This course aims to cover core topics on security in computing.

This will include a selection of the following topics:

    *   Introduction in the domain of software security

    *   Cryptographic primitives

    *   Cryptographic protocols

    *   Cryptographic libraries

    *   Processor Security Primitives

    *   Low-level security

    *   Memory management vulnerabilities

    *   Side-channel vulnerabilities

    *   Capability-based security and object capabilities

    *   Authorization models and techniques

    *   Trusted electronic transactions

    *   Legal and societal aspects of software security and privacy

    *   Web security

The labs focus on practical instances of the above topics, for example practical exploitation techniques or employing cryptographic libraries to solve software security problems.

A software security project supports the course objectives.

General competences

Knowledge and insight.
The student gains insight in the properties of building blocks for security and can apply them to build security protocols.  At the end of the course, the student can apply cryptographic libraries to tackle software security problems.  The student can also reason about the security vulnerabilities in advanced software systems.  The student gains insight in state-of-the art mechanisms to protect applications.

The use of knowledge and insight.
The student can apply his knowledge to tackle software security problems.

The student can report about a security software project in a written and oral manner.

The course contributes to development of the skills necessary to deals with software security problems.


This course contributes to the following program outcomes of the Master in Science in Applied Computer Sciences:

-  The Master has advanced knowledge and understanding of the problems related to security and privacy in the context of software and digital data, and has advanced knowledge of techniques to develop secure software. 

- The master can, in the context of software-intensive systems, independently formulate problem statements and solutions with a focus on innovation and considering the scientific and technical constraints, and can implement those solutions or supervise the implementation.

- The master can make abstraction of and critically reflect on the technological state-of-the-art of Computer Science. He or she can choose between the different solutions provided by the relevant sub-domains, to implement a software-intensive project and can motivate his or her choices scientifically.

- The master has good knowledge of the scientific literature of both the theory and practice of advanced topics in computer science.

- The master is able to report and communicate in a scientific manner, both orally and in writing, to an audience of peers as well as to non-specialists, and both in Dutch and in English.

- The master has responsibility, is self-critical, can handle pressure, is scientifically-technically curious, and is disciplined and accurate in the elaboration of an assignment. He or she exhibits these properties both in independent work and in team work.

- The master has an inquiring attitude and an attitude of lifelong learning. He or she is able to independently acquire new scientific and technical information by consulting the literature (and refer correctly to it) and to process this information. He or she is able to actively keep his or her knowledge up-to-date.

- The master is aware of the ethical, social and economic context of his or her work and strives for sustainable solutions with an eye for security, privacy and quality.


The evaluation consists of two parts.  On the one hand, there is a software security project that must be submitted and orally defended.  This software project is made either alone or in groups consisting of two students, as decided by the didactic team. It counts for 50% in the overall evaluation.  On the other hand, there is a traditional oral exam with written preparation that also counts for 50% in the overall evaluation. Students must participate in both the exam and the course project in order to get a grade for the course.

