The University of Southampton

COMP3217 Secure Systems

Module Overview

The aim of this module is to equip students with the necessary skills and experience to understand, and attempt to counter, the principal threats to data and electronic system security.

It is compulsory for students wishing to obtain a GCHQ accredited MSc in Cybersecurity.

Aims & Objectives


Knowledge and Understanding

Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:

  • the range of electronic and software systems which present potential security hazards

Subject Specific Intellectual

Having successfully completed this module, you will be able to:

  • understand and recognise instances of the principal attacks on such systems

Subject Specific Practical

Having successfully completed this module, you will be able to:

  • take straightforward measures to protect systems from security breaches


  • Background: types of attack and attacker, range of systems
  • Software systems and vulnerabilities
    • Software Vulnerabilities : Buffer overflow
    • Reverse engineering of suspicious codes
    • OS vulnerabilities: patch management, rootkits and viruses
    • Software systems
    • Penetration testing
  • Hardware systems and vulnerabilities
    • Side channel attacks: power analysis and resistant designs
    • Wireless ID: ISO14443, Mifare, E-Passports and related near-field communications systems
    • Card security, EMV payment systems, GSM and SIM cards
    • Physical security: chip and pin machines, secure modules
    • Wired and WiFi network security
    • Examples of weak cryptosystems: GSM, WEP
  • Mixed hardware and software systems (restructured)
    • Infrastructure attacks: smart grids, the Italian Job, cyber-warfare

Learning & Teaching

Learning & teaching methods

This is an unusually intensive module.

There are thirty-six lectures and a further four four-hour laboratories, making for a total of 52 contact hours.

Further reading and code practice outside the lectures and laboratories will be essential.

LectureLecturing will be split between teaching team36
Specialist LabOrganised as 4 four-hour sessions.16


Assessment methods

Students will have the opportunity to repeat failed (<50%) or missed laboratories on their own during the semester.

MethodHoursPercentage contribution
Buffer Overflow Exploitation -25%
Reverse Engineering of Code-25%
Advanced Penetration Testing and System Infiltration-25%
Tor and Tails. -25%

Referral Method: See notes below

A referral will consist of a special one-day laboratory with different morning and afternoon exercises conducted alone.

Share this module FacebookGoogle+TwitterWeibo

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.