Cybersecurity (Conversion) (with optional Placement/Project year) MSc

• Internet and web terminology, protocols and infrastructure
• Web document structure and content (e.g. HTML)
• Web aesthetics
• Web scripting
• Web requests (e.g. use of HTTP verbs)
• Using Internet and Web tools (e.g. IDEs, FTP clients)
• Web APIs
• Common Web security issues (e.g. CSRF, XSS, SQL Injection)
• Web hosting configuration
• Server side scripting
• Databases (e.g. SQL, Keys, CRUD operations)

• To enable students to develop a broad knowledge of web technologies
• To introduce the languages commonly used to structure, present, and provide interactivity within web sites
• To give students a solid foundation in practical technical skills required to develop client-side web applications
• To provide an overview to server-side web application development including understanding of the client-server model

1. Projects which will involve the application of methods and equipment introduced in taught modules, will be based on subjects agreed in principle with the Postgraduate Dissertation Coordinator and potential supervisors.
2. The research dissertation may be University-based or carried out in the employer’s workplace, or through a work placement where a local organisation has a direct role in facilitating the project.

To afford students the opportunity to experience the complete life-cycle of a successful and significant research-based project

To provide real-world experience of meeting the requirements of academic and professional standards, including high-level writing and referencing skills.

To demonstrate to peers and to current and potential employers the student’s ability to carry out good quality academic research, in a particular field, which is relevant to their programme of study. This may involve the application of existing research within a novel context.

To include:

• Time management, library skills and literature search
• Evaluation of information sources
• Critical analysis of information
• Ethical issues in science, technology and engineering research (including intellectual property and plagiarism)
• Writing for research: styles and rules for presentation (including referencing standards)
• Choosing a research area and evaluating source material
• Hypothesis formation
• Research approaches and methodologies
• Design and application of questionnaires & interviews
• Quantitative and statistical tools for researchers (e.g. R, Python, SPSS)

• To clarify the distinctions between undergraduate and postgraduate level work and expectations
• To increase students' experience in order to conduct a professional study and to use sampling procedures and analysing techniques.
• To improve students' appreciation of time management and how to conduct a literature search
• To reinforce students' research skills
• To consolidate students' appreciation of professional issues such as copyright and ethics

• Evolution of Robotics
• Microcontrollers: Arduino and Raspberry Pi
• Computer Vision
• Agents and Multi-Agent Systems
• Machine learning and robotics

• To introduce the concept of artificial intelligence (AI) and to evaluate its role in the development of robotics.
• To introduce theoretical approaches to the development of intelligent robots.
• To undertake practical tasks to demonstrate how AI techniques can be implemented for robotics.
• To analyse methods for designing and deploying robotic systems.
• To critically evaluate the ways in which intelligent robots can be used in real world situations

1. Speaking Cyber - Core understanding of Cybersecurity terminologies
2. Introduction to programming with cybersecurity perspective
3. Implementing secure systems. Illustrative of what may be covered include:
   1. Design and development considerations
   2. Selecting and applying core technologies
   3. Cryptography
   4. Human factors
   5. Auditing (security audits, logging, digital investigation
      etc.)
   6. Defense-in-depth
   7. Google hacking
   8. Pentesting
4. Threats and resolutions 

1. To empower the students with core understanding of the key terminologies in cybersecurity
2. To introduce students to programming with a cybersecurity perspective 
3. To provide students with the understanding of the common cybersecurity concepts and technical security controls available to prevent, detect and recover from security incidents and to mitigate risks
4. To give students a solid foundation in the practical technical skills which can then be harnessed later in CO7604 and CO7605 

1. Information Security Management
   1. This will include core security standards (e.g., ISO27001, ISO27032), policies and governance
      etc.
2. Information Risk Management and Business continuity Management
3. Audit, Assurance and Review
4. Understanding the threats and risks businesses face today. Illustrative part of how this (or what) might be covered include:
   1. Through problem based learning and possible industry collaboration
   2. Exploring Social Engineering, the Least Resistance Path, Incident Response, Defence Indepth
      etc.
5. Government strategy on Cybersecurity

This module will develop the student's understanding of the implications of cybersecurity to today's businesses, how businesses can gain market advantage by leveraging simple and yet robust cybersecurity principles, and government's cybersecurity strategy for businesses in the UK. Being a conversion masters, this will prepare students with useful cyber skills to lead or easily be part of cybersecurity efforts in their organisations. The aims are further broken down as follows:

1. To develop the capability for determining, establishing and maintaining appropriate governance of processes and responsibilities, delivery of controls, and cost-effective solutions for information security within a given organisation.
2. To understand and be able to manage the risks relating to information, information systems and assets.
3. To understand the need for, and be able to design and implement processes for, establishing business continuity.
4. To develop the capability for defining and implementing the processes and techniques used in verifying compliance against security policies, standards, legal and regulatory requirements.
5. To use real life business scenarios to expose students to cybersecurity needs of today’s businesses.
6. To understand government's strategies for tackling cybersecurity issues in business.

Software attack techniques, approaches, and methodologies.

Exposure to exploitation techniques, including for example, buffer overflow, stack overflow, heap attacks, and UAF (Use After Free), amongst others.

Attack methods including system, host, network, and web-based attacks.

Tools and techniques; use of existing tools and development of new tools.

Software Protection Methods and principles of secure software and system design.

The main weakness in systems is often the software they run, including software on devices and networked systems.

The aim of this module is to study, understand, and practice the state-of-the-art technique for gaining entry, i.e. 'exploitation', of software across a variety of systems and platforms.

With this understanding, the student will in parallel study and understand various counter-measures employed in system software against these attacks, the limitations of both the attacks and counter-measures, and counter-counter-measures.  Understanding this cycle will give the student appreciation of the exploitable vulnerabilities and the need for and way to architect and design a secure system.

Furthermore, the student will gain understanding of and experience in a number of tools and techniques in order to perform vulnerability and penetration tests on new software.

• Digital system forensics
  • Disk
  • Memory
  • Mobile
  • Cloud
• Live forensics
• Encryption and obfuscation
• Malware analysis and investigation
• Network forensics
• Anti-forensics
• Methodologies, approaches, and techniques
• Cyber Threat Intelligence and attribution
• Incident Response
• Ethical issues in digital forensics and incident response

This module aims to introduce the student to the need for and uses of digital forensics and incident response from an organisational security perspective.

The aim of this module is to introduce, study, understand and practice digital forensics techniques, and to understand the limitations of common techniques.  It aims to develop in the student an appreciation and understanding of anti- and counter-forensics, including falsification of data.  Finally, it aims to build the students' understanding of malware, how it operates, and practices to deal with it.

Students will gain an understanding of Incident Response and Cyber Threat Intelligence.

• Network security and attacks
• The current threat landscape
• Social engineering
• Penetration testing tools
• Active defence
• Threat hunting
• Defensive strategies and tools 
• Hack back and the legal implications
• Hacker tools
• Penetration testing; methodologies, approaches, and techniques
• Penetration test reporting
• Ethical issues in penetration testing and active defence

This module aims to:

• introduce the student to the need for and uses of penetration testing and active defence from an organizational security perspective;
• introduce, study, understand and practice active defence and the limitations of common techniques. This will also look at relevant tools and the legal aspect of 'hack back';
• help the student study, understand, and practice penetration testing techniques, developing skills in 'access' over networks, and how attackers look at a target; 
• the relevant skills, knowledge and usage of hacker tools and how to stop/deter attackers

These will be built upon to allow the student to better understand network and holistic defenses and to be able to design secure interconnected systems.

Embedded Systems and Field Programmable Gate Array (FPGA) Technology

• Concurrent assignment statements and unintended memory
• Adopting proper hardware description language (HDL) coding style and taking a divide and conquer approach for code development
• The need for design simplification.
• Regular sequential circuit block system and registers 
• Building test-benches for sequential circuits
• Timing, clocking, operating frequency and clock tree considerations
• The Finite-state machine (FSM), its representation and FSM HDL code development
• The Finite-state machine with data path (FSMD), its representation and FSM HDL code development

Internet of Things (IoT)

• Automatic Identification Technology and Radio-frequency identification (RFID)
• Wireless Sensor Network
• Location System
• Internet and Mobile Internet
• Wireless Access Technology
• Big Data, IoT & Cloud Computing
• Information Security for IoT
• IoT Application Case Studies
• Arduino Opla, Espressif System on Chip (SoC) & Raspberry Pi IoT technologies

The Embedded Systems part of this module aims to develop the skill in students of digital systems design with the VHDL hardware description language (HDL) and Field Programmable Gate Array (FPGA) reprogrammable and fast prototyping technologies. Students will be able to produce design, synthesis of circuits and implement system on chip (SoC) using modern electronic design automation (EDA) tools.

The Internet of Things (IoT) contents aim to develop the advanced practical skills in building and designing IoT related components and network systems, going from the sensors layer to the cloud processing. This part also develops expertise in the use of a hardware/software tools to create and simulate practical systems, considering big data, energy consumption control and network security aspects.