the education. The project unit makes use of elements from the other courses of the semester.

Content, progress and pedagogy of the module

OBJECTIVE

In this project unit, the students learn to protect a given system against cyber attacks and/or to test how a given system can be attacked. The system to be used can be based either on software alone, or it can be a cyber physical system consisting of both hardware and software elements. It can also be an embedded system, or a distributed system connected through one or more networks.

REASON

The students achieve both theoretical understanding and practical experience in protecting and security testing systems, which are important elements in the education, and important competencies for the candidates after graduation.

 

Learning objectives

Knowledge

Must have knowledge about:

  • ethical and legal aspects of security testing.
  • handling of results from security tests, including responsible disclosure of newly found vulnerabilities.
  • how to formulate own competences related to PBL.

Skills

Must have skills in:

  • protecting a system against attacks, including one or more of the following elements:
    o   Analysis of systems in order to uncover relevant cyber risks and attack vectors.
    o   Prevention of cyber attacks by selecting and establishing relevant countermeasures.
    o   Section and implementation of techniques to monitor systems in order to detect cyber attacks.
    o   Selection and implementation of techniques for detecting cyber attacks based on relevant information, possibly including information from monitoring systems.
    o   Mitigating and dealing with cyber attacks when they are discovered, and considering conditions related to forensics.
     
  • security testing how a given system is protected and might be attacked, including one or more of the following elements:
    o   Analysis of attack vectors
    o   Conducting reconnaissance, including the selection of relevant methods and tools.
    o   Network scanning and vulnerability scanning, including the selection of relevant methods and tools.
    o   Conducting security tests.
  • reflecting over own use of PBL methods and how these methods can be used in the future projects and work situations.

Competences

Must have competencies in:

  • assessing, selecting and applying methods in order to secure and/or to conduct security testing of a given system, evaluate the specific results generated by using these methods, as well as reflecting over approach and results.

Type of instruction

Types of instruction are listed at the start of §17; Structure and contents of the programme

Exam

Exams

Name of examSecure Systems: Attack and Defence
Type of exam
Oral exam based on a project
ECTS15
Assessment7-point grading scale
Type of gradingExternal examination
Criteria of assessmentThe criteria of assessment are stated in the Examination Policies and Procedures

Facts about the module

Danish titleSikre systemer: Angreb og forsvar
Module codeESNCYSK2P1
Module typeProject
Duration1 semester
SemesterSpring
ECTS15
Language of instructionEnglish
Empty-place SchemeYes
Location of the lectureCampus Copenhagen
Responsible for the module

Organisation

Study BoardStudy Board of Electronics and IT
DepartmentDepartment of Electronic Systems
FacultyTechnical Faculty of IT and Design