Postgraduate

Modules

Modules

CSC8206 : Group Project in Computer Security and Resilience (Inactive)

Semesters
Semester 2 Credit Value: 15
ECTS Credits: 8.0

Aims

To gain and reflect on the experience of applying the techniques taught in preceding modules to the analysis and development of a high integrity system.
To gain experience of working in groups and to design and implement software under time and resource constraints, practising relevant professional skills.

In this module you will have the opportunity to design, build and analyse a high integrity computing system with security or safety implications. You will have access to technical guidance form faculty members but will essentially work as a small independent team under your own initiative. This provides an opportunity to practice the technical skills developed in other modules, and to develop new skills of cooperative working and organisation.

Outline Of Syllabus

1. Team Working: the basics of successful team working in systems analysis and development.
Teams of 5-7 members will be selected by the faculty, mixing backgrounds, abilities and skills. Each team has a faculty member who can advise on the problem specification but will not generally intervene in the group. Choice group organisation is left to the group, subject to the constraints of the problem. At the end of the project, there will be an opportunity to debrief with faculty members and with other students and to share experience of good and bad practice in team working.
2. System Synthesis and Analysis: review of process models, organisation and potential sequencing of synthesis, evaluation and V&V activities for high integrity systems. Outline of professional, legal and ethical issues relevant to the subject area of the project. An introduction to the forms of trade-off that exist between technical aspects of security and resilience with other properties such as system liveness.
Initial functional and non-functional (including trustworthiness) requirements will be supplied, as well as process and product constraints. Development will involve research, requirements elicitation, modelling and analysis which may involve information flow modelling, protocol design, deductive or inductive fault analysis. Selection of development methods and tools will be done by each group. In a separate evaluation phase teams will be asked to evaluate and find defects in other teams' implementations, giving an opportunity to practice defect detection skills.
3. Reporting: Oral and written reporting of technical progress; an introduction to presentation skills for technical presentations; structuring and writing of key documents and presentation of evidence for high integrity systems.
The project constraints will define technical deliverables. Teams will be invited to present findings in short oral presentations at various stages in the project. Team members will keep personal logs and write a short final individual report outlining their contributions and the lessons that they have learned from the project in terms of their own continuing professional development needs.
Example Scenario:
The challenge of producing a trustworthy e-Voting system combines technical work on secrecy and encryption with human factors and the acceptability of the system in the voting booth. Teams will be asked to develop part of an e-Voting scheme that provides voter-verifiability coupled with ballot secrecy, integrity and accuracy. They will be required to analyse key properties of their system, including those derived form a human factors analysis. In the evaluation phase, teams will try to discover flaws in the implementations developed.

Teaching Methods

Teaching Activities
Category Activity Number Length Student Hours Comment
Guided Independent StudyAssessment preparation and completion91:009:00Lecture follow-up
Scheduled Learning And Teaching ActivitiesLecture91:009:00Lectures
Scheduled Learning And Teaching ActivitiesPractical151:0015:00Practicals
Guided Independent StudyProject work551:0055:00Coursework
Guided Independent StudyStudent-led group activity551:0055:00Formal/informal meetings
Guided Independent StudyIndependent study71:007:00Background reading
Total150:00
Teaching Rationale And Relationship

Lectures will be used to introduce the learning material and for demonstrating the key concepts by example. Students are expected to follow-up lectures within a few days by re-reading and annotating lecture notes to aid deep learning.

Project meetings both formal and informal, will provide team members and the team monitor with the opportunity to follow progress and address team issues.

Students aiming for 1st class marks are expected to widen their knowledge beyond the content of lecture notes through background reading.

Students should set aside sufficient time to revise for the end of semester exam.

Assessment Methods

The format of resits will be determined by the Board of Examiners

Other Assessment
Description Semester When Set Percentage Comment
Report2M90Group work (Max 3200 words)
Report1M10Individual work (Max 2000 words)
Assessment Rationale And Relationship

The coursework-based assessment gives a chance to assess the application of knowledge in a practical context, and skills on a realistic, open-ended problem.
The group work report is used to award a group mark to each group. This mark is combined with an individual mark awarded to each group member based on their submitted Individual Report.

Reading Lists

Timetable