University of Oxford Logo University of OxfordSoftware Engineering - Home

Software and Systems Security

As computing systems become more essential to our daily lives, it becomes ever more important that the services they provide are available whenever we need them. We must also be able to rely on the integrity of the systems, and thus the information that they hold and provide. What is more, our society and our economy depend upon certain pieces of information being held in confidence.

The security programme addresses security issues which arise throughout the systems life-cycle: from concept and inception, through design, implementation, testing, and deployment, to maintenance and re-engineering. This includes a detailed treatment of security risk and project risk, the social and organisational context, processes, patterns and architectures for security, and the technologies used in implementation and delivery.

The courses are delivered by an interdisciplinary team of subject specialists: lecturers and professors from the University of Oxford, working alongside colleagues from industry and the public sector to provide the necessary combination of academic rigour and practical experience. The security programme is part of a strong, long-established programme of professional education at Oxford, and participants can choose from a wide range of related courses in software and systems engineering.

All of the courses offered by the programme are taught at Master's level: the three postgraduate qualifications differ only in the extent of study.

The Postgraduate Certificate requires attendance on courses in four subjects, and the successful completion of the corresponding written assignments. At least three of these subjects must be chosen from the courses in software and systems security; subjects in software engineering are also available for the fourth choice. The courses and assignments must be completed within two years of the date of admission.

The Postgraduate Diploma requires courses in eight subjects. At least six of these subjects must be chosen from the courses in software and systems security; the remaining two subjects may also be chosen from subjects in software engineering at Oxford. The courses and assignments must be completed within three years of admission.

The Master of Science requires courses in ten subjects; it also entails the completion of a project and dissertation, involving participation in a project module and a dissertation module. At least seven of these subjects should be chosen from the core selection of courses in software and systems security; others may be chosen from across the whole range of subjects offered in software engineering at Oxford. The courses and assignments should be completed within four years of admission; an additional year is available, if needed, in which to complete the dissertation.

Security Principles (SPR)

This course combines a treatment of the fundamental principles of cryptography and security protocols with a practical treatment of current best practice. It explains the need for computer security, and the scope of the available technical solutions; presents techniques for evaluating security solutions; and provides an overview of the current leading technologies and standards in the security arena.

Design for Security (DES)

Capability in the design of systems which will meet security goals is an increasingly important skill. This course will explore how suitable levels of assurance can be achieved through combining architectural detail, operating system and middleware platforms, and application security measures. Central to these considerations is concern for which requirements are met with well-established tools, which risks can be addressed though novel technologies, and which must be mitigated by other means.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Security Risk Analysis and Management (RIS)

Security is a property of an entire system in context, rather than of a software product, so a thorough understanding of system security risk analysis is necessary for a successful project. This course introduces the basic concepts and techniques of security risk analysis, and explains how to manage security risks through the project lifecycle.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

People and Security (PAS)

A very high proportion of failures in security can be attributed to misunderstanding, mis-information, or failure to grasp the importance of the processes individuals are expected to follow. This course draws on work from human-computer interaction, and more widely from psychology, relating the issues raised back to hard technical implementation decisions.

Familiarity with basic security principles and standard mechanisms, as covered in Security Principles (SPR), is assumed.

Secure and Robust Programming (SRO)

Many system failures and security vulnerabilities arise at the programming level. These can often be attributed to inadequate handling of exceptional situations, poor understanding of the details of the programming language in use, incomplete descriptions of the interfaces between components, and insufficient care in the treatment of concurrency and threading issues. This course addresses those problems from a programming perspective, with the aim of improving the practitioner's capability in writing and reviewing code.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Forensics (FOR)

Investigating computer crime is a delicate and involved process that requires an understanding of the evidential standards necessary in various contexts where electronic forensic data may be needed. This course describes the current best practice in both understanding and deconstructing an attack whilst preserving evidence, and also explores how to design and evaluate systems in order to facilitate forensic examination.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Network Security (NES)

Modern computing systems— whether PCs, PDAs, mobile phones, or other application-specific devices— are nearly all networked. These networks are far from homogeneous, but all give rise to substantial challenges for security. This course concentrates on devices with internet connections, reviewing the internet design features, and their consequences for security.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Trusted Computing Infrastructure (TCI)

A secure system is the product of numerous layers that operate together to provide in-depth protection. This course looks at the various platforms upon which a secure system operates, with an emphasis on practical and repeatable means of implementing these platforms securely. Topics covered include buffer overflows, cryptographic libraries, sand-boxing, virtualisation, trusted computing, and database security, building towards a toolkit of sound principles for secure systems implementation.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Safety Critical Systems (SCS)

Computers are often placed in control situations within safety critical systems. Safety is an emergent property of whole systems; software may play only a small part. This course will enable the systems engineer to determine whether a safe system can be built, and what requirements must be placed on software in order to keep risk at an acceptable level. Attendees will be able to understand the specific issues, problems and techniques associated with analysis, design, development and verification of systems that will be used in safety critical applications.

Data Security (DAS)

As increasing amounts of data are captured about patients, consumers and citizens, and as more ways of linking and utilising such data emerge, so do concerns about the treatment of personal data — with these concerns emerging from a variety of stake-holders. As such, issues pertaining to database and applications security have increased in importance in recent years. Understanding how existing and emerging legislation might be considered in designing secure databases, as well as how such designs might be mapped to practical security measures, will be essential in an increasingly data-driven world.

Participants should have a basic understanding of computer security to the level provided by the Security Principles (SPR) course; participants should also have a basic understanding of relational databases to the level provided by the Database Design (DAT) course.

Security and Incident Management (SIM)

A key ingredient of successful security and risk programmes is effective management of security-related incidents. Incidents range from small and predictable — which can be eliminated through operation controls, through to large and unpredictable — when standard management controls and mechanisms may not work. This module introduces the principles of incident management in practical contexts and draws out the key themes for effective response to the panoply of events and triggers that impact businesses, governments and individuals alike.