Usted está aquí: Inicio Ingeniería Informática Security Engineering (2012)

Security Engineering (2012)

Acciones de Documento
  • Fuente RSS
  • Vista de contenidos
  • Marcadores (bookmarks)
  • Exportación de LTI
Autores: Juan Estévez Tapiador, Guillermo Suárez de Tangil
This course covers a number of principles, methods, tools and good practices to secure systems all the way through its life cycle (specification, analysis, design, implementation, test and evolution) as well as tradeoffs involved during this process.


Imagen Security Engineering




Computer Science Department
Universidad Carlos III de Madrid

Security Engineering
4th course
Bachelor in Informatics Engineering

September 2012

Finalista Premio Universia 2013

Image courtesy of


Suggested learning time: 150 hours.



  • Cryptography and Computer Security

  • Computer Networks

  • Operating Systems


Security Engineering aims at building systems that remain dependable in the face of malice, error or mischance. This course covers a number of principles, methods, tools and good practices to secure systems all the way through its life cycle (specification, analysis, design, implementation, test and evolution) as well as tradeoffs involved during this process. 

Security management, threat identification, as well as risk analysis and measurement are some of the processes a security engineer must know in order to design and develop secure IT systems needed in modern societies.



The main goal of this course is to make students aware of the complexity of ensuring security principles in today's IT systems and architectures. Only by understanding IT security from an engineering point view, as a multidisciplinary subject, we can design and develop secure IT systems. The student will acquire the necessary skills to design and plan global security solutions. Students will also become familiar with different security mechanisms, their life cycle and costs. Finally, students must know the main laws and regulations involved in security decisions.

In order to achieve these goals, students must acquire specific knowledge, capacities and attitudes: Regarding knowledge, at the end of the course the student will be able to:

  • Understand security as a complex process covering different areas and disciplines.

  • Know the main security standards, norms, and certification procedures.

  • Understand the risks associated to open distributed systems.

  • Identify physical threats and the corresponding countermeasures.

  • Identify the different components of a security plan.

  • Understand the life cycle of a security plan and the feedback-based paradigms used.

  • Know the legal framework applicable to information security at the national, European and international scales.

With regard to capacities, the students will acquire specific and generic capacities. Regarding specific capacities, the student will be able to:

  • Analyze security protocols and manage security risks.

  • Assess the suitability of different security mechanisms, depending on risk assessment.

  • Create a complete security plan managing all the appropriate security measures.

Regarding generic capacities and skills, the student will be given the opportunity:

  • To work on a specific system, in a particular environment, to investigate vulnerabilities and possible threats.

  • To study and identify the information needed to solve a particular security problem.

  • Apply knowledge from various disciplines (technical, organizational and legal) to solve a particular problem.

Regarding attitudes, the student will be encouraged to:

  • Adopt a critical view over traditional, ad-hoc security systems based on the accumulation of security equipments, without ever conducting a formal analysis for the development of a global solution.

  • Develop collaborative skills to be able to obtain, from security IT managers, the necessary information about a system to analyze and assess risk, and to communicate the proposed solutions.

  • A positive attitude towards team working, to exchange different points of view and opinions.

  • A positive attitude towards the laws that affect the implementation of systems and security products.



The teaching material used for this course is grouped into two main blocks. The first one covers lectures and activities carried out in a usual lecturing theater. It is organized into three main parts:

  • Part I. Overview
  • Part II. Access Control
  • Part III. Network Security


The second part comprises practical activities performed in the lab under the guidance of a demonstrator. 



The course is assessed both through written tests and deliveries/reports handed in by the students. 

Reutilizar Curso
Descargar este curso