IN9280 – Security by Design
Changes in the course due to coronavirus
Autumn 2020 we plan for teaching and examinations to be conducted as described in the course description and on semester pages. However, changes may occur due to the corona situation. You will receive notifications about any changes at the semester page and/or in Canvas.
Spring 2020: Teaching and examinations was digitilized. See changes and common guidelines for exams at the MN faculty spring 2020.
Security by Design means that security is integrated in the entire development lifecycle of IT systems, including programming, testing, deployment, configuration and operation. This course teaches how to build adequate security into systems that thereby are able to maintain their functionality while being exposed to cyberthreats.
After completing this course, you will have:
- Knowledge about how to include security requirements in system specifications, design, and testing,
- Understanding of the trade-off between security risk, and the cost of implementing security controls,
- Knowledge about GDPR (General Data Protection Regulation) as well as the major frameworks for threat modelling, vulnerability management, and secure systems development
- Study of specific aspects of GDPR.
And you will be able to:
- Perform threat modelling and security/privacy risk assessment of system functionality and components
- Apply the principles of privacy by design and security by design during practical systems development,
- Assess the maturity of secure systems development
Admission to the course
PhD candidates from the University of Oslo should apply for classes and register for examinations through Studentweb.
If a course has limited intake capacity, priority will be given to PhD candidates who follow an individual education plan where this particular course is included. Some national researchers’ schools may have specific rules for ranking applicants for courses with limited intake capacity.
PhD candidates who have been admitted to another higher education institution must apply for a position as a visiting student within a given deadline.
Recommended previous knowledge
IN2000 – Software Engineering med prosjektarbeid or equivalent. The course requires good knowledge and skills in programming, familiarity with general principles of software development and knowledge related to web development. Knowledge of Java and/or PHP.
General knowledge of information security, e.g from IN2120 (previously INF3510).
- 10 credits overlap with IN5280 – Security by Design.
Lectures and practice 4 hours per week
There will be a home exam that constitutes 40% of the final grade and a final exam that constitutes 60% of the final grade. Both exams must have a pass grade.
It will also be counted as one of your three attempts to sit the exam for this course, if you sit the exam for one of the following courses: IN5280 - Security by Design
Examination support material
No examination support material is allowed.
Grades are awarded on a pass/fail scale. Read more about the grading system.