University of Oxford Logo University of OxfordSoftware Engineering - Home

Software and Systems Security

As computing systems become more essential to our daily lives, it becomes ever more important that the services they provide are available whenever we need them. We must also be able to rely on the integrity of the systems, and thus the information that they hold and provide. What is more, our society and our economy depend upon certain pieces of information being held in confidence.

We want to be assured that they will work exactly as expected, and that they will keep working – even in the face of disasters, accidents, or deliberate attempts to interfere with or prevent their function.

Achieving and maintaining security is a complex, interdisciplinary challenge. We must consider not only the software and hardware components of a system, but also the way in which these relate to the human processes and physical constraints of the real world. A modern security professional needs to understand principles of architecture, design, management, interoperability, and evolution, and to apply them effectively in a world of rapidly-changing technologies and expectations.

The Software and Systems Security Programme at the University of Oxford teaches these principles and their application. It offers a flexible programme of short courses to those working full time in industry or in the public sector. It addresses a wide range of subjects – from service architectures to forensics, from trusted platforms to risk analysis, and from human factors to incident management. It is accessible to anyone with the right combination of previous education and practical experience.

The courses on the Programme can be used as individual programmes of professional training in specific subjects, or as credit towards a Master of Science (MSc) degree in Software and Systems Security from the University of Oxford. Students on the MSc take between two and four years to complete a minimum of ten courses, typically at a rate of three courses per year, earning a degree while in full time professional employment. The courses may be taken in any order and combination, depending upon previous experience and education.

Each short course is based around a week of intensive teaching in Oxford, with some initial reading to consider beforehand, and a six-week assignment to complete afterwards. The teaching week allows you the chance to explore a subject in depth, with expert teaching and supervision, away from the demands of work and family. The reading gives you the opportunity to prepare yourselves; the assignment, an opportunity to deepen and to demonstrate your understanding.

Security Principles (SPR)

This course combines a treatment of the fundamental principles of cryptography and security protocols with a practical treatment of current best practice. It explains the need for computer security, and the scope of the available technical solutions; presents techniques for evaluating security solutions; and provides an overview of the current leading technologies and standards in the security arena.

Design for Security (DES)

Capability in the design of systems which will meet security goals is an increasingly important skill. This course will explore how suitable levels of assurance can be achieved through combining architectural detail, operating system and middleware platforms, and application security measures. Central to these considerations is concern for which requirements are met with well-established tools, which risks can be addressed though novel technologies, and which must be mitigated by other means.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Security Risk Analysis and Management (RIS)

Security is a property of an entire system in context, rather than of a software product, so a thorough understanding of system security risk analysis is necessary for a successful project. This course introduces the basic concepts and techniques of security risk analysis, and explains how to manage security risks through the project lifecycle.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Forensics (FOR)

Investigating computer crime is a delicate and involved process that requires an understanding of the evidential standards necessary in various contexts where electronic forensic data may be needed. This course describes the current best practice in both understanding and deconstructing an attack whilst preserving evidence, and also explores how to design and evaluate systems in order to facilitate forensic examination.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Trusted Computing Infrastructure (TCI)

A secure system is the product of numerous layers that operate together to provide in-depth protection. This course looks at the various platforms upon which a secure system operates, with an emphasis on practical and repeatable means of implementing these platforms securely. Topics covered include buffer overflows, cryptographic libraries, sand-boxing, virtualisation, trusted computing, and database security, building towards a toolkit of sound principles for secure systems implementation.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

People and Security (PAS)

A very high proportion of failures in security can be attributed to misunderstanding, mis-information, or failure to grasp the importance of the processes individuals are expected to follow. This course draws on work from human-computer interaction, and more widely from psychology, relating the issues raised back to hard technical implementation decisions.

Familiarity with basic security principles and standard mechanisms, as covered in Security Principles (SPR), is assumed.

Network Security (NES)

Modern computing systems— whether PCs, PDAs, mobile phones, or other application-specific devices— are nearly all networked. These networks are far from homogeneous, but all give rise to substantial challenges for security. This course concentrates on devices with internet connections, reviewing the internet design features, and their consequences for security.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Data Security (DAS)

As increasing amounts of data are captured about patients, consumers and citizens, and as more ways of linking and utilising such data emerge, so do concerns about the treatment of personal data — with these concerns emerging from a variety of stake-holders. As such, issues pertaining to database and applications security have increased in importance in recent years. Understanding how existing and emerging legislation might be considered in designing secure databases, as well as how such designs might be mapped to practical security measures, will be essential in an increasingly data-driven world.

Participants should have a basic understanding of computer security to the level provided by the Security Principles (SPR) course; participants should also have a basic understanding of relational databases to the level provided by the Database Design (DAT) course.

Security and Incident Management (SIM)

A key ingredient of successful security and risk programmes is effective management of security-related incidents. Incidents range from small and predictable — which can be eliminated through operation controls, through to large and unpredictable — when standard management controls and mechanisms may not work. This module introduces the principles of incident management in practical contexts and draws out the key themes for effective response to the panoply of events and triggers that impact businesses, governments and individuals alike.

Secure and Robust Programming (SRO)

Many system failures and security vulnerabilities arise at the programming level. These can often be attributed to inadequate handling of exceptional situations, poor understanding of the details of the programming language in use, incomplete descriptions of the interfaces between components, and insufficient care in the treatment of concurrency and threading issues. This course addresses those problems from a programming perspective, with the aim of improving the practitioner's capability in writing and reviewing code.

Participants should have a basic understanding of topics in security, as provided by the Security Principles (SPR) course.

Cloud Security (CLS)

The provision of automated self-managed services – for software, platforms, and infrastructure –relieves local administration of many security concerns, yet also removes from them many of the tools and controls they expect to use, while introducing new threats and adversaries. This course reviews the architectural principles of cloud computing, describes the threats and security controls possible at each level of abstraction, and addresses cloud management services for trustworthy, secure, and resilient operation with minimal intervention.
New in 2012

Mobile Application Security (MAP)

Mobile devices present distinctive challenges for security, including problems of device association, power constraints, and restricted interfaces. Mobile applications often incorporate both local and remote services, complicating the management and enforcement of security policies. This course presents a range of techniques for the design and implementation of secure mobile applications, balancing the requirements of functionality, security, resource utilisation, and privacy.
New in 2012