Academic Handbook Course Descriptors and Programme Specifications
LSCI62118A Software and Data Security Course Descriptor
| Course code | LSCI62118A | Discipline | Computer Science |
| UK Credit | 15 | US Credit | N/A |
| FHEQ level | 6 | Date approved | October 2023 |
| Compulsory/ Optional |
Compulsory for Software Engineer Specialism or Cyber Security Analyst | ||
| Pre-requisites | None | ||
| Co-requisites | None | ||
Course Summary
It is of vital importance that applications are secure and that users have complete confidence that their data is held securely, unavailable to those that would seek to use it for their own good and/or illegal purposes. This course therefore examines and investigates the principles of common security architectures and the methodologies, processes and procedures that underpin software and data security. Within the software development life-cycle, a range of methodologies and tools are employed to identify vulnerabilities and weaknesses, and to systematically review and implement robust security alongside stakeholder considerations such as accessibility. Threats to data security and how to protect data are major concerns of all businesses and organisations. To achieve this and meet the requirements of regulations and legislation a range of methods and strategies are employed. The audit of data can classify it and manage it to mitigate risk, technological tools and methods may be employed to test and identify risk, while policies, procedures and practices aim to ensure the physical and human environment are safe.
This course aims to equip learners with an understanding of common security architectures, methodologies, and techniques, as well as the foundational principles of software and data security within regulatory contexts, to underpin software and data security. It considers the concept of vulnerabilities, weaknesses, and threats that affect software and data security, emphasising their potential impact on stakeholders. Additionally, the course provides learners with material that encourages them to assess the broader operational landscape surrounding software and data storage, access, and usage. By doing so, learners can acquire the ability to formulate recommendations that enhance security measures and effectively mitigate risks.
Learning Outcomes
On successful completion of the course, students will be able to:
Knowledge and Understanding
| K1c | Critically analyse the principles of common security architectures and methodologies., concepts and processes that underpin software and data security and the regulatory and legislative and societal context within which they operate. |
| K2c | Critically evaluate vulnerabilities and weaknesses in software development, and threats to data security, and potential impact on stakeholders. |
| K3c | Apply strategies and methodologies that build security into software and ensure a secure data environment. |
Subject Specific Skills
| S1c | Accurately interpret regulations, legislation and the expectations of governance, policy, and processes for software and data security, with particular consideration for different stakeholders. |
| S2c | Plan security measures, processes and methods that build security into the development and use of software alongside stakeholder considerations such as accessibility, and ensure data is stored, accessed, and used in a robust security environment. |
| S3c | Assess methodologies and use appropriate tools, processes and methods to identify weaknesses and vulnerabilities in software development, and identify threats to data security. |
Transferable and Employability Skills
| T1ci | Engage in effective research, collate and analyse technical information to support complex problem solving. |
| T1cii | Display an advanced level of technical proficiency in written English and competence in applying scholarly terminology, so as to be able to apply skills in critical evaluation, analysis and judgement effectively in a diverse range of contexts. |
| T2c | Apply analytical and critical thinking skills to complex technological problems and their solutions. |
| T3c | Apply understanding of business contexts, including accessibility requirements, and develop arguments to support technological solutions and innovation. |
Teaching and Learning
This is an e-learning course, taught throughout the year.
Teaching and learning strategies for this course will include:
- Online learning
- Online discussion groups
- Online assessment
Course information and supplementary materials will be available on the University’s Virtual Learning Environment (VLE).
Learners are required to attend and participate in all the formal and timetabled sessions for this course. Learners are also expected to manage their self-directed learning and independent study in support of the course.
The course learning and teaching hours will be structured as follows:
- Off-the-job learning and teaching (6 days x 7 hours) = 42 hours
- On-the-job learning (12 days x 7 hours) = 84 hours (e.g. 2 days per week for 6 weeks)
- Private study (4 hours per week) = 24 hours
Total = 150 hours
Workplace assignments (see below) will be completed as part of on-the-job learning.
Assessment
Formative
Learners will be formatively assessed during the course by means of set assignments. These will not count towards the final degree but will provide students with developmental feedback.
Summative
Assessment will be in two forms:
| AE | Assessment Type | Weighting | Online submission | Duration | Length |
| 1 | Set Exercises | 60% | Yes | Requiring on average 20 – 30 hours to complete | – |
| 2 | Written Assignment (workplace case study) | 40% | Yes | – | 1500 words |
Further information about the assessments can be found in the Course Syllabus.
Feedback
Learners will receive formal feedback in a variety of ways: written (via email or VLE correspondence) and indirectly through online discussion groups. Learners will also attend a formal meeting with their Academic Mentor (and for apprentices, including their Line Manager). These bi or tri-partite reviews will monitor and evaluate the learner’s progress.
Feedback is provided on summative assessed assignments and through generic internal examiners’ reports, both of which are posted on the VLE.
Indicative Reading
Note: Comprehensive and current reading lists for courses are produced annually in the Course Guide or other documentation provided to learners; the indicative reading list provided below is used as part of the approval/modification process only.
Books
- Kohnfelder, L. (2021) Designing Secure Software: No Starch Press.
- Ribeiro, M. (2022) Learning DevSecOps: O’Reilly Media, Inc.
- Warren Axelrod, C. (2012) Engineering Safe and Secure Software Systems: Artech House.
Journals
Learners are encouraged to read material from relevant journals on Software and Data Security as directed by their course leader.
Electronic Resources
Learners are encouraged to consult relevant websites on Software and Data Security.
Indicative Topics
Learners will study the following topics:
- Software and Data Security
- Secure Software Development (DevSecOps)
- Secure Data Management
| Title: LSCI62118A Software and Data Security
Approved by: Academic Board Location: Academic Handbook/BSc (Hons) Digital & Technology Solutions |
|||||
| Version number | Date approved | Date published | Owner | Proposed next review date | Modification (As per AQF4) & category number |
| 3.0 | October 2023 | October 2023 | Dr. Alexandros Koliousis | October 2028 | Category 1: Corrections/clarifications to documents which do not change approved content.
Category 3: Changes to Learning Outcomes |
| 2.0 | October 2022 | January 2023 | Dr Yu-Chun Pan | September 2027 | Category 3: Changes to Learning Outcomes |
| 1.0 | September 2022 | September 2022 | Dr Yu-Chun Pan | September 2027 | |