Course syllabus adopted 2025-02-19 by Head of Programme (or corresponding).
Overview
- Swedish nameDatasäkerhet
- CodeEDA264
- Credits7.5 Credits
- OwnerMPCSC
- Education cycleSecond-cycle
- Main field of studyComputer Science and Engineering, Software Engineering
- DepartmentCOMPUTER SCIENCE AND ENGINEERING
- GradingTH - Pass with distinction (5), Pass with credit (4), Pass (3), Fail
Course round 1
- Teaching language English
- Application code 42115
- Maximum participants160 (at least 10% of the seats are reserved for exchange students)
- Open for exchange studentsYes
- Only students with the course round in the programme overview.
Credit distribution
Module | Sp1 | Sp2 | Sp3 | Sp4 | Summer | Not Sp | Examination dates |
|---|---|---|---|---|---|---|---|
| 0123 Laboratory 1.5 c Grading: UG | 1.5 c | ||||||
| 0223 Written and oral assignments 6 c Grading: TH | 6 c |
In programmes
- MPALG - Computer Science - Algorithms, Languages and Logic, Year 1 (elective)
- MPCSC - Computer Systems and Cybersecurity, Year 1 (compulsory)
- MPEES - Embedded Electronic System Design, Year 1 (elective)
- MPHPC - High-performance Computer Systems, Year 1 (elective)
- MPICT - Information and Communication Technology, Year 1 (compulsory elective)
- MPSOF - Software Engineering and Technology, Year 1 (compulsory elective)
- MPSOF - Software Engineering and Technology, Year 2 (elective)
- TIDAL - Computer Engineering - Common branch of study, Year 3 (compulsory elective)
- TKDAT - Computer Science and Engineering, Year 2 (elective)
- TKDAT - Computer Science and Engineering, Year 3 (compulsory elective)
- TKITE - Software Engineering, Year 3 (elective)
Examiner
Magnus Almgren- Associate Professor, Computer and Network Systems, Computer Science and Engineering
Eligibility
General entry requirements for Master's level (second cycle)Applicants enrolled in a programme at Chalmers where the course is included in the study programme are exempted from fulfilling the requirements above.
Specific entry requirements
English 6 (or by other approved means with the equivalent proficiency level)Applicants enrolled in a programme at Chalmers where the course is included in the study programme are exempted from fulfilling the requirements above.
Course specific prerequisites
General requirements from a Bachelor's degree are required. Knowledge in a programming language, such as C, is also required. The course EDA093 Operating systems or equivalent is recommended.Aim
The course provides basic knowledge in the security area, i.e., how to protect systems against intentional intrusions and attacks. The purpose of intrusions can be to change or delete resources (data, programs, hardware, etc.), to gain unauthorized access to confidential information, or to use the system's services without authorization. The course covers threats and vulnerabilities in computer systems and networks, as well as rules, methods, and mechanisms for protection. Modeling and assessment of security, as well as metrication methods, are also covered.
The course takes a holistic approach to security and includes elements that address organizational, business-related, social, human, legal, and ethical aspects. The focus is on critically examining and analyzing how these aspects influence security processes and systems, including their impact on different groups and broader societal responsibilities. The course also emphasizes clear and effective communication of security concepts to diverse audiences.
Learning outcomes (after completion of the course the student should be able to)
After completing the course the student shall have acquired the following knowledge goals. The student shall:
- have an overall, fundamental understanding of computer security and realize the consequences of insecurity
- have a general knowledge of protection mechanisms
- be capable of making a security analysis of different types of systems and suggest ways to improve security
- be able to deal with a few methods for security modeling
- understand common methods for security assessment, evaluation, and the challenges of measuring security
- gain proficiency in communicating concepts of computer security, in writing and/or orally, to different target groups, with consideration for equality, diversity, and inclusion
- be capable of well-founded reasoning around the ethical, social, and inclusivity-related aspects of computer security, such as how security processes and systems may impact diverse groups, and analyze and evaluate these issues based on the societal responsibilities and ethical obligations of security professionals
Content
Introduction to computer security: definitions, terminology, standards. Some practical examples.
UNIX security: file system, system administration, passwords and accounts, authorization.
Security threats: systematic approach, physical security, including tempest, viruses, worms, Trojan horses, and logic bombs.
Information hiding, steganography and covert channels.
Introduction to cryptography.
Secure operating systems. Security mechanisms: authentication, authorization, access control, file protection, reference monitor, encryption and separation.
Intrusion detection systems. Deception systems.
Security Models: Bell-LaPadula, Biba, Chinese wall etc.
Introduction to Network Security and firewalls.
Database security, defensive programming, injection attacks.
Security metrics. Security management and organisation.
Security policy and risk analysis.
Social engineering, cyber criminality and information warfare.
Laws and ethics.
Organisation
The course consists of a series of lectures, exercises and laborative exercises. Normally, one or two lectures are given by lecturers from industry, who give an application perspective on security. The laborative exercises focus on a few common security mechanisms.
Computer security is one of the courses proposed in the security specialization at Chalmers and Göteborg University. It gives an overview of the field. For those with interest in the security specialization we recommend this course (EDA263) as an overview and refer to the other courses for depth, Cryptography (TDA352), Network security (EDA491) and Language-based security (TDA602).
Literature
See separate literature list.
Examination including compulsory elements
The course is examined through group laboratory exercises, mandatory assignments that are either completed individually or in groups, and an optional written test available to students who submit all assignments on time.
In order to be awarded the grade 3 for the whole course, the student must pass the laboratory exercises and the mandatory assignments.
In order to be awarded the grade 4 or 5 for the whole course, the student must get the grade 4 respective 5 on the written test and pass the other sub-courses.
The course examiner may assess individual students in other ways than what is stated above if there are special reasons for doing so, for example if a student has a decision from Chalmers about disability study support.