De elektronische studiegids voor het academiejaar 2025 - 2026 is onder voorbehoud.





Resilience and Security by Design (4718)

  
Coordinating lecturer :Prof. dr. ir. Koen YSKOUT 


Language of instruction : English


Credits: 4,0
  
Period: semester 1 (4sp)
  
2nd Chance Exam1: Yes
  
Final grade2: Numerical
 
Sequentiality
 
   No sequentiality

Prerequisites

The student

  • can write and debug a software application (in Java and/or Python)
  • knows how an operating system works (processes, scheduling, concurrency, memory management)
  • can use a database to store and retrieve data through SQL statements
  • knows common networking protocols (e.g., TCP/IP)
  • knows web technology and protocols (e.g., HTTP, HTML, CSS, Javascript)


Content

Abstract:
This course will provide an in-depth discussion of designing resilient and secure software based on practices from industry and academia. The topics will enable the students to understand the fundamentals along with the limitations of cyber security and resilience. We examine these aspects from the standpoints of attackers, defenders, and societies.

Objective:
From a technological perspective, augmented with economic, legal (GDPR), and societal views, students will explore the advancements, principles, issues, limitations, and key state-of-the-art practices in cyber security and resilience. Completion of the course will enable students to identify, select and implement appropriate resiliency and security solutions while developing software.


Examples of possible topics are:

  • Defining resilience and security
  • Activities in the Secure Development Lifecycle (SSDLC)
  • Common software security flaws and weaknesses (e.g., buffer overflows, authentication flaws, broken access control, injection attacks, …)
  • Common design principles, patterns, and tactics to build resilient and secure software (e.g., cryptography, authentication, access control, TLS protocol, OAuth, resilience patterns such as circuit breaker, …)
  • Tools and techniques for analyzing the resilience and security of a design (e.g., threat modeling using STRIDE, SAST tools, fuzzing, simulations, …)
  • Overview of existing knowledge resources and organizations (e.g., CVE, CWE, NIST SSDF, OWASP, …)
  • Security of virtualized and containerized applications
  • Link between security and privacy (GDPR, privacy threat analysis using LINDDUN, ...)
  • Legal aspects and compliance (ethical hacking, laws and regulations regarding security and resilience)


Organisational and teaching methods
Organisational methods  
Application Lecture  
Teaching methods  
Demonstration  
Exercises  
Homework  
Presentation  
Report  


Evaluation

Period 1    Credits 4,00

Evaluation method
Written evaluaton during teaching periode25 %
Transfer of partial marks within the academic year
Conditions transfer of partial marks within the academic year12/20
Take-home assignment
Oral evaluation during teaching period8 %
Transfer of partial marks within the academic year
Conditions transfer of partial marks within the academic year10/20
Presentation
Written exam67 %
Transfer of partial marks within the academic year
Conditions transfer of partial marks within the academic year10/20
Open questions
Use of study material during evaluation
Explanation (English)During the open book part of the exam, students are allowed to use the lecture slides.
Evaluation conditions (participation and/or pass)
Conditions Students need to obtain at least 8/20 on the evaluation during the teaching period (oral+written combined), and 8/20 on the exam.
Consequences If the student achieves less than 8/20 on either the evaluation during the teaching period (oral+written combined) or the exam, the final mark will be the weighted average of both parts with a maximum of 9/20.
Additional information

The exam consists of a closed-book part followed by an open-book part.


Second examination period

Evaluation second examination opportunity different from first examination opprt
No
Explanation (English)In case the oral presentation during the semester was insufficient, the presentation will be replaced by a written assignment. The written evaluation during the teaching period and the written exam are similar to that in the first exam period.
 

Compulsory course material
 

All slides and references will be distributed through the electronic learning platform.



Learning outcomes
Master of Teaching in Sciences and Technology
  •  EC 
  • 5.2. The master of education is a domain expert ENG & TECH: the EM has a specialised knowledge and understanding of the acquired subject didactics and can creatively conceive, plan and implement them in an educational context and, in particular, as an integrated part of a methodologically and project-based ordered series of actions within a multidisciplinary STEM project with an important research and/or innovation component.

  •  EC 
  • 5.3. The master of education is a domain expert ENG & TECH: the EM has advanced or specialised knowledge and understanding of the principles, structure and used technologies of various industrial processes and techniques relevant to the specific subject disciplines and can autonomously recognise, critically analyse and methodically and well-foundedly solve complex, multidisciplinary, non-familiar, practice-oriented design or optimisation problems in these, with an eye for application, selection of materials, automation, safety, environment and sustainability, aware of practical limitations and with attention to current technological developments.

 

Master of Software Systems Engineering Technology
  •  EC 
  • EC1 – The Master of Software Engineering Technology can communicate adequately, cooperate effectively, and take into account the sustainable, economic, ethical, social and/or international context and (s)he is aware of the impact on the environment in all aspects of his/her professional thought-process and agency. (S)he displays an appropriate engineering attitude, including continuous attention to the development of his/her professional competencies --. [people, data literacy and essential software skills].

     
  •  DC 
  • DC-M8 - can evaluate knowledge and skills critically to adjust own reasoning and course of action accordingly.

      
  •  BC 
  • reflects in the reports on the rationale for decisions that have been made while executing the various assignments

    reflects in the report on what other approaches could have been taken to solve the assignments
      
  •  BC 
  • reflects in the reports on the rationale for decisions that have been made while executing the various assignments

    reflects in the report on what other approaches could have been taken to solve the assignments
     
  •  DC 
  • DC-M9 - can communicate in oral and in written (also graphical) form.

      
  •  BC 
  • writes a synthesized report on the findings for the various assignments.

    can clearly convey the essence of the assigned topic in a short presentation
      
  •  BC 
  • writes a synthesized report on the findings for the various assignments.

    can clearly convey the essence of the assigned topic in a short presentation
     
  •  DC 
  • DC-M11 - acts socially responsible and within an international framework.

      
  •  BC 
  • can explain the importance of security and resilience in our society

    is aware of the ethical aspects of offensive and defensive security.
      
  •  BC 
  • can explain the importance of security and resilience in our society

    is aware of the ethical aspects of offensive and defensive security.
     
  •  DC 
  • DC-M12 - shows a suitable engineering attitude.

      
  •  BC 
  • is capable of designing and assessing the security of a software application in a creative and independent manner.

    takes a different systems thinking viewpoint and mindset by approaching a system from an adversarial viewpoint.
      
  •  BC 
  • is capable of designing and assessing the security of a software application in a creative and independent manner.

    takes a different systems thinking viewpoint and mindset by approaching a system from an adversarial viewpoint.
  •  EC 
  • EC2 - The Master of Software Engineering Technology masters the necessary sets of knowledge and skills regarding the design of integrated, resilient software systems and can creatively conceive, plan and implement them as an integrated part of a series of methodologically ordered actions within multidisciplinary projects with a significant research and/or innovation component. [systems thinking]

     
  •  DC 
  • DC-M5 - can analyze problems, logically structure and interpret them.

      
  •  BC 
  • is able to take a systems thinker perspective regarding the software and its security and resilience risks, by considering the goals, users, technologies and adversaries of the system.
      
  •  BC 
  • is able to take a systems thinker perspective regarding the software and its security and resilience risks, by considering the goals, users, technologies and adversaries of the system.
  •  EC 
  • EC3 - The Master of Software Engineering Technology has advanced knowledge and understanding of the principles and applications of software engineering, including software development processes, software architectures and the software life cycle, and can apply them, with an understanding of current technological developments, in complex and practice-oriented problem domains. [software engineering]

     
  •  DC 
  • DC-M5 - can analyze problems, logically structure and interpret them.

      
  •  BC 
  • is able to create an abstract representation of a software system and use this to reason about its security and resilience.

      
  •  BC 
  • is able to create an abstract representation of a software system and use this to reason about its security and resilience.

  •  EC 
  • EC4 - The Master of Software Engineering Technology has advanced knowledge and understanding of principles and applications of contemporary wireless and mobile communication networks, and in this domain, (s)he can autonomously initiate, plan, critically analyse and solve problems in a well-founded manner with an eye for data acquisition and implementation, and with the help of simulation techniques or advanced tools. [connected]

     
  •  DC 
  • DC-M1 - has knowledge of the basic concepts, structures and coherence.

      
  •  BC 
  • knows the security and resilience characteristics and implications of different technologies and protocols.

      
  •  BC 
  • knows the security and resilience characteristics and implications of different technologies and protocols.

  •  EC 
  • EC5 - The Master of Software Engineering Technology masters the necessary sets of specialised knowledge and skills for the design of modular, integrated software systems that, on the basis of data acquisition and data analysis, can make intelligent decisions and that are resilient (secure, robust and scalable), within multidisciplinary projects with an applied research and/or innovation component. [intelligent & resilient systems]

     
  •  DC 
  • DC-M2 - has insight in the basic concepts and methods.

      
  •  BC 
  • can explain in own wordings the basis concepts and techniques of secure and resilient systems and clarify with examples.

    can name, explain, and compare approaches, patterns, tools, and technologies that can be used to build secure and resilientsoftware

    can explain how the various concepts relate to and influence each other

      
  •  BC 
  • can explain in own wordings the basis concepts and techniques of secure and resilient systems and clarify with examples.

    can name, explain, and compare approaches, patterns, tools, and technologies that can be used to build secure and resilientsoftware

    can explain how the various concepts relate to and influence each other

     
  •  DC 
  • DC-M5 - can analyze problems, logically structure and interpret them.

      
  •  BC 
  • can name and explain common security flaws

    can identify potential security flaws in a software system and explain their causes and consequences.
     
  •  DC 
  • DC-M6 - can select methods and make calculated choices to solve problems or design solutions.

      
  •  BC 
  • can make appropriate decisions to design a secure and resilient system

    can explain the rationale behind these design decisions, including trade-offs that have been made

      
  •  BC 
  • can make appropriate decisions to design a secure and resilient system

    can explain the rationale behind these design decisions, including trade-offs that have been made

     
  •  DC 
  • DC-M7 - can use selected methods and tools to implement solutions and designs.

      
  •  BC 
  • is able to make appropriate use of offensive and defensive software tools and libraries.
  •  EC 
  • EC6 - The Master of Software Engineering Technology masters the necessary sets of specialised knowledge and skills regarding generic abstraction techniques such as virtualization and containerization in order to utilise the underlying hardware and software systems in a secure, protected, and efficient way. [virtualized world]

     
  •  DC 
  • DC-M2 - has insight in the basic concepts and methods.

      
  •  BC 
  • can explain and compare the security and resilience characteristics of containers and virtualization technologies.

      
  •  BC 
  • can explain and compare the security and resilience characteristics of containers and virtualization technologies.

 

  EC = learning outcomes      DC = partial outcomes      BC = evaluation criteria  
Offered inTolerance3
Exchange Programme Engineering Technology J
Master of Software Systems Engineering Technology J
Master of Teaching in Sciences and Technology - Engineering and Technology choice for subject didactics engineering & technology J



1   Education, Examination and Legal Position Regulations art.12.2, section 2.
2   Education, Examination and Legal Position Regulations art.15.1, section 3.
3   Education, Examination and Legal Position Regulations art.16.9, section 2.