CORPORATE AND ACADEMIC SERVICES
PROGRAMME SPECIFICATION Part 1: Basic Data
Awarding Institution UWE Teaching Institution UWE
Delivery Location UWE
Faculty responsible for programme
Environment and Technology
Department responsible for programme
Computer Science and Creative Technologies
Modular Scheme Title FET UG modular scheme Professional Statutory or
Regulatory Body Links Name of PSRB
Type of approval Dates
British Computer Society
Highest Award Title BSc (Hons) Forensic Computing and Security Default Award Title
Interim Award Titles BSc Forensic Computing and Security Dip HE Forensic Computing and Security Cert HE Forensic Computing and Security UWE Progression Route n/a
Mode(s) of Delivery Full time, Part time
Codes UCAS: G4H4 UCAS:
ISIS2: G4H4 ISIS2:
Relevant QAA Subject Benchmark Statements
Computing (primary) Law (secondary) CAP Approval Date
Valid From September 2012
Valid until Date
Version 1
Part 2: Educational Aims of the Programme Section 2: Educational Aims of the Programme
1. To prepare students for careers in computing.
2. To prepare students for study for higher degrees in related subjects
3. To develop problem-solving, communication and other transferable skills applicable to a variety of careers
4. To continue the development of those general study skills that will enable students to become independent, lifelong learners.
The BSc in Forensic Computing and Security has the following specific aims:
1. To prepare students for careers in computer crime-investigation (e.g. ‘forensic technician’) and computer security
2. To equip students with the knowledge, skills, and understanding that will enable them to continue to enquire into methods and techniques for the investigation of computer crime and the security requirements of computer systems
Part 3: Learning Outcomes of the Programme
The award route provides opportunities for students to develop and demonstrate knowledge and understanding, qualities, skills and other attributes in the following areas:
Learning Outcomes Teaching, Learning and Assessment Strategies
A Knowledge and Understanding A Knowledge and Understanding
On completion of the programme students will have developed an understanding of a complex body of knowledge, some of it at the current boundaries of the disciplines, in the areas of:
1. Information, data and its
representation and organisation in computer systems
2. Tools and techniques for
investigating computer crime such as data mining and profiling 3. English, EU and US legal systems
Teaching/learning methods and strategies: During the first year, students are introduced to basic programming skills and gain practical knowledge in constructing simple software systems. They
encounter the elementary components of computer systems. This knowledge is extended during the second year to give the knowledge necessary to understand different computer architectures and network topologies.
Beginning in the first year with both programming and computer systems modules and continuing into the second year with security and forensic tools, students learn how information can be represented as data within a computer.
and the procedures and laws that support them, as relevant to a Forensic Computing practitioner. 4. The management of and
requirements for security in computer systems and computer networks.
understanding of computer systems, algorithms and protocols and study security as it applies to stand-alone and networked computers with special emphasis on mobile and embedded devices. It is here that they learn the fundamentals of computer security.
The relevant parts of the Computer Crime and Digital Evidence module will conform to the QAA subject benchmarking for Law, treating the law component of the programme as‘ subsidiary’. Students will be introduced to the principle features of the English (and other major) legal systems, its institutions and procedures. Appropriate criminal process and procedure will be highlighted. The role of judges, barristers, solicitors and court staff will be explained. Throughout the programme students are exposed legal terminology and legal texts.
A first-year module introduces computer crime legislation including Computer Misuse Act 1990, EU CyberCrime Convention 2003 and relevant
international law.
Categories of computer crime: offences against confidentiality and integrity; computer-related; content related. National law pertaining to seizure and presentation as evidence is then covered, for example (for UK) Police and Criminal Evidence Act, 1984, Regulation of Investigatory Powers Act 2000. Finally difficulties and emerging issues in interpreting these laws are discussed.
Legal, commercial and other aspects of security are further explored in a practical context in the module Security Management in Practice where broader security issues of delivering end to end applications and services are studied –this module also provides a practical real-world-based project to exercise the security skills developed elsewhere in the
programme.
Securing and examining evidence will be introduced using the platform of industry-standard software such as EnCase and other generic security and
investigative tools. These tools will be available for student use in investigating sample data. In the final year the Forensic Computing Practice module provides for the investigation of and reporting on substantial sets of data. Security Management in Practice
contamination of the evidence or detection by
intruders, ensuring continuity of evidence and the use of auditable procedures.
Assessment:
Assessment will be by a combination of examination and coursework. For many aspects of this programme the coursework will contain a significant practical element.
Where appropriate other forms of assessment such as observation of a presentation or viva may be used.
The nature of security and forensics implies a
significant inter-disciplinary component. For example, the student might research into some aspect of the law as it applies to the discipline or a relevant legal case. The student would then be required to evaluate the evidence and relevant law precedents, form an opinion and produce a written report. Alternatively, the student might be given a unique set of data representing a possible computer crime scene and, applying their computer and legal skills, investigate this, produce a report suitable for use by the legal profession and then defend their work during a viva. Communication skills form an important part of the programme. These would be assessed mock trial and final year viva.
B Intellectual Skills B Intellectual Skills
On completion of the programme students will be able to:
1. Analyse problems and devise solutions, particularly in the area of forensic computing and security. 2. Think critically
3. Synthesis of different types of information
4. Appreciate problem contexts 5. Balance conflicting objectives
Throughout this programme students are confronted with problem solving exercises in the context of computing in general and Computer Security and Forensics in particular. In the process of devising solutions to these problems, the intellectual skills listed here are encouraged and developed. As they move through the programme, these skills are developed at increasing levels of sophistication through the use of scenarios that move from the simple and well-bounded to the complex and ill-structured.
As an example, in the first year students are
introduced to investigative techniques and computer security via the Computer Crime & Digital Evidence module where they gain an appreciation of the issues surrounding computer security and computer
forensics, thus expanding their critical thinking in this area and their analytical skills in terms of
investigating cases of computer crime. At this stage they become aware of the need to appreciate the context of the cases they are dealing with and the need to balance the need for an efficient investigation with the needs of justice for all appropriate evidence
to be discovered. This leads to the need to develop critical thinking skills to target the investigation accurately and to synthesis and evaluate the
sometimes conflicting evidence they may encounter to arrive at a plausible scenario. During this first year they will develop computer programs, design web applications, use design notations and design methodologies that develop their evaluative and problem solving skills
In the second year these skills are further developed by designing and programming larger and more complex software systems, thus expanding the skills of problem solving and evaluation. It is at this stage that the fundamental computer security mechanisms and concepts are introduced and the concept of a trusted computing base is developed. This further expands all five of the intellectual skills.
Understanding of abstract concepts is developed through practical exercises using software security libraries, thus allowing students to engage critically with the tools and materials. More advanced tools relevant to both security and forensics are introduced at this stage, reinforcing the close dependency of security and forensics and developing an
understanding of the need to carefully evaluate complex real-world situations. These practical exercises in turn develop understanding of software engineering of dependable computing systems, which reinforces analytical and problem solving skills. In the final year the Security Management module broadens the scope of security beyond the confines of computers and networks through the use of case studies of real industrial applications. Here the intellectual skills gained during the programme need to be demonstrated in a realistic setting. The
Forensic Computing Practice module also exercises these skills (and also develops them through further practice) by forcing students to engage with
potentially confusing computer forensic cases both from the point of view of the investigator and that of the perpetrator.
At all levels students are required to bring together knowledge and skills acquired in different subsidiary disciplines and hence determine new ways of approaching complex situations where it will be necessary to use all the intellectual skills acquired earlier in the programme to secure a computer system or achieve an appropriate and fair
representation of a representative computer crime scene.
Assessment
The investigation of computer crime evidence requires demonstration of all of the
intellectual skills. At level 1 the focus in programming coursework assessment, undertaken in a number of modules, is on the skills of Analysis (1), and Problem Solving (2). At levels 2 and 3 this branches out to include all the remaining skills. Many of the coursework
assessments and exam papers include elements of programming work.
Independent reading is used to enable students to focus on their own areas of interest and in the process assess skills 1-3 in the submitted reports, essays and exam answers.
Design-work, even when not implemented in a programming language, requires
demonstration of skills 1,2,4 and 5 and a number of coursework assessments and exam questions are devoted to such work. Finally, all of the examinations assess skills
2 and 3 whilst skills 1, 4 and 5 are covered in many exams.
C Subject, Professional and Practical Skills C Subject, Professional and
Practical Skills
On completion of the programme students will be able to:
1. Design and write software. 2. Employ a range of tools and
notations to support the activities listed here.
3. Communicate with legal
personnel at an appropriate level 4. Assess a computer crime scene
and formulate a strategy for securing the evidence,
investigating it impartially, and produce a report in appropriate language
5. Use software libraries and toolkits to implement security aware applications conforming to appropriate designs
6. Describe the key security mechanisms used in access control, authentication,
encryption and digital signatures and perform systems analysis in terms of computer security.
Teaching/learning methods and strategies: Throughout the program, the skills listed are developed through a combination of theoretical discussion, practical laboratory based work, classroom based tutorial exercises and directed self-study. Most of the skills listed (1, 2, 3, 4) are introduced at level 1 and then drawn into
sharper focus at levels 2 and 3 (years 2 and 3). The general teaching/learning method is therefore to impart these practical/professional skills by a process of moving from an overview of what is required to a specific application of an individual skill at a higher level. Security-based skills (5 and 6) are introduced at level 2 and continued into level 3.
Assessment
A combination of all or most of these skills will be required to successfully complete the final year project and thus most are assessed there.
The possession of these skills is also demonstrated both by the investigation of a potential computer crime scene and by examination. The practical nature of the skills to be acquired means that some are specifically addressed by particular modules (3, 4, 5,6). The more generic skills (1,2) are assessed across the programme.
D Transferable Skills and other attributes D Transferable Skills and other
attributes
On completion of the programme students will be able to :
1. Communication skills: to
communicate orally or in writing, including, for instance, the results of technical investigations, to peers and/or to “problem owners”.
2. Self-management skills: to manage one’s own time; to meet deadlines; to work with others having gained insights into the problems of team-based systems development.
3. IT Skills in Context (to use software in the context of problem-solving investigations, and to interpret findings)
4. Problem formulation: To express problems in
appropriate notations.
5. Progression to independent learning: To gain experience of, and to develop skills in, learning independently of structured class work. For example, to develop the ability to use on-line facilities to further self-study.
Teaching/learning methods and strategies:
Skill one is developed through a variety of methods and strategies including the following:
Students maintain laboratory log books Students participate in electronic
conferences,
workshops, and groupwork sessions. Students participate in discussion tutorials Students present research topic findings in
tutorials
Students participate in individual tutorials Students participate in mock trials,
cross-examination and other verbal interrogation Skill two is developed through a variety of methods and strategies including the following:
Students conduct self-managed practical work
Students participate in practically-oriented tutorial and laboratory sessions
Students work through practical work-sheets in teams
Students practice design and programming Skill three is developed widely throughout the programme.
Skill four is developed through a variety of methods and strategies including the following:
Students practice design and programming Students devise procedures for investigating
digital evidence
Skill five is developed through a variety of methods and strategies including the following:
Students are encouraged to practice programming to extend their skills
Students are encouraged to research relevant computing and law topics
Students are encouraged to use online facilities to discover information
6. Comprehension of professional literature: to read and to use literature sources appropriate to the discipline to support learning activities.
7. Working with Others: to be able to work as a member of a team; to be aware of the benefits and
problems which teamwork can bring.
Skill six is developed through a variety of methods and strategies including the following:
Students are encouraged to read legal case notes
Students are encouraged to maintain their awareness of computing, forensic and security issues via both printed and online materials
Skill seven is developed widely throughout the programme.
Assessment:
Transferable skills are demonstrated though not necessarily discretely assessed in the following ways:
1. Communication skills are demonstrated, essays, presentations and poster presentations.
2. The other skills are demonstrated through a number of similar instruments including the following:
Individual and group projects Practical assignments
Portfolio of exercises
3. In addition self-management skills are demonstrated by in personal academic tutorial sessions and generally throughout the course. Part 4: Programme Structure
This structure diagram demonstrates the student journey from Entry through to Graduation for a full time student, including:
level and credit requirements interim award requirements
Y ea r 1 Introduction to OO Systems Development UFCF93-30-1 Computer and Network Systems UFCFB3-30-1 Web Programming UFCFP4-30-1 Computer Crime and Digital Evidence
None Cert HE in Forensic
Computing and Security
120 credits, of which not less than 100 are at Level 1 or above Y ea r 2 UFCFW5-30-2 Mobile and Embedded Devices UFCFLC-30-2 Secure Computer Networks UFCFJ6-30-2
Security and Forensic Tools UJUUJD-30-2 Science in Court Optional Modules None Interim Awards Dip HE in Forensic Computing and Security
240 credits, of which not less than 100 are at Level 2 or above and a further 120 are at Level 1 or above.
Year Out: Students may optionally complete a placement year. For students on placement, there is an opportunity to complete a professional practice module and be awarded 15 level 3 credits. The professional practice module is shown in the option list for year 3 but is actually completed during the year out.
Y ea r 3 Compulsory Modules UFCFR4-45-3 Computing Project UFCFC5-15-3 Forensic Computing Practice UFCFRB-15-3 Security Management in Practice Optional Modules 1 UFCFM6-15-3 Requirements Engineering UFCFU3-15-3 Advanced Databases UFCFT4-15-3 Cryptography UFCF95-15-3 Entrepreneurial Skills Interim Awards BSc Forensic Computing and Security
300 credits with at least 60 credits at level 3, plus a further 100 credits at level 2 or above and a further 120 credits at level 1 or Highest award BSc (Hons) Forensic Computing and Security 360 credits, of which at least 100 must be at Level 3 or above, at least a further 100 at Level 2 or above and a further 140 at Level 1 or above. Option Modules 2 UFCFE6-15-3 Professional Experience UFCFP5-15-3
NB: For part time mode of delivery provide a diagram to demonstrate the student journey from entry to graduation for a typical part time student
Part 5: Entry Requirements
The University’s Standard Entry Requirements apply with the following additions.
Successful applicants normally require a minimum of (the equivalent of) 300 UCAS points
Part 6: Assessment
Delete one of the following statements as appropriate A: Approved to University Regulations and Procedures
Assessment Map
The programme encompasses a range of assessment methods including; essays, posters, presentations, written examinations, demonstration of practical work. These are detailed in the following assessment map:
Assessment Map for BSc (Hons) Forensic Computing and Security Type of Assessment*
Instructions:
Add the Component (A or B) to the
appropriate column for each Module Number and add the weighting for that assessment in brackets e.g. B1(50), A(50)
Weighting should sum to 100.
Add further columns
as necessary* U nse en Wr it ten E xam O pe n Boo k Wr it ten E xa m In -cl ass W ri tt en Te s t M ul ti pl e -C ho ice Test P ractica l E xam P ractica l S ki lls A ssess m en t O ral a ssess m en t an d/o r presenta ti on Wr it ten A ssi gn m en t R ep ort / P roj ect D issert atio n P ort fol io Compulso ry Modules Level 1 UFCFC3-30-1 A (75) B (25) UFCF93-30-1 A (5 0) B1( 15) B2( 35) UFCFB3- A(2 B(1 B(6
30-1 5) 5) 0) UFCFP4-30-1 A(5 0) B(5 0) Compulso ry Modules Level 2 UFCFW5 -30-2 A1( 50) B1( 35) B2( 15) UFCFLC -30-2 A (50) B(5 0) UFCFJ6-30-2 A(3 0) B(7 0) UJUUJD -30-2 A(5 0) B1( 20) B2( 30) Compulso ry Modules Level 3 UFCFR4-45-3 A3( 15) A1( 10) A2( 75) UFCFC5-15-3 A1( 25) A3( 25) A2( 50) UFCFRB -15-3 A(1 00) Optional Modules Level 2 Optional Modules Level 3 UFCFM6 -15-3 A(1 00) UFCFU3-15-3 A50 ) B(5 0) UFCFT4-15-3 A(5 0) B(5 0) UFCF95-15-3 A(2 5) B(7 5) UFCFE6-15-3 A(1 00) UFCFP5-15-3 A(2 5) B(7 5)
*Assessment should be shown in terms of either Written Exams, Practical exams, or Coursework as indicated by the colour coding above.
Teaching, learning and assessment strategies to enable learning outcomes to be achieved and demonstrated
At UWE, Bristol there is a policy for a minimum average requirement of 12 hours/week contact time over the course of the full undergraduate programme. This contact time encompasses a range of face:face activities as described below. In addition a range of other learning activities will be embedded within the programme which, together with the contact time, will enable learning outcomes to be achieved and demonstrated.
On the BSc (Hons) Forensic Computing and Security programme teaching is a mix of scheduled, independent and placement learning.
Scheduled learning includes lectures, seminars, tutorials, project supervision, demonstration, practical classes; external visits. Scheduled sessions may vary slightly depending on the module choices made.
Independent learning includes hours engaged with essential reading, case study preparation, assignment preparation and completion etc. These sessions constitute an average time per module as indicated in the module specifications. Scheduled sessions may vary slightly depending on the module choices made.
Placement learning: Students are strongly encouraged to undertake a placement year. They are also encouraged to take the Professional Experience module whilst on placement
Description of Distinctive Features and Support
Class-based Activities The particular mode of delivery of a module is determined by its Module Leader, and typically involves a combination of lectures, practical sessions, individual and group activities and group project work. Many modules involve significant practical work and therefore a proportion of the student’s contact time for that module, usually 50%, is spent in the computer labs.
Academic Support Academic advice and support is the responsibility of the staff delivering the module. Outside of normal timetabled hours, advice and guidance on matters relating to the material being taught and on its assessment can be obtained either by arranging an appointment with academic staff or during published "surgery" hours. Appointments are most commonly arranged by email.
In addition all students are allocated Academic Personal Tutor (APT) to whom they can turn for general academic advice related to their studies. From time to time students can expect their APT to invite them to meet to discuss their progress.
As a supplement to this formal academic support, all modules at level 1 (i.e. first year modules) include timetabled Peer-Assisted Learning (PAL) sessions. These classes are extra to the sessions timetabled with academics and provide new students with a significant additional resource, over and above the normal 12 hours contact time. PAL sessions are led by trained PAL leaders; second and final year students who are able to use their experience during the first year to help the newer students overcome barriers to success in their studies. On-line Academic Support Extensive on-line support for this programme is provided through the University portal (myUWE). This provides access to the University’s e-library, which allows students to read academic journals and study-skills material. Of particular interest to students of this programme is access to the ACM, IEEE and British Standards Online databases. The portal also gives entry to UWE’s Virtual Learning Environment
(Blackboard) which is used by academics to make available general information about the module delivery, handbooks, lecture notes and other materials. In addition, the portal publishes individual student timetables, marks and other aspects of the operation of the programme and University life.
Pastoral Support Pastoral care is provided through the University-wide Student Advisers, a team of staff who provide comprehensive, full-time student support service. Advisers are trained to provide advice on matters commonly of concern, including regulatory and other matters; the Adviser will, when necessary, direct the student to specialist professional services including the University's counselling service, careers, financial services etc..
Independent Study
All modules require students to carry out independent study, such as preparation for classes, research for projects and completion of assignments, and a full range of facilities are available at all sites to help students with these. The philosophy is accordingly to offer students both guided support and opportunities for independent study. Guided support is mainly in the form of timetabled sessions. Students are expected to attend all sessions on their timetable.
The habits and practice of independent study is then developed through the support offered in individual modules. Typically, module leaders will provide a plan for the module indicating the activities to be carried out and the forms of learning to be undertaken during the delivery of the module, with a view to encouraging students to plan ahead and to take responsibility for managing their time and resources.
Computing Facilities In 2012 the Faculty has undertaken a major new build f computing facilities in which it offers a specialised computing facility alongside the general University provisions. There are multiple computing laboratories of 20 plus seats running Windows, Linux and dual-boot systems required for this program. Computers within the specialist laboratories include the standard University build augmented by software resources and hardware equipment necessary for the delivery of the modules. For example, the specialist Forensic and Security laboratory runs virtual machine and industry-standard specialist software.
In addition, one of the most popular areas within the Faculty is the Open Access laboratory. This area is never timetabled and gives students the opportunity to access machines at all times during opening hours.
Part 8: Reference Points and Benchmarks
Description of how the following reference points and benchmarks have been used in the design of the programme:
QAA subject benchmark statements
The QAA Subject Benchmark Statements for Computing and for Law were published in 2007, and are applicable to this proposal.
The programme clearly falls into the cognate area described by the Computing benchmark. Due to the nature of Forensic and Security practice, much of the computing material is of a technical, low-level nature, with relatively little computing theory. Thus, in terms of the
benchmark’s high-level characterisation of Computing, the emphasis of the programme is on software, communication and interaction and practice, developed within the context of the specialised requirements of the programme. From the body of knowledge the following are considered essential to a study of Forensic Computing: Artificial Intelligence, specifically in the context of data mining; Computer Based Systems; Computer Networks; Data Structures and Algorithms, with emphasis on data structures; Distributed Computer Systems; Operating Systems; Programming Fundamentals; Security and Privacy; Web-based Computing.
The Computing Benchmark Statement also contains (section 5) statements of the standards expected of graduates at both modal and threshold levels. The team is of the view that graduates of the proposed programme will be able to meet the required standards.
The Law benchmark has been considered during the design process at the ‘Law as Subsidiary’ level of performance, which focuses on the development of legal skills related to some specific area (in this case Forensic Computing and Security). Though the Statement is targeted at programmes with at least 180 credits of legal subjects, its expectations also apply to programmes such as this, where the legal aspects make up a relatively small, but very important component. No attempt has been made to include all aspects of law or to provide the foundation for a legal career as such – instead the most important points of law and court procedure are covered. The aim of the design team has been to provide sufficient legal knowledge to be aware of the rules and legal system pertaining to Forensic Computing: as suggested in the Benchmark, the relevant law is treated mainly as data from which legal conclusions or opinions can be derived. It is expected that student will be able to assimilate legal information from a variety of sources and apply the knowledge acquired to computer crime investigation and security analysis.
University strategies and policies
The development of this programme reflects well institutional policies and is fully consistent with the University’s commitment to ‘make a positive difference to our students, business and society’.
This programme supports the University’s Strategic Partnership themes as represented by the INSPIRE acronym:
• Innovation • Nurturing Talent • Student Experience • Participation • Internationalisation • Research • Exchange
Employer interaction and feedback
The content of the proposed programme has been very much shaped by feedback from employers (both of placement students and of graduates) and by graduates of the former BSc (Hons) Forensic Computing and BSc (Hons) Computer Security. The emphasis is to prepare students with a solid grounding in Forensic Computing and Security to enable them to take up a variety of technical positions in the forensics and security industry. The success of this approach has been borne out by the wide variety of organisations in which students have been placed or employed and by the overwhelmingly positive feedback of their employers.
This specification provides a concise summary of the main features of the programme and the learning outcomes that a typical student might reasonably be expected to achieve and demonstrate if he/she takes full advantage of the learning opportunities that are provided. More detailed information on the learning outcomes, content and teaching, learning and assessment methods of individual modules can be found in module specifications, available on the University’s website.
