institution’s letter of support · web view2021. 7. 26. · if the master’s has a large...

Issue 2.122 July 2021

Certification of Postgraduate Master’s Degrees in Cyber Security

Application Template

Certification of Master’s Degrees Incorporating Cyber Security

This document provides an application template for an HEI to have its Master’s degree in Cyber Security considered for certification. It is an HEI’s sole responsibility to ensure that its application is compliant and provides the information required.

Every application must be submitted on a separate template.

Applications that do not use the template will not be considered for assessment.

Please feel free to delete this page from your completed application.

© Crown Copyright 2021, The National Cyber Security Centre

of 83


Instructions on how to use the template1. Text in purple describes what is required in each section of the application.

The places in the template where applicants have to insert text, tables and figures are denoted by ‘<<< … >>>’

Please do not delete the text in purple. It does not contribute to an application’s page count.

2. Text, table entries and figures in brown are provided to help guide applicants on what may be an appropriate response to some sections of the application and are provided by way of example only. They should be deleted from the completed application.

3. Text in red describes the criteria for a section as well as providing a scoring framework for assessors.

Please do not delete the text in red. It does not contribute to an application’s page count.

4. A black font colour should be used for applications with a minimum font size of 10pt. However, it is recognised that to help fit some tables into the space available the text in some tables can be made smaller than 10pt. but no smaller than 8pt.

5. To help assessors with their assessment of applications, all applications should have a table of contents and make use of headers, footers and hyperlinks.

6. CVs, Table 4.4, module descriptions, assessment materials, external examiners’ reports (full certifications only), and response to external examiners (full certifications only) should be included in the word template as Appendices A to E.

Document HistoryIssue Date Comment

Issue 1.0 21 July 2020 First issue of application template for Master’s incorporating Cyber Security.

Issue 2.0 23 June 2021 Second issue.Issue 2.1 22 July 2021 Minor updates to second issue. Table 3.1, update to text regarding

single credit and hours of notional learning. Section 3.3, additional text added to include Master’s delivered by distance learning. Section 4.1.1, additional criterion (ii) introduced. Appendix B, removal of verification and formal methods Indicative Material from KA 0.


of 83


Key Changes from Issue 1.0 of Template dated 21 July 2020Section Change

Overall applications must now be submitted using the template

Throughout document text in purple describes what is required in each section of the application the places in the template where applicants have to provide text are denoted by ‘<<<

APPLICANTS … >>>’

Throughout document text in brown is to help guide applicants on what may be an appropriate response to some sections of the application and is provided by way of example only

Throughout document text in red describes the criteria and provides a scoring framework for assessors assessors make comments directly into the template

Section 2.3.1 new section requiring applicants to map the cyber security team members’ knowledge and expertise to CyBOK

Section 2.4 new section requiring applicants to describe the team’s operating model

Section 2.7 section on review and update process has been updated

Section 2.8 section on facilities has been updated

Sections 3 and 4 the original Section 3 has been split into two: new Section 3 covering high level description of the Master’s; new Section 4 covering the taught component of the Master’s degree

Section 3 is now more table based with applicants required to complete entries in tables

Section 4.3 clarification that it is not a requirement that every CyBOK KA has credits allocated to it; rather, across the CyBOK KAs as a whole there must be between 20 and 60 taught credits

Section 4.4.1 Table 4.4 (previously 3.4) showing detailed coverage of KAs to be placed in Appendix B clarification about associated assessments

Section 4.4.2 new section requiring applicants to provide a summary table of the credit allocation across the KAs

Section 5.1 requires description of assessment types being used on taught modules

Section 5.4 new table (Table 5.1) to be completed covering rigour of assessments

Section 5.6 new section covering the process for setting assessments

Section 5.7 new section covering the process for marking assessments

Section 5.8 new section covering plagiarism


of 83


Key Changes from Issue 1.0 of Template dated 21 July 2020 (continued)Section Change

Section 5.10 section dealing with external examiners’ reports has been updated

Section 6 renamed ‘Research Dissertations’ rather than ‘Original Research Dissertations’

Section 6.1 new section covering the timeline for research dissertations

Section 6.2 new section covering the governance of the research dissertation process

Section 6.4 new section covering allocation of students to supervisors

Section 6.5 new section covering legal and ethical issues in dissertations

Section 6.7 new section covering plagiarism

Section 7 minor updates

Appendix A staff CVs (as previous issue)

Appendix B Table 4.4, credit allocation across the CyBOK Knowledge Areas Table 4.4 minor updates to: AAA, Law and Regulation, Privacy and Online Rights, Risk

Management and Governance, Secure Software Lifecycle, Security Operations and Incident Management

Table 4.4 major update to Network Security Table 4.4 new KAs: Formal Methods for Security, Applied Cryptography

Appendix C module descriptions

Appendix D assessment materials

Appendix E external examiners’ reports


of 83


University of X

Application for Provisional/Full1 Certification of a Master’s Degree Incorporating Cyber Security

1 Please delete ‘full’ or ‘provisional’ as appropriate.

of 83


Table of contents1. Institution’s Letter of Support............................................................................................................................................10

1.1 Signed letter of support for both full and provisional applications...........................................................................10

1.2 For provisional applications......................................................................................................................................10

1.3 Assessment criteria...................................................................................................................................................10

2. Description of the Applicant..............................................................................................................................................11

2.1 Organisational structure............................................................................................................................................11

2.1.1 Assessment criteria...............................................................................................................................................11

2.2 Team structure..........................................................................................................................................................11


2.3 Team’s ability to deliver the non-cyber part of the Master’s....................................................................................13

2.3.1 Assessment criterion.............................................................................................................................................13

2.4 Team knowledge and expertise in cyber security......................................................................................................13

2.4.1 Mapping of team to CyBOK...................................................................................................................................13

2.4.2 Staff CVs................................................................................................................................................................15


2.5 Team operation.........................................................................................................................................................15


2.6 Recent investments...................................................................................................................................................16


2.7 External linkages.......................................................................................................................................................17


2.8 Review and update process.......................................................................................................................................17


2.9 Facilities.................................................................................................................................................................... 18


2.10 Overall assessment of section 2................................................................................................................................18

3. High Level Description of the Master’s Degree Incorporating Cyber Security....................................................................19

3.1 Key characteristics of the Master’s...........................................................................................................................19


3.2 Full and provisional certification applications...........................................................................................................20

3.2.1 Full applications....................................................................................................................................................20

3.2.2 Provisional applications........................................................................................................................................20


3.3 Delivery of the degree...............................................................................................................................................20


Page of

TABLE OF CONTENTS


3.4 Aims of the Master’s degree.....................................................................................................................................21



4. The Taught Component of the Master’s Degree Incorporating Cyber Security.................................................................22

4.1 Compulsory and optional taught modules on the Master’s overall..........................................................................22


4.2 Compulsory and optional taught cyber security modules.........................................................................................23


4.3 Number of taught credits that can be mapped to CyBOK Knowledge Areas (KAs)....................................................23

4.3.1 Compulsory modules............................................................................................................................................23

4.3.2 Optional modules..................................................................................................................................................24

4.3.3 Pathways...............................................................................................................................................................24


4.4 Detailed coverage of KA Topics.................................................................................................................................25

4.4.1 Completion of Table 4.4 in Appendix B.................................................................................................................25

4.4.2 Summary table of credit allocation across the KAs...............................................................................................27

4.4.3 Visual representation of credit allocation across the KAs.....................................................................................27


4.5 Justification of KA coverage......................................................................................................................................29


4.6 Module descriptions..................................................................................................................................................29


4.7 Professional knowledge and skills.............................................................................................................................30



5. Assessment Materials........................................................................................................................................................31

5.1 Overall approach to assessment...............................................................................................................................31


5.2 Marking scheme........................................................................................................................................................31


5.3 Overall grade for the Master’s..................................................................................................................................31


5.4 Rigour of assessment – cyber security modules only................................................................................................32


5.5 Justification of 40% pass mark..................................................................................................................................34


Page of

TABLE OF CONTENTS


5.6 Setting assessments..................................................................................................................................................34


5.7 Marking assessments................................................................................................................................................35


5.8 Detecting and dealing with plagiarism......................................................................................................................35


5.9 Examination papers – cyber security modules only..................................................................................................35

5.9.1 Provisional application..........................................................................................................................................36

5.9.2 Full application......................................................................................................................................................36

5.10 External examiners’ reports – full application only...................................................................................................36

5.10.1 Assessment criteria...........................................................................................................................................37


6. Research Dissertations.......................................................................................................................................................38

6.1 Timeline.................................................................................................................................................................... 38


6.2 Governance of the research dissertation process.....................................................................................................38


6.3 Guidance to students................................................................................................................................................39


6.4 Identification of dissertation topics...........................................................................................................................39


6.5 Allocation of students to supervisors........................................................................................................................40


6.6 Legal and ethical issues.............................................................................................................................................40


6.7 Monitoring of students’ progress..............................................................................................................................40


6.8 Detecting and dealing with plagiarism......................................................................................................................41


6.9 Research dissertations contributing fewer than 40 credits.......................................................................................41


6.10 Assessment of dissertations......................................................................................................................................41

6.10.1 Assessment criterion........................................................................................................................................42

6.11 For full certification only...........................................................................................................................................42

6.11.1 List of dissertation topics..................................................................................................................................42


Page of

TABLE OF CONTENTS


7. Student Feedback on the Master’s – Applications for Full Certification Only....................................................................44

7.1 Student satisfaction...................................................................................................................................................44



8. Appendix A: Cyber Security Staff CVs (Appendix to Section 2 of Application)....................................................................45

8.1 CV for Dr E. F.............................................................................................................................................................45

8.1.1 Personal statement of experience and expertise in cyber security.......................................................................45

8.1.2 Academic background...........................................................................................................................................45

8.1.3 Professional employment.....................................................................................................................................45

8.1.4 Contribution to cyber security at the University of X............................................................................................45

8.1.5 Esteem indicators.................................................................................................................................................45

8.1.6 Cyber security knowledge and expertise indicators..............................................................................................45

8.1.7 Any other information..........................................................................................................................................45

8.2 CV for I. J...................................................................................................................................................................46

8.2.1 Personal statement of experience and expertise in cyber security.......................................................................46

8.2.2 Academic background...........................................................................................................................................46

8.2.3 Professional employment.....................................................................................................................................46

8.2.4 Contribution to cyber security at the University of X............................................................................................46

8.2.5 Esteem indicators.................................................................................................................................................46

8.2.6 Cyber security knowledge and expertise indicators..............................................................................................46

8.2.7 Any other information..........................................................................................................................................46

9. Appendix B: Table 4.4 – Credit Allocation Across the CyBOK Knowledge Areas (Appendix to Section 4 of Application). . .47

10. Appendix C: Module Descriptions (Appendix to Section 4 of Application).........................................................................80

10.1 Cyber Security Foundations module.........................................................................................................................80

10.2 Cryptography module...............................................................................................................................................80

10.3 Network Security module..........................................................................................................................................80

10.4 Malware module.......................................................................................................................................................80

10.5 Forensics module......................................................................................................................................................80

11. Appendix D: Assessment materials (Appendix to section 5 of application).......................................................................81

11.1 Cyber Security Foundations assessments..................................................................................................................81

11.2 Cryptography assessments........................................................................................................................................81

11.3 Network Security assessments..................................................................................................................................81

11.4 Malware assessments...............................................................................................................................................81

11.5 Forensics assessments..............................................................................................................................................81

12. Appendix E: External Examiners’ Reports (Appendix to Section 5 of Application).............................................................82

12.1 External examiners’ reports......................................................................................................................................82

Page of

TABLE OF CONTENTS


12.2 HEI’s response to external examiners’ reports..........................................................................................................82

Page of

TABLE OF CONTENTS


1. Institution’s Letter of SupportUp to two sides of A4, excluding explanatory text and assessment criteria.

1.1 Signed letter of support for both full and provisional applicationsPlease provide a signed and dated letter from the Vice Chancellor (or equivalent) showing support for the HEI’s application to have a Master’s degree incorporating cyber security considered for certification by the NCSC.

The letter of support is not graded but must be present. Its purpose is to show that the senior management of the HEI is fully supportive of the application.

Please note that a letter from the Head of Department submitting the application is not acceptable.

The letter should be viewed as an opportunity for the HEI’s senior management to:

demonstrate commitment to the Master’s degree and the cyber security part specifically highlight recent HEI investment in the area of the degree and cyber security, along with any future planned

investment describe the importance of the area of the degree and cyber security in the HEI’s future strategy, etc. outline how Covid-19 is impacting the HEI generally and the Master’s degree specifically along with the steps being

taken by the HEI to deal with the issues being raised

1.2 For provisional applicationsFor those Master’s degrees that have not yet started, it is important that the HEI confirms the start date for the Master’s degree and that the degree will start by (up to and including) October 2023.

For those Master’s degrees that meet the requirements for full certification to be applied for, but the HEI has only chosen to submit a provisional application, it is important that the HEI confirms both that choice and its reasons for doing so.

<<< APPLICANTS INSERT VC’s LETTER DIRECTLY BELOW >>>

1.3 Assessment criteriai. A letter of support from the Vice Chancellor or equivalent must be provided.

ii. If applicable, the Master’s will start by (up to and including) October 2023.iii. If applicable, a provisional application has been justified where a full application could have been made.

For Assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable

i. ☐ ☐ ☐ii. ☐ ☐ ☐ ☐iii. ☐ ☐ ☐ ☐Comments (if applicable). <insert text here>

of 83

INSTITUTION’S LETTER OF SUPPORT


2. Description of the ApplicantUp to seven sides of A4, excluding explanatory text, assessment criteria, mapping of team to CyBOK and CVs.

2.1 Organisational structurePlease state the name of the lead group(s) / department(s) responsible for delivering the Master’s degree. Provide an organisational diagram (Figure 2.1) that shows where the lead(s) are situated within the overall structure of the HEI.

<<< APPLICANTS INSERT TEXT AND DIAGRAM DIRECTLY BELOW >>>

The text and figure in brown below are by way of example only.

The Cyber Security Group and the AI Group are responsible for delivering the Master’s. The Groups are led by Dr E. F. and Dr G. H. and are situated within the Department of Computing which is part of the Faculty of Science, Engineering and Mathematics.

Figure 2.1: HEI organisational structure.

2.1.1 Assessment criteriai. The lead group(s) / department(s) responsible for the Master’s appear(s) to be appropriate.

ii. The organisational structure must make it clear where the lead for the Master’s resides within the HEI.

For assessors onlyCriteria Achieved Not Achieved Unclear

i. ☐ ☐ ☐ii. ☐ ☐ ☐Comments (if applicable). <insert text here>

2.2 Team structurePlease complete Table 2.1 that gives the names, roles and responsibilities of the members of staff responsible for delivering the degree content, setting and marking examinations, supervising dissertations, etc. The relevant expertise column should highlight how staff members have the knowledge and experience to successfully carry out their responsibilities. For cyber

of 83

DESCRIPTION OF THE APPLICANT


security staff, it is highly recommended to provide hyperlinks to their CVs shown in Appendix A so that assessors can quickly cross check the information in Table 2.1 with the information provided in the CVs.

Where there is a core team delivering the Master’s, it may be helpful to separate the core team from ‘associate’ members of the team.

Where a significant activity (e.g., delivery of a module) is undertaken by a third party, which is not directly employed by the HEI, the contractual relationship with the party should be made clear.

<<< APPLICANTS COMPLETE TABLE 2.1 BELOW AND SUPPLY ADDITIONAL TEXT IF APPLICABLE >>>

The text in brown is by way of example only.Name of Staff

MemberRole Responsibilities Relevant Expertise

CV for Dr E. F. Senior Lecturer delivers modules on Cyber Security Foundations and Research Methods

supervises research projects

broad knowledge of cyber security as evidenced by publication record

Dr G. H.Error: Reference source not found

Reader and Master’s Course Director

ensures overall coherence and quality of Master’s

delivers Introduction to AI module oversees research projects

keynote presenter at recent deep learning conferences

successfully managed and delivered academic programmes over past 10 years

CV for I. J. Lecturer delivers Network Security module supervises research projects

works with government and industry on network security

has successfully supervised 10 cyber security Master’s projects over the past 5 years

Other staff members

…. …. ….

K. L.Error: Reference source not found

External consultant with 3-year contract October 2020 – September 2023

delivers Robotics module supervises research projects in robotics

runs successful industrial robotics company

provides advice on robotics to government and industry

to date, has successfully supervised 6 Master’s robotics projects drawing on real-world problems

Table 2.1: The team responsible for delivering the Master’s.

All team members listed in Table 2.1 are part of the ‘core team’ for delivery of the Master’s. As noted in Table 2.1, K. L. is employed under a (second) three-year contract with the HEI to deliver the Robotics module, to set and mark robotics assessments, and supervise students undertaking research projects in robotics.

of 83



2.2.1 Assessment criteriaiii. Team roles and responsibilities must be appropriate and clear.iv. If applicable, the separation between the core team and associate team must be clear.v. If applicable, the contractual relationship with third parties must be clear and appropriate.

For assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable

iii. ☐ ☐ ☐iv. ☐ ☐ ☐ ☐v. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

2.3 Team’s ability to deliver the non-cyber part of the Master’sPlease describe and justify why the team has the breadth and depth of knowledge and expertise necessary to deliver the non-cyber part of the Master’s to a high standard. As a minimum, this should include:

the team’s track record in research in the field the team’s track record in education in the field esteem indicators for key personnel in the non-cyber part of the team

<<< APPLICANTS INSERT TEXT BELOW >>>

2.3.1 Assessment criterionvi. The team delivering the non-cyber part of the Master’s should demonstrate that it has the appropriate breadth and

depth of knowledge and expertise.

For assessors onlyCriterion Achieved Not Achieved Unclear

vi. ☐ ☐ ☐Comments (if applicable). <insert text here>

2.4 Team knowledge and expertise in cyber security

2.4.1 Mapping of team to CyBOKFor cyber security staff, please complete Table 2.2 that shows their expertise mapped to CyBOK. Use colour coding to indicate an individual’s level of knowledge and expertise2. Use ‘T’ to indicate that an individual teaches a module that includes a significant amount of a particular Knowledge Area. Use ‘S’ to indicate that an individual is able to supervise projects in this Knowledge Area. Please ensure that the name of every member of staff is hyperlinked to their CV.

<<< APPLICANTS COMPLETE TABLE 2.2 BELOW >>>

2 The colours used in Table 2.2 are based on palette 2 from https://medium.com/cafe-pixo/inclusive-color-palettes-for-the-web-bbfe8cf2410e. However, applicants can use any suitable colour-blind friendly palette they think appropriate.

of 83


https://medium.com/cafe-pixo/inclusive-color-palettes-for-the-web-bbfe8cf2410e


The entries in the table are by way of example only.

StaffKnowledge Areas

INT RMG HF POR LR MAL ADV FOR SOIM CRY OS DSS FMS AAA SS WM SSL NS HWS ACRY CPS PL

Error: Reference source not found

T

CV for I. J. Error: Reference source not found

S S S T S S

Error: Reference source not found…

…

Key Description#BDD9BF No Knowledge

#929084 Basic Awareness

#FFCF57 Good Knowledge. For example, able to teach material from this KA and supervise Master’s students.

#A997DF Expert. For example, publishes research in the field and/or advises government, industry, academia on the KA.

Table 2.2: Expertise of cyber security members of the team mapped to CyBOK.

of 83



2.4.2 Staff CVsFor every cyber security member of staff named in Table 2.1, please provide a tailored CV (up to 2 sides of A4 in length). This should contain:

a personal statement of experience and expertise in cyber security using the CyBOK KAs as a framework details of academic background details of cyber-security related employment contribution to cyber security at the HEI cyber-security related and other esteem indicators – e.g., editorships, invited talks, membership of national and

international advisory groups cyber-security knowledge and expertise indicators, such as recent publications, work with industry/government,

research activities any other information that might be relevant in demonstrating cyber security expertise

CVs should go in an appendix to section 2.

<<< APPLICANTS INSERT TEXT AND LINK TO CVs DIRECTLY BELOW >>>

By way of example only. Please see Appendix A: Cyber Security Staff CVs (Appendix to Section 2 of Application)

2.4.3 Assessment criteriavii. The CVs must show that cyber security staff members have the relevant expertise to carry out their roles and

responsibilities shown in Table 2.1.viii. The levels of knowledge and expertise shown in Table 2.2 must be consistent with the CVs.

ix. Table 2.2 should be consistent with the table and histogram(s) of credit allocation across the KAs shown in sections 4.4.2 and 4.4.3 and must show that the team as a whole has the expertise to deliver the cyber security element of the degree.


vii. ☐ ☐ ☐viii. ☐ ☐ ☐ix. ☐ ☐ ☐Comments (if applicable). <insert text here>

2.5 Team operationPlease describe the operating model adopted by the team for the successful delivery of the Master’s. As a minimum, this should include:

team meetings: for example, the chair, regularity, standing agenda items, tracking actions, etc. team communication allocation of workload across staff members progress monitoring of teaching and research dissertations planning assessments and liaising with external examiners planning marking of dissertations and liaising with external examiners dealing with issues raised by students dealing with urgent and important events that affect the delivery of the Master’s such as Covid-19, staff sickness or

staff departures

<<< APPLICANTS INSERT TEXT DIRECTLY BELOW >>>

of 83



2.5.1 Assessment criteriax. It must be clear that the team operates effectively as a cohesive unit.

xi. It must be clear that the team has a process in place to deal with urgent and important events.


x. ☐ ☐ ☐xi. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

2.6 Recent investmentsPlease complete Table 2.3 that shows recent investments from the HEI, government, industry etc. in the groups running the Master’s degree programme. Please highlight the benefits to the academic team delivering the Master’s as well as students undertaking the Master’s.


The text in brown is by way of example only.Value of

InvestmentSource of

InvestmentFinancial Year Nature of Investment Benefit to Academic

TeamBenefit to Master’s

Programme

£50K HEI 2019 - 2020 Refurbishment of Cyber Security Group’s forensics laboratory including equipment and software.

Improved facilities for research and teaching.

Master’s students use the upgraded forensics laboratory.

£100K Manufacturer X 2018 – 20192019 - 2020

GPUs to the AI group. GPUs used for research and teaching.

Master’s students use GPUs for their research projects.

£200K HEI 2018 – 2019 New PCs, laptops and peripherals to Department of Computing.

Master’s students have access to more modern devices.

£20K HEI 2017 - 2018 Members of staff in Cyber Security Group able to gain professional cyber security qualifications (e.g., pen tester, risk analyst, etc.).

Improved knowledge and expertise of staff members.

Master’s students benefit from being taught by staff with recognised industry qualifications.

Table 2.3: Recent investments.

2.6.1 Assessment criteriaxii. It must be clear that the academic team responsible for the Master’s has benefitted from recent investments.

xiii. It must be clear that the Master’s programme has also benefitted from investments.


xii. ☐ ☐ ☐xiii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

of 83



2.7 External linkagesPlease complete Table 2.4 that shows external linkages benefitting the academic team and the Master’s programme. For example, visiting lecturers with specialist knowledge from other academic departments, government or industry; projects suggested, and monitored, by industry; etc.


The text in brown is by way of example only.Nature of External Linkage Benefit to Academic Team Benefit to Master’s Programme

External Advisory Board. Meets twice yearly, membership from industry, government and academia. Membership has strong cyber security representation.

Provides advice on cyber security issues affecting external organisations, employment opportunities for graduates, and curriculum development.

Helps ensure Master’s is kept up to date and relevant.

Company X provides series of invited lectures on forensics and suggests topics for research dissertations

Opportunity to network with external companies and gain insight into issues of concern to industry.

Master’s students provided with a set of interesting and relevant topics for their dissertations.

Company Y has donated equipment for joint projects

Opportunity to carry out collaborative research with industry.

Master’s students can make use of equipment in their research.

Membership of the CISSE UK network3. CISSE UK provides external speakers, course materials and cyber security challenges for students

Opportunity for academic staff to meet with colleagues in other universities and to develop ‘best practice’ educational materials.

Master’s students engage in cyber security challenges with students from other universities.

Table 2.4: External linkages.

2.7.1 Assessment criteriaxiv. It must be clear that the team has a range of external linkages that adds value to the academic team.xv. It must be clear that the team has a range of external linkages that adds value to the Master’s.


xiv. ☐ ☐ ☐xv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

2.8 Review and update processPlease describe the process used to review and renew the course content to keep it up to date. As a minimum, this should include:

how often are changes to the Master’s considered who is involved in the decision-making process what inputs are considered: e.g., input from academic staff, student feedback, industrial advisory group input,

industrial trends, government strategy, etc what criteria are used to evaluate potential changes who is responsible for signing off changes


3 https://cisseuk.org

of 83


https://cisseuk.org/


2.8.1 Assessment criteriaxvi. There must be a clear and appropriate process for reviewing and updating the Master’s programme.xvii. The frequency of reviewing and updating must be appropriate to ensure that the Master’s is kept up to date and

relevant.


xvi. ☐ ☐ ☐xvii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

2.9 FacilitiesPlease describe the facilities available to students undertaking the Master’s degree. For each facility, please include a brief justification that it is of sufficient quality and quantity to meet the needs of Master’s students. As a minimum please include:

computer laboratories dedicated equipment and software library on-line journal subscriptions for research dissertations


2.9.1 Assessment criterionxviii. Students undertaking the Master’s should have access to a sufficient number of well-equipped modern computer

laboratories with easy access to information on the latest developments in cyber security and the non-cyber part of the degree.


xviii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

2.10 Overall assessment of section 2For assessors only

Overall Grade Overall Comments

<assessors insert grade here> <if applicable, assessors insert text here>

of 83



3. High Level Description of the Master’s Degree Incorporating Cyber SecurityUp to ten sides of A4, excluding explanatory text and assessment criteria.

3.1 Key characteristics of the Master’sPlease complete Table 3.1.


The text in brown is by way of example only.Confirm that degree meets the characteristics of a Category 2, Specialised or Advanced Study Master’s4

Yes ☒ No ☐

Confirm that the degree is not categorised as a Master’s by Research or Integrated Master’s5

Yes ☒ No ☐

Confirm that one credit is equal to 10 hours of notional learning6 by a student

Yes ☒ No ☐

Name of degree Master’s in AI and Cyber Security

Degree awarded MSc

Total number of credits required for Master’s. If different from 180, please provide brief justification.

180

Number of taught credits. If different from 120, please provide brief justification.

120

Number of credits for research dissertation. If more than 80, please justify that there are a sufficient number of credits to cover the taught content.

60

Provisional or Full certification being applied for.

Provisional ☒ Full ☐

Table 3.1: High level characteristics of the Master’s.

3.1.1 Assessment criteriai. Confirmation that the Master’s is classified as a Category 2 Master’s.

ii. Confirmation that the Master’s is not an Integrated Master’s or Master’s by Research.iii. One credit must equate to a nominal 10 hours of work by a student.iv. Where the total number of credits is different from 180 this must be justified.v. Where the number of taught credits is different from 120 this must be justified.

vi. If the number of credits associated with the research dissertation is more than 80 then the applicant will need to justify that there are still a sufficient number of credits in the taught modules of the degree to cover both the cyber and non-cyber parts of the degree in sufficient breadth and depth.

vii. It must be clear whether full or provisional certification is being applied for.For assessors only

4 https://www.qaa.ac.uk/docs/qaa/quality-code/master's-degree-characteristics-statement8019abbe03dc611ba4caff140043ed24.pdf?sfvrsn=86c5ca81_12, page 55 Master’s by Research (MRes) and Integrated Master’s are both out of scope for this certification.6 https://www.qaa.ac.uk/docs/qaa/quality-code/higher-education-credit-framework-for-england.pdf

of 83

HIGH LEVEL DESCRIPTION OF THE MASTER’S DEGREE

https://www.qaa.ac.uk/docs/qaa/quality-code/higher-education-credit-framework-for-england.pdf

https://www.qaa.ac.uk/docs/qaa/quality-code/master's-degree-characteristics-statement8019abbe03dc611ba4caff140043ed24.pdf?sfvrsn=86c5ca81_12


Criteria Achieved Not Achieved Unclear Not Applicablei. ☐ ☐ ☐ii. ☐ ☐ ☐iii. ☐ ☐ ☐iv. ☐ ☐ ☐ ☐v. ☐ ☐ ☐ ☐vi. ☐ ☐ ☐ ☐vii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

3.2 Full and provisional certification applicationsPlease complete either section 3.2.1 or section 3.2.2.

3.2.1 Full applications<<< APPLICANTS COMPLETE TABLE 3.2a BELOW >>>

Confirm that the degree had a cohort of students successfully complete the degree in academic year 2020 – 2021.

Yes ☐ No ☐

Confirm that the Master’s is running in academic year 2021 – 2022. Yes ☐ No ☐

Table 3.2a: Full certification application.

3.2.1.1 Assessment criterionviii. The degree must have had a cohort of students successfully complete the degree in academic year 2020 – 2021 and

it must be currently running in academic year 2021 – 2022.


viii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

3.2.2 Provisional applications<<< APPLICANTS COMPLETE TABLE 3.2b BELOW >>>

If applicable, confirm that if the Master’s degree has not yet started it will start by (up to and including) October 2023.

Yes ☐ No: ☐ Not applicable ☐

Table 3.2b: Provisional certification application.

3.2.3 Assessment criterionix. Master’s degrees that have not yet started must start by (up to and including) October 2023.

For assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable

ix. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

3.3 Delivery of the degreePlease state the UK campus(es) responsible for delivering the Master’s, including those Master’s degrees delivered by distance learning.

Please describe the use of online learning, particularly in relation to Covid-19.

of 83



If applicable, please state whether the degree is offered on a part-time basis and provide a description of how the degree is structured to accommodate part-time students.


3.3.1 Assessment criteriaxi. It must be clear which UK campus(es) is/are responsible for delivering the Master’s.x. It should be clear that on-line learning is being used effectively, in particular for dealing with Covid-19.

xi. If offered as a part-time Master’s, part-time students should cover the same breadth and depth of content as one-year, full time students.


x. ☐ ☐ ☐xi. ☐ ☐ ☐xii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

3.4 Aims of the Master’s degreePlease provide a description of the overall aims of the degree, in particular how the cyber-security element complements, and is relevant to, the other subject area(s) of the degree.

Please describe how the Master’s is of value to students, employers and the academic community.


3.4.1 Assessment criteriaxii. The overall aims of the degree must be clearly articulated and coherent and the cyber-security element must

complement, and be relevant to, the other subject area(s) of the Master’s.xiii. The Master’s must be of value to students, employers, and the academic community.


xiii. ☐ ☐ ☐xiv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>




of 83



4. The Taught Component of the Master’s Degree Incorporating Cyber SecurityUp to fifteen sides of A4, excluding explanatory text, assessment criteria, Table 4.4 and module descriptions.

4.1 Compulsory and optional taught modules on the Master’s overallPlease complete Table 4.1a and Table 4.1b showing the number of credits associated with compulsory and optional taught modules (if applicable).

Please do not include credits belonging to the research project and dissertation in the tables.

To help assessors, please use short meaningful names (e.g., NetSec) rather than course codes (e.g., XYZ123) for module names.

<<< APPLICANTS COMPLETE TABLES 4.1a and 4.1b BELOW >>>

The text in brown is by way of example only.Name of compulsory module Member(s) of staff delivering module Number of credits

CySecFoundations L. M. 15

Crypt N. O. 15

NetSec P. Q. 15

IntroAI R. S. 15

ProbReason T. U. 15

MachLearn V. W. 15

ResMethods X. Y. 15

Total number of compulsory credits

105

Table 4.1a: Compulsory taught modules.

The text in brown is by way of example only.Name of optional module Member(s) of staff delivering module Number of credits

Malware A. B. 15

Forensics C. D. 15

NatLangProc E. F. 15

Robotics G. H. 15

ProjMgt I. J. 15

Total number of optional credits required to be taken

15

Table 4.1b: Optional taught modules.

4.1.1 Assessment criteriai. The overall structure of the taught component of the degree must be clear: namely, the set of taught modules,

which modules are compulsory and which are optional, and the number of credits awarded for each module.ii. Cyber security must not be the sole focus of the degree – i.e., the cyber-security component must be partnered with

a complementary subject or subjects.iii. The members of staff delivering the taught modules must be clearly identified and listed in section 2.


of 83

TAUGHT COMPONENT OF THE MASTER’S DEGREE


i. ☐ ☐ ☐ii. ☐ ☐ ☐iii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

4.2 Compulsory and optional taught cyber security modulesPlease complete Table 4.2a and Table 4.2b showing the structure of the taught cyber security component of the degree.

<<< APPLICANTS COMPLETE TABLES 4.2a and 4.2b BELOW >>>

The text in brown is by way of example only.Name of compulsory cyber

security moduleMember(s) of staff delivering module Number of credits

below L. M. 15

below N. O. 15

below P. Q. 15

Total number of compulsory cyber security credits

45

Table 4.2a: Compulsory taught cyber security modules.

The text in brown is by way of example only.Name of optional cyber security

moduleMember(s) of staff delivering module Number of credits

below A. B. 15

below C. D. 15

Total number of optional cyber security credits that could be taken

15

Table 4.2b: Optional taught cyber security modules.

4.2.1 Assessment criterioniv. Overall, there must be no more than 60 taught credits in cyber security that students could take.


iv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

4.3 Number of taught credits that can be mapped to CyBOK Knowledge Areas (KAs)Notes:

1. Please note that it is not a requirement that every CyBOK KA has credits allocated to it.2. Across the CyBOK KAs as a whole there must be a minimum number (20) of taught cyber security credits and no

more than a maximum number (60) of taught cyber security credits.

4.3.1 Compulsory modules. Please complete Table 4.3a that shows for each compulsory taught module:

to which CyBOK KA(s) the module can be mapped – if it does not map to a KA please state NONE the number of credits in the module the number of credits in the module that can be considered to be addressing the KA(s)

of 83



Please ensure that hyperlinks to the module descriptions are provided.

<<< APPLICANTS COMPLETE TABLE 4.3a BELOW >>>

The text in brown is by way of example only.Name of compulsory

moduleCyBOK KA(s) addressed Number of credits in

moduleEstimated number of

credits in module addressing KA(s)

below CyBOK Introduction, Risk Mgt and Governance, Legal, Adversarial Behaviours

15 15

below Cryptography, Applied Cryptography

15 15

below Network Security 15 15

Total number of compulsory module credits addressing KAs

45

Table 4.3a: Compulsory taught modules in cyber security addressing the KAs.

4.3.2 Optional modulesIf applicable, please complete Table 4.2b that shows the same information as Table 4.2a for each optional taught module.

Please ensure that hyperlinks to the module descriptions are provided.

<<< APPLICANTS COMPLETE TABLE 4.3b BELOW IF APPLICABLE >>>

The text in brown is by way of example only.Name of optional module CyBOK KA(s) addressed Number of credits in

moduleEstimated number of

credits in module addressing KA(s)

below Malware 15 15

below Forensics 15 15

Table 4.3b: Optional taught modules in cyber security addressing the KAs.

4.3.3 PathwaysIf applicable, please complete Table 4.3c that identifies the cyber security pathways that students could take through the degree. For each pathway, please provide an estimate of the total number of credits addressing the KAs.

<<< APPLICANTS COMPLETE TABLE 4.3c BELOW IF APPLICABLE >>>

The text in brown is by way of example only.Pathway Optional cyber security modules

included in pathwayEstimated total number of credits in pathway

addressing KAs (including compulsory and optional cyber security module credits)

Pathway 1 None 45

Pathway 2 Malware 60

Pathway 3 Forensics 60

of 83



Table 4.3c: Pathways that students could take through the cyber security taught component of the Master’s that meet the requirement for a minimum of 20 taught credits and a maximum of 60 taught credits that can be mapped to KAs 0 to 21.

If the Master’s has a large number of flexible pathways, provide a description of which pathways through the Master’s meet the requirement for at least 20 taught credits and a maximum of 60 taught credits that can be mapped to the KAs.

<<< APPLICANTS INSERT TEXT HERE IF APPLICABLE >>>

4.3.4 Assessment criteriav. The credit allocation to the CyBOK KAs shown in Tables 4.3a, b must be appropriate and consistent with the module

descriptions.vi. The completed Tables 4.3a, b, c must show that there is at least one set of cyber security modules that students can

choose that meet the requirement for a minimum of 20 and a maximum of 60 credits that can be mapped to KAs 0 to 21.

vii. If applicable, if a Master’s has several possible pathways that students could choose that meet the 20 to 60 credit requirement then these pathways must be clearly identified.

viii. If applicable, if a Master’s has a large number of possible pathways from which students can choose then the pathways that meet the 20 to 60 credit requirement must be clearly identified.


v. ☐ ☐ ☐vi. ☐ ☐ ☐vii. ☐ ☐ ☐ ☐viii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

4.4 Detailed coverage of KA Topics

4.4.1 Completion of Table 4.4 in Appendix BFor each pathway through the taught component of the degree, please complete below following the example rows provided.

<<< APPLICANTS COMPLETE TABLE 4.4 IN APPENDIX B >>>

Notes:

1. Please use KA 0 to record those modules that are of an underpinning or foundational nature and provide a short narrative noting that this has been done.

2. It is recognised that the number of credits assigned to a KA Topic is an estimate only. Overall, however, the credit allocation across the KAs should be a fair, reasonable and justifiable representation.

3. As noted at the beginning of section 4.3, it is not a requirement that every CyBOK KA has credits allocated to it. Rather, across the CyBOK KAs as a whole there must be a minimum number (20) and maximum number (60) of taught credits.

4. Applications should not be recording fewer than 0.5 credits in a KA.

5. The purpose of Table 4.4 is for applicants to demonstrate how the KA Topics are covered and assessed. To adequately cover a KA Topic, it needs to be clear that a good breadth and depth of the Indicative Material is covered though it should be noted that not all the Indicative Material would be required to be explicitly covered. Moreover, additional Indicative Material rows can be added to Table 4.4 when it is felt that the Indicative Material does not

of 83



adequately represent coverage of the KA Topic in the Master’s degree. Applications must clearly signpost when this has been done and provide a brief justification.

6. Where there are a large number of (flexible) pathways please complete Table 4.4 for a few representative pathways only along with an explanatory narrative.

7. Where a KA Topic and its Indicative Material are covered in good breadth and depth it would be expected that there should be an associated assessment. However, it is recognised that this will not be applicable in all cases especially where the number of credits allocated to a KA Topic is relatively low.

of 83



4.4.2 Summary table of credit allocation across the KAsPlease complete Table 4.5 for each pathway.

<<< APPLICANTS PLEASE COMPLETE TABLE 4.4 BELOW >>>

Path-ways

Total no. of taught cyber sec. credits in pathway

Number of Credits Across Knowledge Areas Total no. of credits across

the KAs

INT RMG HF POR LR MAL ADV FOR SOIM CRY OS DSS FMS AAA SS WM SSL NS HWS ACRY CPS PL

#1

#2 S

…

…

#n

Table 4.5: Summary of credit allocation across the KAs

4.4.3 Visual representation of credit allocation across the KAsFor each pathway, please provide a visual representation (Figure 4.1) of the credit allocation across the KAs for the taught component of the degree – please see the example in Figure 4.1. Where there are a large number of (flexible) pathways please provide Figure 4.1 for a few representative pathways only along with an explanatory narrative.

<<< APPLICANTS INSERT FIGURE 4.1 BELOW >>>

of 83



Figure 4.1: An example for illustrative purposes only of credit allocation across the KAs for a Master’s in Advanced Computing and Cyber Security. Please delete this figure from your application.

of 83



4.4.4 Assessment criteriaix. Table 4.4 must show which KA Topics are covered in the Master’s.x. In Table 4.4 where a KA Topic and its Indicative Material are covered in good breadth and depth it would be

expected that there should be an associated assessment. However, it is recognised that this will not be applicable in all cases especially where the number of credits allocated to a KA Topic is relatively low. The assessments identified should be consistent with the information on assessments shown in section 5 of the application.

xi. Each Pathway in Table 4.5 must show that there are between 20 and 60 taught cyber security credits that can be mapped to KAs 0 to 21.

xii. Each Pathway in Table 4.5 must show that at least 90% of the taught cyber security credits must be able to be mapped to KAs 0 to 21. For example, the situation where there were 60 taught cyber security credits overall but only 30 of these could be mapped to KAs 0 to 21 would not achieve the criterion.

xiii. A visual representation must be provided that clearly shows the distribution of credits across the KAs for the Master’s degree.


ix. ☐ ☐ ☐x. ☐ ☐ ☐xi. ☐ ☐ ☐xii. ☐ ☐ ☐xiii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

4.5 Justification of KA coveragePlease describe how the overall distribution of credits is consistent with the aims of the degree described in section 3.4.

Please describe and justify how the distribution of credits: provides a coherent body of work for students ensures that students are gaining knowledge about key areas of cyber security that are also relevant to the other

area(s) of study in the Master’s


4.5.1 Assessment criteriaxiv. The distribution of credits in the taught component of the Master’s must be consistent with the overall aims of a

Master’s degree incorporating cyber security.xv. The overall distribution of credits across the KAs must be appropriate and coherent, ensuring that students are

gaining knowledge about key areas of cyber security that are also relevant to the other area(s) of study in the Master’s.


xiv. ☐ ☐ ☐xv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

4.6 Module descriptionsIn an appendix to this section (Appendix C), please include a module description for each module that addresses a KA Topic in Table 4.4.

of 83



At the beginning of each module description, please provide a table that lists the KA Topics that the module covers along with a brief justification for why this is the case.

The module descriptions should provide good evidence of the KA Topics and Indicative Material coverage claimed in Table 4.4.

<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX C BELOW >>>

By way of example only, please see: Appendix C: Module Descriptions (Appendix to Section 4 of Application)

4.6.1 Assessment criterionxvi. The module descriptions must be consistent with the KA Topic coverage shown in Table 4.4.


xvi. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

4.7 Professional knowledge and skillsPlease describe how areas in professional knowledge and skills shown below are addressed in the Master’s degree. It is not a requirement to have a separate dedicated module covering professional knowledge and skills.

Professional Knowledge and Skills

Written and oral communication

Working in teams

Legal and ethical issues for the cyber security professional

Understanding intellectual property


4.7.1 Assessment criterionxvii. Professional knowledge and skills should be addressed in the Master’s degree.


xvii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>




of 83



5. Assessment MaterialsUp to seven sides of A4, excluding explanatory text, assessment criteria and copies of assessments.

5.1 Overall approach to assessmentPlease describe the overall approach to assessment of the taught modules on the Master’s degree. This should include:

the range of assessment types used – e.g., traditional examinations, online examinations, coursework, practicals, literature reviews, multiple choice questions, group work, presentations, etc.

a justification of why these assessment types are appropriate a description of the process involved in deciding the assessment types to use for individual taught modules


5.1.1 Assessment criteriai. The range of assessment types used is clear and appropriate – it would be desirable to see a mix of assessment

types being used across the taught modules.ii. There is a clear and appropriate process for deciding which assessment types to use for individual taught modules.


i. ☐ ☐ ☐ii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.2 Marking schemeIf available, please provide an overall marking scheme that shows what a student must demonstrate to be awarded a particular mark on a taught module.

<<< APPLICANTS INSERT MARKING SCHEME BELOW >>>

5.2.1 Assessment criterioniii. If available, the marking scheme must clear, appropriate and consistent.


iii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.3 Overall grade for the Master’sPlease describe how the overall mark for the Master’s is determined from the marks for the taught modules and the mark for the research dissertation.

Please describe the how the overall grade (e.g., pass, merit, distinction) for the Master’s is determined.

Please describe the process for compensation, if applicable.


of 83

ASSESSMENT MATERIALS


5.3.1 Assessment criterioniv. The process to determine the overall grade awarded for the Master’s from the individual modules and research

dissertation must be clear and appropriate.


iv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.4 Rigour of assessment – cyber security modules onlyPlease complete Table 5.1 for each assessed taught cyber security module.

Please include hyperlinks to the assessments in Appendix D.

If the average ratio of bookwork to critical analysis / application across all the taught cyber security modules is greater than 60:40, please provide a clear justification for this value.


of 83



The text in brown is by way of example only.Module Pass mark Assessment types and relative

weightingsEstimate for % of bookwork

in assessmentsEstimate for % of critical analysis / application

in assessmentsJustification for assessment types and ratio of bookwork to critical analysis

below (C) 50% CWK-1 (50%), CWK-2 (50%) 40 60 Both courseworks present students with novel real-world scenarios in which they have to apply knowledge, understanding and critical analysis.

below (C)

below (C) 50% CWK (30%), Practical (30%), Exam (40%)

30 70 The coursework presents students with a real-world scenario for which they have to develop a secure network solution. The practical tests a student’s ability to construct and test networks. The exam tests both knowledge and application.

below (O)

below (O)

Average ratio of bookwork to critical analysis / application across all the taught cyber security modules: <<< APPLICANTS INSERT VALUE BELOW >>>

Table 5.1: The assessments used for compulsory and optional taught cyber security modules.

of 83



5.4.1 Assessment criteriav. For each taught cyber security module, the assessment types and their relative weightings must be clear and

appropriate.vi. For each taught cyber security module, the ratio of bookwork to critical analysis / application must be clear and

justified.vii. Where the overall, average ratio of bookwork to critical analysis / application for cyber security assessments is

greater than 60:40 this must be clearly justified.


v. ☐ ☐ ☐vi. ☐ ☐ ☐vii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.5 Justification of 40% pass markWhere the pass mark for taught modules, dissertation and/or the degree overall is set at, or close to, 40% please provide a justification that students achieving this pass mark have achieved and demonstrated sufficient knowledge and understanding at Master’s level.

<<< APPLICANTS INSERT TEXT BELOW IF APPLICABLE >>>

By way of example, it may be appropriate here to refer to the marking scheme that shows what a student has to be able to demonstrate in order to achieve a pass mark of 40%.

5.5.1 Assessment criterionviii. Where the pass mark for taught modules, dissertation and/or the degree overall is set at, or close to, 40% it should

be clear that students attaining this pass mark will have sufficiently demonstrated their knowledge, understanding and application at Master’s level.


viii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.6 Setting assessmentsPlease describe the process for setting assessments. As a minimum, this should include:

who is responsible for setting the assessments and marking criteria for a taught module who is responsible for verifying the suitability of the assessments and marking criteria for a taught module who oversees assessment setting across all taught modules to ensure consistency how and when are the external examiners engaged to ensure appropriate standards are maintained for Master’s

assessments


5.6.1 Assessment criteriaix. The process for setting, verifying and overseeing assessments must be clear and appropriate.x. The process for engaging with the external examiners regarding assessment setting must be clear and appropriate.

For assessors only of 83



Criteria Achieved Not Achieved Unclearix. ☐ ☐ ☐x. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.7 Marking assessmentsPlease describe the process for marking assessments. As a minimum, this should include:

who is responsible for marking the assessments for a taught module which assessments have both first and second markers who oversees marking across all assessments and modules to ensure consistency how and when are the external examiners engaged to ensure appropriate standards are maintained for the marking

of Master’s assessments


5.7.1 Assessment criteriaxi. The process for marking assessments must be clear and appropriate.

xii. The process for engaging with the external examiners regarding assessment marking must be clear and appropriate.


xi. ☐ ☐ ☐xii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.8 Detecting and dealing with plagiarism7

Please describe the processes and procedures that are in place to detect and deal with plagiarism on the taught component of the Master’s, particularly for coursework and on-line examinations.


5.8.1 Assessment criterionxiii. There must be a robust and effective system in place to detect and deal with plagiarism by students on the taught

component of the Master’s degree.


xiii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.9 Examination papers – cyber security modules onlyPlease complete either section 5.9.1 or section 5.9.2.

5.9.1 Provisional applicationFor each of the cyber security modules listed in Table 5.1 please provide a copy of examination paper(s) that students have sat or specimen paper(s) of the examinations they will sit. For assessed coursework, please provide copies of all assignments (to be) provided to students. For each assessed coursework also provide a specific, tailored, marking scheme, or a narrative

7 A useful discussion of plagiarism and the forms of plagiarism can be found at: https://www.ox.ac.uk/students/academic/guidance/skills/plagiarism#:~:text=Plagiarism%20is%20presenting%20someone%20else's,is%20covered%20under%20this%20definition

of 83


https://www.ox.ac.uk/students/academic/guidance/skills/plagiarism#:~:text=Plagiarism%20is%20presenting%20someone%20else's,is%20covered%20under%20this%20definition



explaining what the marker would expect a student to provide in a good response. This information should be placed in an Appendix D: Assessment materials (Appendix to section 5 of application)ppendix (Appendix D) to section 5 of the application.

<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX D BELOW >>>

By way of example only, please see Appendix D: Assessment materials (Appendix to section 5 of application)

5.9.1.1 Assessment criterionxiv. The assessments must rigorously test students’ understanding and critical analysis of the KA Topics being studied.


xiv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.9.2 Full applicationFor academic year 2021 – 2022, for each of the cyber security modules listed in Table 5.1, please provide a copy of the examination paper(s) that students sat. For assessed coursework, provide copies of all assignments provided to students. For each assessed coursework also provide a specific, tailored, marking scheme, or a narrative explaining what the marker would expect a student to provide in a good response. This information should be placed in an Appendix D: Assessment materials (Appendix to section 5 of application)ppendix (Appendix D) to section 5 of the application.

<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX D BELOW >>>

By way of example only, please see: Appendix D: Assessment materials (Appendix to section 5 of application)

5.9.2.1 Assessment criterionxv. The assessments must rigorously test students’ understanding and critical analysis of the KA Topics being studied.


xv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

5.10 External examiners’ reports – full application onlyPlease describe the process for engagement with the external examiners. As a minimum, this should include:

the points during the academic year at which engagement with the external examiners happens reviewing of assessment materials by the external examiners reviewing of assessment marks by the external examiners and moderation of results reviewing of research dissertations by the external examiners and moderation of results

Please describe the technical background and experience of the external examiners.

For academic year 2020 – 2021, please provide a copy of the external examiners’ reports8 - these should be placed in Appendix E.

For academic year 2020 – 2021, please provide a copy of the HEI’s response to the external examiners’ reports and any follow-up actions that have been undertaken in response to the reports. These should be placed in Appendix E.

8 Where the external examiners’ reports for 2020-21 are not available by the submission deadline, please provide the most recent reports and the HEI’s response. Please state when the 2020 21 reports and response will be available and submit them as soon as they are available.

of 83



<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX E BELOW >>>

By way of example only, please see: Appendix E: External Examiners’ Reports (Appendix to Section 5 of Application)

5.10.1 Assessment criteriaxvi. The process for engaging with the external examiners should be clear and appropriate.

xvii. The external examiners should have the appropriate technical background.xviii. The external examiners’ reports must provide a positive picture for both the Master’s degree overall and the cyber

security part.xix. The progress to any follow-on actions suggested by the external examiners should be made clear.


xvi. ☐ ☐ ☐xvii. ☐ ☐ ☐xviii. ☐ ☐ ☐xix. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>




of 83



6. Research DissertationsUp to seven sides of A4, excluding explanatory text, assessment criteria and list of dissertation topics.

6.1 TimelinePlease complete Table 6.1 that shows the key events and decision points during the academic year leading to the submission and marking of research dissertations. Please adapt Table 6.1 as appropriate if your HEI does not use a semester model.


Text in brown is by way of example only.Semester Activities

01 October to 31 January November – Research Methods module starts December – staff present / make available their ideas for research projects January – external companies present their ideas for research projects January – students encouraged to have informal discussions with staff regarding

research projects

01 February to 31 May February – students submit an outline of their proposed research as part of a paper for the Research Methods module

March – staff assess Research Methods papers and supervisors are allocated to students April – students submit a project plan for their research dissertations to their supervisors April / May – students receive feedback on project plans from supervisors

01 June to 30 September June – students start work on their projects June to September – students meet regularly with supervisors to report progress End-September – students submit their dissertations

October onwards vivas held marking of dissertations by supervisors and second markers moderation of dissertation marks across all dissertations

Table 6.1: Research dissertation timeline.

6.1.1 Assessment criterioni. The activities involved in the identification of potential research topics as well as the initiation, production and

marking of research dissertations must be clearly laid out, appropriate and timely.


i. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.2 Governance of the research dissertation processPlease describe the governance of the research dissertation process. As a minimum, this should include:

who has overall responsibility for ensuring the process is properly coordinated and carried out which members of staff are involved in the research dissertation process what happens in the case that a student proposes a research topic for which there is no suitable supervisor what happens in the case that two or more students apply to carry out the same research topic with the same

supervisor what happens in the case that a student is unable to find a suitable area of research for their dissertation what happens in the case that a student is failing to make satisfactory progress in their research how is the situation resolved when first and second markers differ significantly in their marks awarded

of 83

RESEARCH DISSERTATIONS



6.2.1 Assessment criterionii. There must be a robust governance process in place for research dissertations.


ii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.3 Guidance to studentsPlease describe the guidance the HEI provides, or will provide, to Master’s students before they embark on their dissertations, for example:

research methods what makes a good dissertation topic how to formulate a research question the structure of dissertations best practice for undertaking a research dissertation carrying out literature reviews presentations from members of staff / external companies on possible research topics, etc.

Although including extracts from a student handbook (within the overall page limits) is acceptable, please do not include a student handbook with the application.


6.3.1 Assessment criterioniii. Students receive suitable background guidance on undertaking research dissertations.


iii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.4 Identification of dissertation topicsPlease describe the process whereby students choose their dissertation topics, for example:

is it up to students to come up with topic ideas do members of staff identify possible topics does the HEI have links with industry partners who might suggest topics once a student has a potential topic, what do they have to do to get it formally approved how it is ensured that for those dissertations including cyber security the cyber security component will be within

the scope of the CyBOK KAs


6.4.1 Assessment criteriaiv. There must be a clear and appropriate process that supports students to identify research topics for their

dissertations.

of 83



v. There must be a clear and appropriate process to ensure that for those dissertations including cyber security the cyber security element will be within the scope of the CyBOK KAs.


iv. ☐ ☐ ☐v. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.5 Allocation of students to supervisorsPlease describe the process whereby students are allocated to suitably knowledgeable supervisors.


6.5.1 Assessment criterionvi. There must be a clear and appropriate process for allocation of students to suitably knowledgeable supervisors.


vi. ☐ ☒ ☐Comments (if applicable). <assessors insert text here>

6.6 Legal and ethical issuesPlease describe how it is ensured that before a student embarks on their dissertation any legal and ethical issues have been considered and addressed and the student has been given approval to proceed.


6.6.1 Assessment criterionvii. There must be a clear and appropriate process in place to ensure that students have properly considered and

addressed any legal and ethical issues that may arise in their dissertations and have been given approval to proceed.


vii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.7 Monitoring of students’ progressPlease describe the process for monitoring the progress of students on their dissertations. Please describe what action is taken when a student is not making satisfactory progress.


6.7.1 Assessment criterionviii. There needs to be a well-defined and suitable process for monitoring the progress of students to ensure that

students are making appropriate progress and where this is not happening suitable corrective action is taken.

For assessors only

of 83



Criterion Achieved Not Achieved Unclearviii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.8 Detecting and dealing with plagiarism9

Please describe the processes and procedures that are in place to detect and deal with plagiarism for the research dissertation. In the case where there is no viva as part of the assessment process, please describe how it is guaranteed that a dissertation is a student’s own work.


6.8.1 Assessment criterionix. There must be a robust and effective system in place to detect and deal with plagiarism by students undertaking

their research dissertations.


ix. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.9 Research dissertations contributing fewer than 40 creditsFor Master’s degrees in which the research dissertation accounts for fewer than 40 credits, please describe how students are able to gain sufficient understanding and experience of undertaking a research project.

<<< APPLICANTS INSERT TEXT BELOW IF APPLICABLE>>>

6.9.1 Assessment criterionx. For Master’s degrees in which the research dissertation accounts for fewer than 40 credits, it should be clear that

students are still able to gain sufficient understanding and experience of undertaking a research project.

For Assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable

x. ☐ ☐ ☐ ☐Comments (if applicable). <insert text here>

6.10 Assessment of dissertationsPlease describe the process for assessing dissertations. As a minimum, this should include:

the role of first and second markers the process when the first and second markers differ significantly on the marks they award the marks awarded to the dissertation, the viva and any other component of the dissertation process

In addition, please provide a specific, tailored marking scheme for dissertations clearly showing how grades are determined and what would be necessary for each of a distinction, merit or pass10. Please indicate whether this or other similar guidance is provided to students.

<<< APPLICANTS INSERT TEXT AND MARKING SCHEME BELOW >>>

9 A useful discussion of plagiarism and the forms of plagiarism can be found at: https://www.ox.ac.uk/students/academic/guidance/skills/plagiarism#:~:text=Plagiarism%20is%20presenting%20someone%20else's,is%20covered%20under%20this%20definition10 Where the classifications of distinction / merit / pass are not used, please refer to the grades that are used by the HEI.

of 83





6.10.1 Assessment criterionxi. There needs to be a well-defined and rigorous process for the assessment of dissertations.


xi. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>

6.11 For full certification only

6.11.1 List of dissertation topicsFor each of academic years 2020 – 2021 and 2019 – 2020 (if any), provide a list of Master’s dissertations undertaken by students – please complete Tables 6.2a, b.

Where a dissertation has a significant element of cyber security, please identify which KA(s) the dissertation applies to and provide a succinct summary of the contribution that the dissertation has made to cyber security and/or to the application of cyber security.

Where there were more than 20 students undertaking dissertations in an academic year, provide information for a representative sample of 20 dissertations only.

<<< APPLICANTS COMPLETE TABLES 6.2a AND 6.2b BELOW >>>

Dissertation title Synopsis of dissertation CyBOK KA(s) addressed (if applicable)

External involvement (if applicable)

…

…

…

…

Table 6.2a: List of dissertations for 2020 – 2021.

Dissertation title Synopsis of dissertation CyBOK KA(s) addressed (if applicable)

External involvement (if applicable)

…

…

…

…

Table 6.2b: List of dissertations for 2019 – 2020 (if any).

of 83



6.11.1.1 Assessment criteriaxii. The list of dissertation topics must show that where dissertations have a cyber-security component the topics are

within the scope of the CyBOK Knowledge Areas.

xiii. From the list of dissertation topics where dissertations have a cyber-security component it must be clear that the dissertation has made an appropriate contribution to cyber security and/or the application of cyber security


xii. ☐ ☐ ☐ ☐xiii. ☐ ☐ ☐ ☐Comments (if applicable). <insert text here>




of 83



7. Student Feedback on the Master’s – Applications for Full Certification OnlyUp to three sides of A4, excluding explanatory text and assessment criteria.

7.1 Student satisfactionPlease describe how the HEI encourages Master’s students to participate in the feedback process.

Please provide the results of student satisfaction from activities such as:

PTES11

collated feedback from students on the Master’s modules collated feedback from staff-student liaison committees results

Please describe any actions taken by the HEI as a result of student feedback.


7.1.1 Assessment criteriai. The HEI should encourage students to provide feedback on the Master’s.

ii. The results of student satisfaction surveys should paint a largely positive picture of students’ learning experience on the Master’s.

iii. The HEI should be able to demonstrate progress on any key issues raised by such surveys.

For Assessors onlyCriteria Achieved Not Achieved Unclear

i. ☐ ☐ ☐ii. ☐ ☐ ☐iii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>




11 https://www.advance-he.ac.uk/reports-publications-and-resources/postgraduate-taught-experience-survey-ptes

of 83

STUDENT NUMBERS AND GRADES ACHIEVED

https://www.advance-he.ac.uk/reports-publications-and-resources/postgraduate-taught-experience-survey-ptes


8. Appendix A: Cyber Security Staff CVs (Appendix to Section 2 of Application)Up to two sides of A4 per CV

Please follow the structure below for each CV. For each CV, it is important to get across the person’s knowledge, experience and skills in cyber security.

Return to above

By way of example only:

8.1 CV for Dr E. F.

8.1.1 Personal statement of experience and expertise in cyber securityProvide a succinct summary of the person’s experience and expertise in cyber security using the CyBOK KAs12 as a framework.

8.1.2 Academic backgroundInclude here items such as qualifications obtained, subjects, year, institution, a few key publications.

8.1.3 Professional employmentDescribe professional positions of employment, highlighting those relevant to cyber security.

8.1.4 Contribution to cyber security at the University of XDescribe what the person does at the HEI that is relevant to cyber security.

8.1.5 Esteem indicatorsFor example, editorships, invited talks, membership of national and international advisory groups. Highlight those relevant to cyber security.

8.1.6 Cyber security knowledge and expertise indicatorsFor example, recent publications, work with industry/government, research activities.

8.1.7 Any other informationInclude any other information that might be relevant in demonstrating the person’s cyber security expertise.

Return to above

12 https://www/cybok.org.

of 83

APPENDIX A: STAFF CVs

https://www/cybok.org


8.2 CV for I. J.

8.2.1 Personal statement of experience and expertise in cyber securityProvide a succinct summary of the person’s experience and expertise in cyber security using the CyBOK KAs as a framework.

8.2.2 Academic backgroundInclude here items such as qualifications obtained, subjects, year, institution, a few key publications.

8.2.3 Professional employmentDescribe professional positions of employment, highlighting those relevant to cyber security.

8.2.4 Contribution to cyber security at the University of XDescribe what the person does at the HEI that is relevant to cyber security.

8.2.5 Esteem indicatorsFor example, editorships, invited talks, membership of national and international advisory groups. Highlight those relevant to cyber security.

8.2.6 Cyber security knowledge and expertise indicatorsFor example, recent publications, work with industry/government, research activities.

8.2.7 Any other informationInclude any other information that might be relevant in demonstrating the person’s cyber security expertise.

Return to above

of 83

APPENDIX A: STAFF CVs


9. Appendix B: Table 4.4 – Credit Allocation Across the CyBOK Knowledge Areas (Appendix to Section 4 of Application)Please complete Table 4.4 below.

The example for the Risk Management and Governance KA is provided here for guidance only.

Return to The Taught Component of the Master’s Degree Incorporating Cyber Security.

Exam

ple

Onl

y

Broad Category Knowledge Area Topics Indicative Material Modules providing significant coverage

Modules providing partial

coverage

Assessment Approximate number of

credits

A. Human, Organisational and Regulatory Aspects

1. Risk Management and Governance

Risk Definitions

risk assessment CySecFoundationsCySecFoundations-CWK Error: Reference source not found

2risk management CySecFoundations

levels of perceived risk CySecFoundations

Risk Governance

governance models CySecFoundations

1

risk perception factors CySecFoundations

human factors and risk communication

security culture

enacting security policy

An example for illustrative purposes only of how the first two topics in Risk Management and Governance are covered by modules in the Master’s degree.

of 83

APPENDIX B: TABLE 4.4


Exam

ple

Onl

y

Broad Category Knowledge Area Topics Indicative Material Modules providing significant coverage

Modules providing partial

coverage


credits



Risk Assessment and Management Principles

component versus systems perspectives

CySecFoundations-CWK

2elements of risk CySecFoundations

risk assessment and management methods

CySecFoundations

security metrics

Business Continuity: Incident Response and Recovery Planning

ISO/IEC 27035

1

NCSC guidance CySecFoundations

other guidance CySecFoundations

An example for illustrative purposes only of how the third and fourth topics in Risk Management and Governance are covered by modules in the Master’s degree.Please note that in this example an additional row of Indicative Material has been added to reflect other guidance for Business Continuity and Planning that is partially covered in the CySecFoundations module.

of 83



<<<. APPLICANTS COMPLETE TABLE 4.4 BELOW WHICH CONTINUES OVER A NUMBER OF PAGES >>>

Table 4.4Broad

CategoryKnowledge

AreaTopics Indicative Material Modules providing

significant coverageModules providing partial

coverageAssessments Approximate

number of credits

NA0. CyBOK Introduction

Foundational Concepts

objectives of cyber security

definition of cyber security

failures and incidents

risk management

Principles

Saltzer and Schroeder principles

NIST principles

latent design conditions

Precautionary Principle

Cross-cutting Themes

security economics

security architecture and lifecycle

of 83



Broad Category

Knowledge Area

Topics Indicative Material Modules providing significant coverage

Modules providing partial coverage

Assessments Approximate number of

credits



Risk Definitionsrisk assessment

risk management

levels of perceived risk

Risk Governance

governance models

risk perception factors

human factors and risk communication

security culture

enacting security policy

Risk Assessment and Management Principles

component versus systems perspectives

elements of risk

risk assessment and management methods

risk assessment and management in cyber-physical systemsrisk assessment and management in cyber physical systemsvulnerability management

security metrics

Business Continuity: Incident Response and Recovery Planning

ISO/IEC 27035

NCSC guidance

of 83



Broad Category

Knowledge Area




credits


2. Human Factors

Usable Security assessment criteria

mental models of security

Fitting the Task to the Human

human capabilities and limitations

short-term memory

long-term memory

human biases

needs of specific groups

goals and tasks

interaction context

device capabilities and limitations

Human Error

latent usability failures in systems-of-systems

thinking fast and slow

shadow security

security hygiene

Awareness and Education

terms

new approaches

mental models of cyber risks and defences

Positive Security fear uncertainty and doubt

people are not the weakest link

Stakeholder Engagement

employees

software developers

of 83



Broad Category

Knowledge Area




credits


3. Privacy and Online Rights

Confidentiality data confidentiality

metadata confidentiality

Controlprivacy settings configuration

privacy policy negotiation

privacy policy interpretability

Transparency feedback-based transparency

audit-based transparency

Privacy Technologies and Democratic Values

privacy technologies as support to democratic political systemscensorship resistance and freedom of speech

Privacy Engineeringgoals

strategies

privacy evaluation

of 83



Broad Category

Knowledge Area




credits


4. Law and Regulation

Introductory Principles of Legal Research

nature of law and legal analysis

applying law to cyberspace and information technologiescriminal law

civil law

liability and courts

evidence and proof

holistic approaches to legal risk analysis

Jurisdictionprescriptive jurisdiction

enforcement jurisdiction

data sovereignty

Privacy Laws in General and Electronic Interception

international norms

interception by a state

interception by persons other than state

enforcement of privacy laws

Data Protection

subject matter and regulatory focus

core regulatory principles

investigation and prevention of crime

personal data breach notification

enforcement and penalties

Computer Crime

crimes against information systems

de minimis exceptions to crimes against information systemsthe enforcement of, and penalties for, crimes against information systemswarranted state activity

research and development activities conducted by non-state personsself-help disfavoured: software locks and hack-back

of 83



Broad Category

Knowledge Area




credits



Contract

on-line contracts

encouraging security standards via contract

warranties and their exclusion

limitations of liability and exclusions of liability

breach of contract and remedies

effects of contract on non-contracting parties

conflict of law - contracts

Intellectual Property

understanding intellectual property

catalogue of intellectual property rights

enforcement – remedies

reverse engineering

international treatment and conflict of law

Internet Intermediaries

shields from liability

take-down protection

Dematerialisation of Documents and Electronic Trust Services

admission into evidence of electronic documentsrequirements of form and the threat of unenforceabilityelectronic signatures and identity trust services conflict of law – electronic signatures and trust services

of 83



Broad Category

Knowledge Area




credits



Other Regulatory Matters

industry-specific regulations

restrictions on exporting security technologies

matters classified as secret by a state

Public International Law

attributing action to a state under international lawstate cyber operations in general

cyber espionage in peacetime

cross-border criminal investigation

the law of armed conflict

Ethicsobligations owed to a client

codes of conduct

vulnerability testing

of 83



Broad Category

Knowledge Area




credits

B. Attacks and Defences

5. Malware and Attack Technologies

Malware Taxonomydimensions

kinds

potentially unwanted programs

Malicious Activities by Malware

attack on confidentiality, integrity, availability

cyber kill chain

underground eco-system

Malware Analysis

analysis techniques

analysis environments

anti-analysis and evasion techniques

identifying the analysis environment

Malware Detectionidentifying the presence of malware

evasion and countermeasures

attack detection

Malware Response disrupting malware operations

attribution

of 83



Broad Category

Knowledge Area




credits


6. Adversarial Behaviours

Characterisation of Adversaries

cyber-enabled crime vs cyber-dependent crimeinterpersonal crimes

cyber-enabled organised crime

cyber-dependent organised crime

hacktivists

state actors

Elements of a Malicious Operation

affiliate programmes

infection vectors

infrastructure

specialised services

human services

payment methods

Models

attack trees

kill chains

environmental criminology

flow of capital

attribution

of 83



Broad Category

Knowledge Area




credits


7. Forensics

Definitions and Conceptual Models

forensic science

cyber domain

digital (forensic) trace

legal concerns and the Daubert Standard

definitions

conceptual models

Operating System Analysis

storage forensics

data acquisition

filesystem analysis

block device analysis

data recovery and file content carving

Main Memory Forensics

process information

file information

network connections

artifacts and fragments

challenges of live forensics

Application Forensics

case study: e.g., web browsers

Cloud Forensicsservices

forensics challenges

SaaS forensics

Artifact Analysis

cryptographic hashing

block-level analysis

approximate analysis

cloud-native artifacts

Broad Knowledge Topics Indicative Material Modules providing Modules providing partial Assessments Approximate

of 83



Category Area significant coverage coverage number of credits


8. Security Operations and Incident Management

Fundamental Concepts

workflows and vocabulary

architectural principles

Monitor: Data Sources

network traffic

network aggregates: netflow

network infrastructure information

application logs: web server logs and files

system and kernel logs

Syslog

Analyse: Analysis Methods

misuse detection

anomaly detection

machine learning

testing and validating intrusion detection systemsthe base-rate fallacy

contribution of SIEM to analysis and detection

Plan: Security Information and Event Management

data collection

alert correlation

security operations and benchmarking

Execute: Mitigation and Countermeasures

intrusion prevention systems

SIEM platforms and countermeasures

SOAR: impact and risk assessment

site reliability engineering

Knowledge: Intelligence and Analysis

cyber security knowledge management

honeypots and honeynets

cyber-threat intelligence

situational awareness

Human Factors: Incident Management

prepare: incident management planning

handle: actual incident response

follow up: post incident activities

of 83



of 83



Broad Category

Knowledge Area




credits

C. System Security

9. Cryptography

Schemes

AES

RSA

DES

PKCS

DSA

Kerberos

TLS

Symmetric Cryptography

symmetric primitives

symmetric encryption and authentication

Public-Key Cryptography

public-key encryption

public-key signatures

Cryptographic Security Models

basic security definitions

hard problems

setup assumptions

simulation of cryptographic operations

universal composability

Information-Theoretically Secure Constructions

one-time pad

secret sharing

Standard Protocols authentication protocols

key agreement protocols

Advanced Protocols

oblivious transfer

zero knowledge

Sigma protocols

secure multi-party computation

Public-Key Schemes group signatures

of 83



with Special Properties

ring signatures

blind signatures

identity-based encryption

linearly homomorphic encryption

fully homomorphic encryption

of 83



Broad Category

Knowledge Area




credits

C. System Security

10. Operating Systems and Virtualisation

Attacker Model attack surface

threats to security for modern OSs

Role of Operating Systems

mediation

design choices

virtual machines

IOT

security domains

isolation

OS Security Principles

security models

newer principles

Saltzer and Schroeder’s principles

Primitives for Isolation and Mediation

protection rings

low-end devices and IOT

Multics

trusted computer system evaluation criteria

memory protection and address spaces

capabilities

physical access and secure deletion

authentication and identification

modern hardware extensions for memory protection

OS Hardening

information hardening

control-flow restrictions

partitioning

code and data integrity checks

anomaly detection

formal verification

Related Areas databases

of 83



Embracing Security PaX Team

GRSecurity

of 83



Broad Category

Knowledge Area




credits

C. System Security

11. Distributed Systems Security

Classes of Distributed Systems

decentralised point-to-point interactions across distributed entities without a centralised coordination servicecoordinated clustering across distributed resources and services

Classes of Vulnerabilities and Threats

access/admission control and ID management

data transportation

resource management and coordination servicesdata security

Decentralised P2P Models

principles

unstructured P2P protocols

structured P2P protocols

hybrid P2P protocols

hierarchical P2P protocols

Attacking P2P Systems

functional elements

attack types

attacks and their mitigation

Coordinated Resource Clustering

systems coordination styles

reliable and secure group communications

coordination principles

replication management and coordination schema

Coordination Classes and Attackability

classes of disruptions

resource coordination class

services coordination class

of 83



Broad Category

Knowledge Area




credits

C. System Security

12. Formal Methods for Security

Motivation

inadequacy of traditional development methodstowards more scientific development methods

limitations

Foundations, Methods and Tools

properties of systems and their execution

logics and specification languages

property checking

Hardwarehardware verification

side channels

API attacks on security hardware

Cryptographic Protocols

symbolic methods

stochastic methods

computational methods

Software and Large Scale Systems

information flow control

cryptographic libraries

low-level code

operating systems

web-based applications

full-stack verification

Configuration policy analysis

specification-based synthesis

of 83



Broad Category

Knowledge Area




credits

C. System Security

13. Authentication, Authorisation and Accountability

Authorisationaccess control

enforcing access control

theory

Access Control in Distributed Systems

core concepts

origin-based policies

federated access control

cryptography and access control

Authentication

identity management

user authentication

authentication in distributed systems

facets of authentication

Accountabilitytechnical aspects

privacy and accountability

distributed logs

of 83



Broad Category

Knowledge Area




credits

D. Software and Platform Security

14. Software Security

Categories of Vulnerabilities

CVEs and CWEs

memory management vulnerabilities

structured output generation vulnerabilities

race condition vulnerabilities

API vulnerabilities

side channel vulnerabilities

Prevention of Vulnerabilities

API design

coding practices

erroneous execution

language design and type systems

structured output generations mitigations

race condition mitigations

information flow

Mitigating Exploitation

runtime detection of attacks

automated software diversity

limiting privileges

Detection of Vulnerabilities

static detection

dynamic detection

soundness

completeness

of 83



Broad Category

Knowledge Area




credits


15. Web and Mobile Security

Fundamental Concepts and Approaches

appification

webification

application stores

sandboxing

permission dialog based access control

web PKI and HTTPS

authentication

cookies

passwords and alternatives

frequent software updates

Client-Side Vulnerabilities and Mitigations

phishing

clickjacking

client-side storage

physical attacks

Server-Side Vulnerabilities and Mitigations

injection vulnerabilities

server-side misconfiguration and vulnerable components

of 83



Broad Category

Knowledge Area




credits


16. Secure Software Lifecycle

Motivations for Secure Software Lifecycle

breaches are costly

vulnerabilities can be exploited without being noticedpatching can introduce vulnerabilities

customers don’t apply patches

trusted computing

Prescriptive Processes

SAFECode

Microsoft SDL

Touchpoints

Adaptations of Secure Software Lifecycle

agile and DevOps

mobile

cloud computing

IOT

road vehicles

ecommerce

Assess the Secure Software Lifecycle

SAMM

BSIMM

common criteria

of 83



Broad Category

Knowledge Area




credits

E. Infrastructure Security

17. Network Security

Security Goals and Attacker Models

security goals in networked systems

attacker models

Networking Applications

local area networks (LANs)

connected networks and the Internet

bus networks

wireless networks

fully distributed networks: DHTs and unstructured P2P networkssoftware-defined networking and network function virtualisation

Network Protocols and Their Security

security at the application layer

security at the transport layer

security at the Internet layer

security on link layer

Network Security Tools

firewalling

intrusion detection and prevention systems

network security monitoring

SDN and NFV security

network access control

zero trust networking

DOS countermeasures

Other Network Security Topics

cloud and data centre security

delay tolerant networks and ad-hoc sensors networksnetwork covert channels

payment networks

physical layer security

networking infrastructure security

of 83



cross-border regulations

of 83



Broad Category

Knowledge Area




credits


18. Hardware Security

Hardware Design Cycle

hardware design process

root of trust

threat model

Measuring Hardware Security

FIPS 140-2

common criteria and EMVCo

SESIP

Secure Platformshardware security module (HSM)

secure element and smartcard

trusted platform module (TPM)

Hardware Support for Software Security

IBM 4578 secure coprocessor

ARM Trustzone

protected module architectures

lightweight solutions

objectives

virtual machines

trusted execution environment

Hardware Design for Cryptographic Algorithms

cryptographic algorithms at RTL level

design process

Side Channel Attacks and Fault Attacks

attacks

countermeasures

Entropy Generating Building Blocks

physically unclonable functions (PUFs)

random number generation

Hardware Design Process

time

design and fabrication of silicon integrated circuits

of 83



trojan circuits

circuit level techniques

board level security

of 83



Broad Category

Knowledge Area




credits


19. Applied Cryptography

The Cryptographic Triumvirate

cell left deliberately blank

Algorithms, Schemes and Protocols

hash functions

block ciphers

stream ciphers

message authentication code (MAC) schemes

authenticated encryption (AE) schemes

public key encryption schemes and key encapsulation mechanismsDiffie-Hellman key exchange

digital signatures

cryptographic diversity

the adversary

the role of formal security definitions and proofskey sizes

development of standardised cryptography

post-quantum cryptography

quantum key distribution

from schemes to protocols

Cryptographic Implementation

cryptographic libraries

API design for cryptographic libraries

implementation challenges

defences

random bit generation

of 83



Broad Category

Knowledge Area




credits


19. Applied Cryptography

Key Management

the key lifecycle

key derivation

password based key derivation

key generation

key storage

key transportation

refreshing keys and forward security

managing public keys and public key infrastructure

Consuming Cryptography

the challenges of consuming cryptography

addressing the challenges

making cryptography invisible

Applied Cryptography in Action

transport layer security

secure messaging

contact tracing à la DP-3T

Future of applied cryptography

cell left deliberately blanks

of 83



Broad Category

Knowledge Area




credits


20. Cyber Physical Systems Security

Cyber-Physical Systems

characteristics

protection against natural events and accidentssecurity and privacy concerns

Cross Cutting Security

preventing attacks

detecting attacks

mitigating attacks

Cyber-Physical Systems Domains

industrial control systems

electric power grids

transportation systems and autonomous vehiclesrobotics and advanced manufacturing

medical devices

IOT

Policy and Political Aspects

incentives and regulation

cyber conflict

industry practices and standards

of 83



Broad Category

Knowledge Area




credits


21. Physical Layer and Telecommunications Security

Schemes for Confidentiality, Integrity and Access Control

key establishment based on channel reciprocityMIMO-supported approaches

secrecy capacity

friendly jamming

protecting data integrity

LPI and covert communication

Jamming and Jamming-Resilient Communications

classification of jammers

countermeasures

coordinated spread spectrum techniques

uncoordinated spread spectrum techniques

signal annihilation and overshadowing

Identification

device under identification

identification signals

device fingerprints

attacks on physical layer identification

Distance Bounding and Secure Positioning

distance bounding protocols

distance measurement techniques

physical layer attacks on secure distance measurementsecure positioning

Compromising Emanations and Sensor Spoofing

compromising emanations

sensor compromise

Physical Layer Security of Selected Communications Technologies

NFC

air traffic communications networks

cellular networks

GNSS security and spoofing attacks

of 83



Return to The Taught Component of the Master’s Degree Incorporating Cyber Security

of 83



10. Appendix C: Module Descriptions (Appendix to Section 4 of Application)Please include a table at the beginning of each module description that shows which KA Topics the module covers along with brief justifications for why this is the case.

The module descriptions should provide good evidence of the KA Topics and Indicative Material coverage claimed in Table 4.3.

Return to The Taught Component of the Master’s Degree Incorporating Cyber Security.


10.1 Cyber Security Foundations module

Return to The Taught Component of the Master’s Degree Incorporating Cyber Security .

10.2 Cryptography module


10.3 Network Security module


10.4 Malware module


10.5 Forensics module


of 83

APPENDIX C: MODULE DESCRIPTIONS


11. Appendix D: Assessment materials (Appendix to section 5 of application)Please include assessment materials for the taught modules on the Master’s structured as in the examples below. This will help assessors navigate the materials supplied.

Return to Assessment Materials .


11.1 Cyber Security Foundations assessments


11.2 Cryptography assessments


11.3 Network Security assessments


11.4 Malware assessments


11.5 Forensics assessments


of 83

APPENDIX D: ASSESSMENT MATERIALS


12. Appendix E: External Examiners’ Reports (Appendix to Section 5 of Application)Please provide copies of the external examiners’ reports and the HEI’s response in the two sections below.


12.1 External examiners’ reports


12.2 HEI’s response to external examiners’ reports


of 83

APPENDIX F: RESEARCH DISSERTATIONS