Each module contains 3 ECTS. You choose a total of 10 modules/30 ECTS in the following module categories:
- 12-15 ECTS in technical scientific modules (TSM)
TSM modules teach profile-specific specialist skills and supplement the decentralised specialisation modules. - 9-12 ECTS in fundamental theoretical principles modules (FTP)
FTP modules deal with theoretical fundamentals such as higher mathematics, physics, information theory, chemistry, etc. They will teach more detailed, abstract scientific knowledge and help you to bridge the gap between abstraction and application that is so important for innovation. - 6-9 ECTS in context modules (CM)
CM modules will impart additional skills in areas such as technology management, business administration, communication, project management, patent law, contract law, etc.
In the module description (download pdf) you find the entire language information per module divided into the following categories:
- instruction
- documentation
- examination
The course will
first give the necessary background knowledge in the field of
cybersecurity such as CIA and availability as well as data security. Thereby,
the module will define a threat and risk assessment accompanied with main
security standards and General Data Protection Regulation (GDPR).
Based on that, it will go in
deep to permit the student to have a complete overview how identify and list threats
and risks. Then, the student will be able to propose and implement a list of
mitigation mechanisms. This will be applied in three security fields: software
development, software security and web security based on tools.
The course
covers the following core topics:
- Reminder of basic knowledge about security
- Security development
- Software security
- Web security
Prerequisites
- Cryptography basics
- Knowledge of at least one programming language, such as C, Python, Java
Learning Objectives
- Understand and choose the appropriate cryptographic primitive(s)
- Identify and list the threats and risks of a system and propose different kind of mitigation mechanisms
- Understand, apply and use processes and tools towards secure development
- Understand, identify vulnerabilities in software and web applications then propose mitigations
Contents of Module
Basics (25%):
- Confidentiality, integrity, availability, authenticity, authorization, accounting
- Threat model, malwares, etc.
- Data Protection and GDPR
- Risk and threat analysis and standards
Secure development (25%):
- SDLC: fundamentals of DevOps and how DevOps teams can build and deliver secure software
- Secure DevOps: How to build security into Continuous Delivery and Continuous Deployment
- The tools, patterns, and techniques of security automation in DevOps
Software security (25%):
- Software vulnerability identification (SANS Top 25)
- Software exploitation techniques and tools
- Software protections and mitigations
Web application security (25%):
- Web vulnerabilities (OWASP top 10)
- Web exploitation techniques and tools
- Web protections and mitigations
Teaching and Learning Methods
This
course involves theoretical presentations and hands-on exercises.
Literature
Lecture slides, references to internet resources and books are
mentioned during the module introduction.
Download full module description
Back