Technische Universität Ilmenau

System Security - Modultafeln of TU Ilmenau

The module lists provide information on the degree programmes offered by the TU Ilmenau.

Please refer to the respective study and examination rules and regulations for the legally binding curricula (Annex Curriculum).

You can find all details on planned lectures and classes in the electronic university catalogue.

Information and guidance on the maintenance of module descriptions by the module officers are provided at Module maintenance.

Please send information on missing or incorrect module descriptions directly to modulkatalog@tu-ilmenau.de.

module properties module number 200033 - common information
module number200033
departmentDepartment of Computer Science and Automation
ID of group2255 (Distributed Systems and Operating Systems)
module leaderProf. Dr. Kai-Uwe Sattler
languageEnglisch
term Sommersemester
previous knowledge and experience

Mandatory: Basic knowledge of Ÿ operating systems, software engineering and formal automata and computability.

Crucial prerequisites will be briefly revisited when necessary.

Recommended: Basic knowledge of  computer networks, discrete mathematics, predicate logic and algorithms and complexity.

learning outcome 

Students are able to define and
derive security requirements from application scenarios (lecture). They can
define and use the term "security policy" (lecture). Students are able to apply
formal security models to represent a security policy (lecture and exercises).
For this, they can define, classify and compare fundamental security models
(lecture and exercises). Based on this, students can evaluate such models
against security properties (lecture and exercises) and construct new,
application-specific models (exercises). They can name essential languages and
mechanisms for implementing such models (lecture) and apply them to case
studies (exercises). Security architectures used for integrating secuity
mechanisms can be described and classified by the students (lecture). They can
also assess their suitability for specific use cases (exercises).

 

Students can discuss
open questions and argue for different solution approaches. They can prepare
theoretical and practical assignments for the exercises and present their
results. They can coordinate cooperative work on complex home assignments.

content 

This module focuses on the basic paradigms, methods and concepts in the field of model-based security engineering - the methodical process of engineering a computer system's security properties based on formal security models. In an early stage of the engineering process formal security models are used for the precise and unambiguous representation of security policies which then are analyzed by static model checking and simulative model execution. Successful models afterwards are transformed via specification languages into executable code which finally is integrated into a system's trusted computing base.

Topics are

  • Requirements analysis
  • Security policies and formal security models
  • Model engineering and analysis
  • Domain-specific model specification languages
  • Security mechanisms
  • Security architectures

media of instruction and technical requirements for education and examination in case of online participation

Presentations with projector and whiteboard, books, papers, assignments, discussions

literature / references

William Stallings, Lawrie Brown: Computer Security. Pearson, 2nd Edition, 2012, 810 pages.

Matthew Bishop: Computer Security: Art and Science. Addison-Wesley Educational Publishers Inc, 2012 (2. Edition), 1168 pages.

Trent Jaeger: Operating System Security. Synthesis Lectures on Information Security, Privacy and Trust #1, Morgan & Claypool Publishers, 2008.

N. Akosan et. al.: Mobile Platform Security. Synthesis Lectures on Information Security, Privacy and Trust #9, Morgan & Claypool Publishers, 2014.

Anupam Datta et. al.: Analysis Techniques for Information Security. Synthesis Lectures on Information Security, Privacy and Trust #2, Morgan & Claypool Publishers, 2010.

Ross Anderson: Security Engineering. John Wiley & Sons, 2nd Edidtion, 2008, 1040 pages. Also available online.

Frank Mayer, Karl Macmillan, David Caplan: SELinux by Example. Prentice Hall 2007, 425 pages.

Bruce Schneier: Secrets and Lies - Digital Security in a Networked World. John Wiley & Sons 2000, 408 pages.

evaluation of teaching
Details reference subject
module nameSystem Security
examination number2200675
credit points5
SWS4 (3 V, 1 Ü, 0 P)
on-campus program (h)45
self-study (h)105
obligationobligatory module
examoral examination performance, 20 minutes
details of the certificate
alternative examination performance due to COVID-19 regulations incl. technical requirements
signup details for alternative examinations
maximum number of participants
Details in degree program Master Research in Computer & Systems Engineering 2016
module nameSystem Security
examination number2200675
credit points5
on-campus program (h)45
self-study (h)105
obligationelective module
examoral examination performance, 20 minutes
details of the certificate
alternative examination performance due to COVID-19 regulations incl. technical requirements
signup details for alternative examinations
maximum number of participants