Studying at York
Rigour in Secure System Development & Assessment - COM00116M
- Department: Computer Science
- Credit value: 10 credits
- Credit level: M
- Academic year of delivery: 2022-23
Related modules
Pre-requisite modules
Co-requisite modules
- None
Prohibited combinations
- None
Module will run
| Occurrence | Teaching period |
|---|---|
| A | Spring Term 2022-23 |
Module aims
This module provides a unifying framework in which the taught content of the cyber-security programme can be brought to bear. It addresses the context for secure systems including security management and legal issues, together with rigorous approaches to assurance in such systems. It aims to equip the students with knowledge of the mechanics of how secure systems are evaluated, certified and reach deployment and provide hands on experience of processes used to evaluate security. It aims to identify crucial issues that are not yet well developed, e.g. determining return on investment.
Module learning outcomes
- Define an appropriate high-level security management approach for a security-sensitive system in a defined regulatory environment.
- Apply a standard risk assessment approach to identify threats to a system and to identify and prioritise countermeasures.
- Evaluate different approaches to risk assessment and the tradeoffs between different established approaches to evaluation.
- Define a high-level software development approach that takes account of the security implications of a given software-intensive system.
Indicative assessment
| Task | % of module mark |
|---|---|
| Essay/coursework | 100 |
Special assessment rules
None
Indicative reassessment
| Task | % of module mark |
|---|---|
| Essay/coursework | 100 |
Module feedback
Students will receive oral feedback during the classroom week, and written feedback on their assessment submission.
Indicative reading
Taylor (ed), Information Security Management Principles, 2nd edition, 2013