Official course description:

Full info last published 21/08-20
Course info
ECTS points:
Course code:
Participants max:
Offered to guest students:
Offered to exchange students:
Offered as a single subject:
Price for EU/EEA citizens (Single Subject):
21250 DKK
MSc. Master
MSc in Computer Science
Course manager
Full Professor
Associate Professor
Associate Professor
Assistant Professor
Assistant Professor
Assistant Professor
Course semester
Efterår 2020
24 August 2020
31 January 2021
Exam type
ekstern censur
Grade Scale
Exam Language

You will take this course as part of the security specialization.  The course will prepare you to develop  software that must run reliably and securely in adversarial environments.   You must have taken Security 1 and Security 2 as well as Discrete Mathematics and a programming course to be admitted to this course.


This is the advanced course in the Security specialization.

This course will cover advanced aspects of information security that will enable you to develop software that can run securely and reliably in adversarial environments.  The course includes technical and social elements. The course is organized in six modules.

  1. Cryptographic protocols.  In this module you will learn about cryptographic protocols, how to design them and how to ensure that they are actually secure.
  2.  Accountability.  In this module we discuss how to design protocols that are not only secure, but that have the property to be able to assign blame in the case something does go wrong.
  3. Information Flow Control. In this module you learn how to prove that a program preserves the confidentiality and integrity of information. You will see tools that help programmers write information-flow secure programs, and learn the theory that makes these tools possible.
  4. Usable Security.  In this module you will learn how  to secure not only the software, but entire process from creation to end-user usability paying particular attention to the operational environment in which the software will be used.
  5. Code Scanning. In this module we discuss  tools to identify security vulnerabilities in your software automatically.  You will learn the way these tools work and how to apply them.
  6. Attack Trees. This final module is about a technique that will allow you to think about possible attack vectors of socio-technical systems and how to evaluate them.

After the course, you will understand how security vulnerabilities are introduced into software and you will be able to use tools to eliminate them.

Formal prerequisites
  1. Security 1
  2. Security 2
  3. Discrete Mathematics
  4. Introduction to Programming

Intended learning outcomes

After the course, the student should be able to:

  • Create cryptographic protocols
  • Analyze techniques to achieve accountability
  • Analyze information flow control techniques
  • Apply usability security design techniques
  • Formulate real-world scenario using attack trees
Learning activities

  • Create cryptographic protocols
  • Analyze techniques to achieve accountability
  • Analyze information flow control techniques
  • Apply usability security design techniques
  • Apply code scanning tools to source code
  • Formulate real-world scenario using attack trees

Mandatory activities

There are 6 quizes.  There is an individual oral exam.

The student will receive the grade NA (not approved) at the ordinary exam, if the mandatory activities are not approved and the student will use an exam attempt.

Course literature

The course literature is published in the course page in LearnIT.

Student Activity Budget
Estimated distribution of learning activities for the typical student
  • Preparation for lectures and exercises: 15%
  • Lectures: 25%
  • Exercises: 25%
  • Assignments: 15%
  • Exam with preparation: 10%
  • Other: 10%
Ordinary exam
Exam type:
B: Oral exam, External (7-point scale)
Exam variation:
B22: Oral exam with no time for preparation.
Exam duration per student for the oral exam:
30 minutes

Time and date