MSc Computer Security & Resilience Steve Riddle Degree Programme Director

MSc  Computer  Security  

&  Resilience

2015-­16

Steve  Riddle

Welcome!

1. Computer  Security  &  Resilience

2. Computing  Science  at  Newcastle  –

our  School

3. Principles  of  Study  at  MSc  Level

4. The  MSc  CSR  Programme

1.  Computer  Security  &  

Resilience

In  the  MSc  CSR  degree,  we  look  at  systems  that  fail,   the  malicious  and  accidental  causes  of  failures,  the   ways  that  we  defend  against  them,  and  the  

techniques  for  recovering  from  them. Why  is  this  important?  

Emms M,  Arief B,  Little  N,  van  Moorsel A.  Risks  of  Offline  Verify  PIN  on   Contactless   Cards.  In:  Ahmad-­‐Reza  Sadeghi,  ed.  Financial  Cryptography   and  Data  Security.  Berlin:  Springer  Berlin  Heidelberg,  2013,  pp.313-­‐321.

Computer  Security  &  Resilience

• _{Systems  developers  think  mostly  about  what  their}  

products  can do,  but  …  

• _{We  will  be  thinking  about  how  systems  fail} ¡ Use  in  unforeseen situations

¡ Attacks  

¡ Design  defects

¡ Hardware,  software  and  human  failures

• _{Theory  and  practice  of  developing  systems  to  be}  

secure  but  also  resilient  to  faults  when  they   happen.  

Computer  Security  &  Resilience

• _{The  skills  you  develop  will  mainly  be  to  do  with:}  

• _{Balancing  security  against  utility}

• Identifying  vulnerabilities  &  risks  :  technical  and  human

• Developing  systems  that  can  recover  quickly

• Undertaking  research  to  advance  the  field

• _{Programme  accredited  by  BCS}

2.  Computing  Science  at  

Newcastle

Welcome  to  our  School!  

The  School  is  a  diverse  group  of  Computer  

Scientists,  including  teachers,  research  scientists,   graduate  and  undergraduate  students.  

Computing  Science  at  Newcastle

• Founded  1957

• the  first  undergrad  programming   courses  in  the  UK.  

¨ ~  500  UG,  140  MSc,  98  PhD  

students  

¨ 40  faculty,  40  research  staff

58  years   on  ...

Computing  Science  at  Newcastle

Groups

¨ Secure  &  Resilient  

Systems

¨ Advanced  Model-­‐Based  

Engineering  and   Reasoning

¨ Open  Lab

¨ Interdisciplinary  

Computing  and  

Complex  BioSystems

Specialist  Centres

¨ Software  Reliability ¨ Cybercrime  &  

Computer  Security

Studying  in  our  School  

A  university  in   the  1350s

Studying  in  our  School  

•

Universities  in  the  Western  

European  tradition  are  

communities  of  

scholarship

•

We  promote  learning  

through  

questioning    and  

discussion

•

_{You  are}  

_{full  members}  

_of  

Studying  in  our  School  

The  Student  Charter  has  a  clear  list  of  expectations  and   obligations  on  both  sides,  including  ...  

http://www.ncl.ac.uk/pre-­‐arrival/regulations/charter.htm

The  University  undertakes  to:  

• show  high  standards  of   professional  conduct

• treat  students  as  full  members  of   the  academic  community  

• promote  equal  opportunity

• provide  high  standards  of  teaching

• give  access  to  facilities   to  help   develop  personal  skills  &  

employability

• give  clear  deadlines  and   timeframes  for  feedback

Students  undertake  to:  

• Show  high  standards  of  personal  

conduct  in  interactions  with  University   and  local  community

• treat  staff  and  fellow  students   respectfully

• attend  meetings  with  tutors

• familiarise  themselves  with  information   provided;  follow  recognised  procedures

• be  punctual,  attend  all  timetabled   sessions  and  participate  fully

• take  responsibility  to  manage  their   learning  and  ensure  that  they  regularly   spend  sufficient  time  in  private  study

3.  Principles  of  Study  at  

MSc  Level

A  Master  of  Science  (MSc)  is  a  “step  up”  from  first   degree  studies.  You  will  learn  greater  independence   of  thought  and  opinion,  manage  your  own  time  and   work  both  individually  and  in  a  team    

MSc:  Principles  of  Study  

We  have  a  mixture  of  lectures,  practical  classes  and   group  work.  

You  are  a  full  member  of  the  School,  so  please

• _{Engage  with  your  teachers!}

• _{Ask  and  try  to  answer  questions  ...}  

• _{...  there  is  no  such  thing  as  a  “stupid  question”} • _Argue!  

• _{Ask  for  help  as  soon  as  you  need  it!}

• _{The  style  is  very  informal  (it’s  OK  to  use  first}  

MSc:  Principles  of  Study  

Getting  good  grades:  

o May  be  different  from  your  previous  study!  

o We  do  not  value  mere  repetition/demonstration  

of  things  you  have  learned.  

o Just  following  the  instructions  may  get  you  50%,  

but  not  much  more:  

• _{See  the  Faculty  Marking  Criteria  for  our  general}  

marking  guidelines.  

• _{Your  teachers  will  help  you  to  understand  how}  

MSc:  Principles  of  Study  

Standards

• Most  work  is  graded  0-­‐100%:  basic  pass  mark  is  50.   • _{Our  marking  follows  a  scale  that  is  common  in  the}  

UK,  but  may  be  different  from  your  past   experience.

• _{Please  pay  attention  to  the  outline  marking  criteria}  

on  the  next  slide  as  an  approximate  guide.    

• _{Detailed  descriptions  of  marking  criteria  are  shown}  

50 60 70 40 25 Distinction Merit Pass

Fail  (Borderline)

Fail

Clear  Fail  

90+   Professional  standard  (very  rare)

80+   Deep  understanding,  creative  thinking

70+   Comprehensive  understanding,  well-­‐structured

60+   Sound  understanding  of  material  in  the  course,  some   critical  analysis  

50+   Adequate  minimum  showing  you  learned  the  taught   material

40+   Basic  understanding  in  some,  not  all,  areas

25+   Some  relevant  content,  shallow

0-­‐24   Very  little  relevant  material

MSc:  Principles  of  Study  

Our  teaching  is  informed  by  our  research  

Seminars  are  held,  normally  on  Tuesdays,  2  – 3  pm  – look  out   for  announcements

Some  recent  topics:

– _{In-­‐transit  analytics  on  distributed  Clouds:  applications  and}  

architecture

– Verification  of  Safety-­‐Critical  Java  Programs

– _{Identity-­‐Based  Encryption  Secure  against  Selective  Opening}  

Chosen-­‐Ciphertext Attack

– Eisbach:  Isabelle  Proof  Methods  for  Proof  Engineering

– From  Weakest  Link  to  Security  Hero:  Encouraging  Good   Security  Behavior

4.  The  MSc  CSR  

Programme

• Programme Information

• Structure  of  the  Programme

• Selection  of  Programming  Module

• Progression  

• Your  Support  Team  

MSc  CSR  Programme

The  Programme  Handbook:

– _{At http://www.ncl.ac.uk/computing,}  

– _{>  Current  Students}  

– _{>  Student  Handbook}

– essential  general  information

– _{>  Degree  Programme  Handbooks}   – >  Postgraduate  -­‐>  MSc  CSR

MSc  CSR  Programme

Structure  (Full  Time)

1. Component  1:  taught  elements • _{9  modules:}  

• _{6  studied  in  Autumn  Term  (10  credits  each)}

• _{Assessed  by  coursework  and  January  exams}

• 3  studied  in  Spring  Term  (10+5+15  credits)

• Assessed  by  coursework.  

2. Component  2:  individual  research  project • _{1  module  assessed  by  coursework    &}  

dissertation

0 Welcome  Week

1

CSC8201

(Dependable   Systems)

CSC8404

(Advanced  Java)  

or

CSC8406

(Object-­‐oriented   Programming) 2 3 4 5 CSC8105 (Validation) CSC8202

(Information   Security  &  Trust) 6

7 8

9 _CSC8204

(High  Integrity   Software)

CSC8102  

(System  Security) 10

11

Winter  vacation 12 Revision

13

Examinations

14

18th_{December  – 10}th_January

18th_{– 29}th_{January  (including  Saturdays)}  

http://www.ncl.ac.uk/examinations/

We are here

• 3  chunks,  two  10-­‐credit  modules  at  a  time • Coursework  during  each  module

• Complete  each  module’s  coursework   before  the  next  one  starts!  

Start  on  Monday  11th  January

1 _CSC8203

(H.  Factors)

10  credits CSC8205_(Research   Skills)   5  credits

2

3 _CSC8206

(Team   Project) 15  credits

4 5 6

Spring  Vacation 7

Individual  Project

(to  end  August)

8 9 10 11 ... ...

Semester  2  modules  are  assessed   by   coursework  only  (no  examinations!)  

2nd _{&  3}rd _{Semesters  (schedule  may  change  slightly):}  

Project  assessed   by  interim  report,   presentation,  and  dissertation.  

Final  results  usually  released  by  November

MSc  CSR  Programme

Which  Programming Module?  

Are  you  a  confident  

programmer  with  experience   of  all  of:    

• variable  declarations  and   assignment,  

• arithmetic  and  boolean expressions,  

• control-­‐flow  (if-­‐then-­‐else,   iteration  etc),  

• and  use  of  data  structures   (minimally  arrays)?

YES NO Unsure

You  can take  CSC8404 You  should take  

CSC8406

Probably  CSC8406.  You   may  attend  CSC8404  on  

5  October  at  09.00-­‐ 10.00 in  CLT 701 to  help  

MSc  CSR  Programme

Progression  

•

To  start  Component  2  (research  project)  you  must:  

•

have  a  weighted  average  mark  for  Component  1   of  at  least  50,  and  

•

have  failed  no  more  than  20  credits.  

•

Details  are  in  the  Handbook

MSc  CSR  Programme

Award  of  Degree

Following  the  completion  of  your  dissertation,  you  will   be  recommended  for  award  of  the  MSc if:

•

You  have  passed  at  least  160  credits  (i.e.  no  more  than  20   credits  failed)

•

Pass  180  credits  (all  modules),  average  of  at  least  70  across   all  modules,  and  at  least  70  in  dissertation  -­‐>  MSc  with  

Distinction

•

Pass  180  credits  (all  modules),  average  of  60-­‐70  across  all   modules,  at  least  60  in  dissertation  -­‐>  MSc  with  Merit

MSc  CSR  Programme

Your  Support  Team:  

•

Module  Leaders

o Each  module  has  1-­‐2  leaders  plus  demonstrators  and  

teaching  assistants

o Help  with  all  academic/  technical  matters

•

IT  support

o email  to  cs-­‐[email protected]

•

Your  Personal  Tutor

o Help  with  all  personal  matters

•

Student  Wellbeing  Service

MSc  CSR  Programme

Your  Support  Team:  

•

Degree  Programme  Director  (DPD)

o Help  with  progression  and  regulations.  

o Responsible  for  the  degree  programme  overall  and  the  

quality  of  your  experience  here.

o Let  me  know  of  any  problems  as  quickly  as  possible  

Dr  Steve  Riddle

[email protected]

Room  11.09  (11th _{floor  of  the  Claremont  Tower)}

MSc  CSR  Programme:  Timetable

•

_See

_{http://www.ncl.ac.uk/timetable/}

•

Varies  week  by  week.  Read  carefully!  

•

_{Module  leaders  might  arrange  additional}  

MSc  CSR  Programme:  Locations

• Most  classes  are  in:    

– Claremont  Tower  7th _{Floor,  Room  1  (CLT.701)}  

– _{Some  are  in  CLT.602A,  on  the  6}th _floor.

• _{Your  laboratory is  CLT.601}

– Go  find  a  machine  in  CLT.601: write  your  name  and   student  number  on  the  pre-­‐printed  label  beside  the   machine.  It  will  be  yours  to  look  after  this  year.  

– _{Your  smartcard  should give  you  access  to  the  lab  (if  not}  

today,  then  soon!).  

5.  What  Happens  Next?

• Meeting  your  personal  Tutor

• Introduction  to  the  School,  Library  and  our   information  systems

What  Happens  Next?

• Today:  

– Pick  a  machine  in  CLT.601

– Arrange  a  time  to  see  your  tutor  (sign-­‐up  sheet  on  your  tutor’s   door:  meetings  take  place  on  Tuesday)

– Information  on  tutors  will  follow  this  talk

– Sign  up  with  a  doctor  in  King’s  Road  Centre  this  week

– If  you  are  required  to  take  an  English  Language  “Assessment”   you  must do  so  as  soon  as  possible

• If  you  wish  to  change  programmes:

– If  you  are  in  the  UK  on  a  visa,  you  must  first  contact  the  Newcastle  Visa  Team  

(King’s  Gate,  Level  2).  

– Discuss  with  the  Director  of  the  programme  you  wish  to  leave  and  the  one  you   wish  to  enter.  

What  Happens  Next?

• Tuesday:  

– Meet  with  your  tutor  as  arranged  (please  be  on  time)  

– Bring  your  completed  Module  Selection  Form  and,  after  signing,   hand  in to  Reception  (Floor  8).

• Wednesday:

– 09:00:  International  students  (non-­‐EEA): Visa  talk,   Bedson Building  BEDB.G.04.LT1

– 12:00:  Library,  NUIT  Info,  School  Tour.  Room  CLT  1.02

• Thursday:

– 10:00:  Welcome  Seminar  CLT  7.01

• Friday:  

– 10:00-­‐1:  Student  Union,  NESS,  Blackboard,  Plagiarism,   Safety,  Careers  support    (in  CLT  1.02).  

What  Happens  Next?

•

_{Next  Week:}

_{Get  to  the  first  classes  of  each}  

module  next  week

Appendix

Standards:  Distinction  (70-­‐100%)

•

Breadth  &  depth  of  

knowledge

•

Detailed  

understanding

•

Substantial  evidence  of  

critical  analysis  

and  the  

ability  to  apply  knowledge  to  unseen  situations.

•

_{Material  will  be  presented  within  a}  

_clear  

logical/systematic  framework

throughout  and  

will  demonstrate  reading  beyond  the  course  

material  and  the  ability  to  employ  

critical  

reflection

.

•

_{Assignments  such  as  an  individual  project  report}  

Standards:  Distinction  (70-­‐100%)

Distinction

90-­‐100%

80-­‐89%

70-­‐79%

Professional  Standard

• Rare,  but  you  can get  this  grade   for  an  individual  element

• Outstanding  exam  answer

• Publishable  project  work

Exceptional

• No  substantive  errors/omissions

• But  may  be  just  short  of  perfect!

Excellent

• comprehensive  understanding

Standards:  Merit  (60-­‐69%)

• Sound/thorough  understanding  of  material  beyond   that  presented  in  the  course,  with  breadth  of  

knowledge  but  lacking  in  some  depth,  or  vice  versa.  

• Critical  analysis  and  the  ability  to  apply  knowledge  to   unfamiliar  situations will  be  present

• Relevant  to  the  course,  but  not  a  full  treatment,  

relying  to  some  extent  on  course  material  and  likely  to   contain  a  few  errors  or  omissions.  

• Well  presented  and  structured  but  with  some   limitations  as  to  insight  and  critical  evaluation.  

Standards:  Pass  (50-­‐59%)

•

_{Relies  substantially  on  course  material  only}  

•

_Demonstrates  

_{breadth of  knowledge}  

_{but  lacking}  

depth.  

•

_{Critical  analysis  will  be  limited  and  there  will  also}  

be  only  limited  evidence  of  being  able  to  apply  

knowledge  to  unfamiliar  situations.  

•

_Relevant

_{to  the  topic  but  relies  largely  on  course}  

material  and  contains  some  errors  of  

understanding  and  of  fact.  

Standards:  Fail  (40-­‐49%)  

•

_{Understanding  lacks  depth.}  

•

_{Omission  of  some  relevant  material  and/or}  

partial  use  of  irrelevant  material.  

•

_{errors  of  understanding  and  fact.}  

•

_{May  be  adequately  structured  and  presented  but}  

unbalanced/  with  some  components  poorly  

constructed,  e.g.  inadequate/poor  referencing.  

•

_{Situation  is  potentially  recoverable  with  some}  

Standards:  Fail  (0-­‐39%)  

•

_{Weak  attempt  that  demonstrates  lack  of}  

overall  knowledge  of  the  subject  area,  

•

_{Inability  to  develop  a  cogent  argument  in  any}  

aspect.  

•

Sketchy  and/or  irrelevant.  

•

_{Student  may  have    failed  to  apply  themselves}  

to  the  task  in  hand  and/or  presented  a  

superficial  view  of  it.  

Standards:  Fail  (0-­‐39%)  

Fail

35-­‐39%

25-­‐34%

0-­‐24%

Limited  Understanding

• Evidence  of  some  learning

• but  evidence  poorly  presented

• or  omissions   in  that  evidence

Inadequate  understanding

• shallow,  significant  errors  or   omissions

• difficult  to  read,  serious  errors  of   understanding

Clear  Fail

• little   or  no  attempt