Cyber Security (CSE)

Entry - 1st year

• University of Rennes 1 (UR1), France
• University of Trento (UniTN), Italy
• University of Turku (UTU), Turku, Finland
• University of Twente (UT), The Netherlands

The first year is similar at all entry points with basic courses on Introduction to Computer Security, Network Security, System Security, Information Security Management, Cryptography and Privacy. In addition to that, some elective courses may be chosen to prepare for a specialisation.

An important part of the programme is the Innovation & Entrepreneurship (I&E) courses. The I&E basics course provides an introduction to business and management. The Business Development Lab extends media systems engineering projects by a market survey, a business model generation process, and a venture development exercise. The programme emphasises user driven innovation and holistic analysis of service, technology, organisation and financial perspectives, as new technologies are disruptive for existing business models and almost always have a significant impact on the culture and social relations. Society-relevant themes also are at the core of the summer schools, which bring students from the different entry points together.

Exit - 2nd year, specialisation

• Advanced Cryptography at University of ELTE (ELTE), Budapest, Hungary
• Applied Security at the University of Trento (UniTN), Italy
• Cyber Security: High Tech, Human Touch at the University of Twente (UT), The Netherlands
• Mobile and Cloud Security (EURECOM)
• Security of Networked Systems at University of Turku (UTU), Finland
• Software Security at University of Rennes 1 (UR1), France

University of Rennes 1 (UR1)

Mandatory:

• Introduction to Security (semester 1 - 5 ECTS)
• Software engineering and Security (semester 1 - 5 ECTS)
• Operating Systems and Security (semester 1 - 5 ECTS)
• Network Security (semester 1 - 5 ECTS)
• Algorithmics for security (semester 2 - 5 ECTS)
• Privacy (semester 2 - 5 ECTS)
• System Security (semester 2 - 5 ECTS)
• Software Security (semester 2 - 5 ECTS)

I&E:

• Introduction to Innovation and Business (semester 1 - 5 ECTS)
• Knowledge and intangible assets management (semester 2 - 5 ECTS)
• Business Development Laboratory 1 (semester 1 - 5 ECTS)
• Business Development Laboratory 2 (semester 2 - 5 ECTS)
• (EIT summer school, offered by EIT 4 ECTS)

University of Trento (UNITN)

Mandatory

• Introduction to Computer and Network Security 6 ECTS
• Cryptography 6 ECTS
• Software Security Testing 6 ECTS
• Cyber Security Risk Assessment 6 ECTS
• Network Security 6 ECTS
• Privacy and IPR 6 ECTS

* Security testing and Cyber Security Risk Assessment will swap semesters in 2017/2018.

Advanced and Eligible Courses

• Machine Learning 6 ECTS
• Data Hiding 6 ECTS
• Formal Techniques for Crypto Protocol Analysis 6 ECTS
• Laboratory on Offensive Technologies 12 ECTS
• Finite Fields and Symmetric Cryptography 6 ECTS
• Distributed Systems 2 6 ECTS

Innovation and Enterpreneurship Courses

• Innovation and Entrepreneurship Basics (Economics and Management) 6 ECTS
• Business Development Lab 9 ECTS
• ICT Innovation - Product Design and Development 6-9 ECTS
• I&E Studies 6 ECTS

University of Turku (UTU)

Mandatory:

• System and Application Security 5 ECTS
• Network Infrastructure Technologies and Security 5 ECTS
• Human Element in Information Security 5 ECTS
• Management of Information System Security and IT Service Continuity 6 ECTS
• Foundations of Cryptography 5 ECTS
• Cryptography I 5 ECTS
• Finnish for Foreigners 5 ECTS

I&E:

• Introduction to Innovation and Business 5 ECTS
• Business Development Laboratory 7ECTS
• Enterprise Architecture 6 ECTS
• Business Management of Startups 3 ECTS
• (EIT summer school, offered by EIT 4 ECTS)

ELECTIVE:

Selected together with student from available courses during personal study planning.

University of Twente (UT)

11 mandatory subjects:

201500026 CRM: Cyber Risk Management 5 ECTS

201500027 Crp: Security and Cryptography 5 ECTS

201600051 SoS: Software Security 5 ECTS

191612680 CoE: Computer Ethics 5 ECTS

201700074 InS: Internet Security 5 ECTS

201500042 PET: Privacy-Enhancing Technologies 5 ECTS

201700086 SyS: System Security 5 ECTS

201700180 [I&E] Basics: Innovation and Entrepreneurial Finance EIT students 5 ECTS

201700119 [I&E] Business Development Lab I 5 ECTS

201700120 [I&E] Business Development Lab II 5 ECTS

*201400613 [I&E] EIT Summer School (external) 5 ECTS

One of the following elective I&E subjects:

201600155 [I&E] Global Strategy and Business Development 5 ECTS

194105070 [I&E] Information Systems for the Financial Services Industry 5 ECTS

201500008 [I&E] Empirical Methods for Designers 5 ECTS

One of the following elective Cybersecurity subjects:

201500028 EoS: Economics of Security 5 ECTS

192140122 SyV: System Validation 5 ECTS

201600070 MaL: Basic Machine Learning [only in combination with CDA] 5 ECTS

201500040 Bio: Introduction to Biometrics 5 ECTS

201500041 CSM: Cyber Security Management 5 ECTS

192130112 DiS: Distributed Systems [only in combination with BCT] 5 ECTS

201500036 STR: Software Testing and Reverse Engineering 5 ECTS

201700079 BCT: Blockchain & Distr. Ledger Tech. (req. DiS) [lim. avail.] 5 ECTS

201500039 SeV: Security Verification (req. SyV) 5 ECTS

201100022 CCS: Cyber Crime Science 5 ECTS

201500444 DiF: Digital Forensics 5 ECTS

201500037 CDA: Cyber Data Analytics (req. MaL) 5 ECTS

201500038 ELa: E-Law 5 ECTS

201700083 SSH: Security Services for Home Networks [lim. avail.] 5 ECTS

Advanced Cryptography (ELTE)

Security and privacy are crucial issues for citizens and customers using IT-based systems. The specialisation focuses on the general ideas, techniques and methods of Applied Cryptography as well as on the theoretical background and solid knowledge, putting security in a wider context. Security and privacy are considered both from the technological and from the economical point of view, which supports decisions in many practical cases.

Applied cryptography serves as a base for most of the secure IT-systems (e.g. in Future Media and Content Delivery, Smart Spaces, Digital cities, Health and ICT-Mediated Human Activity, and Enabling the Internet of the Future).

Graduates are:

• able to manage all the typical cryptographic challenges in IT-Systems,
• able to develop cryptosystems under various circumstances,
• aware of the theoretical and practical background, and
• offered internships at our partner IT companies and research institutes.

Specialisation mandatory courses (24 ECTS):

• Advanced cryptography (6 ECTS)
• Cryptography and its applications (6 ECTS)
• Cryptographic protocols (6 ECTS)
• Economics of Security and Privacy (6 ECTS)

Specialisation electives:

• Applied Cryptography Project Seminar (6 ECTS)

Programme coordinator: Prof Peter Sziklai: sziklai@cs.elte.hu

Peter Sziklai is Professor, Head of the Department of Computer Science at Eötvös Loránd University, Budapest , Research professor at the MTA-ELTE Geometric and Algebraic Combinatorics Research Group, Doctor of Science (D.Sc.) of the Hungarian Academy of Sciences, Head of the ELTECRYPT research group and also the coordinator of the EIT Digital Master School Cyber Security programme.

Applied Security (University of Trento)

In recent years, the most popular computing and communications platforms have changed dramatically from old desktops and personal computers to a myriad of new devices, often embedded and personal. New devices used not only to navigate the web, send email and write document but rather to support pervasively most of the activity users perform during their everyday life. This revolution has touched private, business and governmental domains (e.g., industry 4.0, Internet of Things, critical infrastructures, smartphones, smart cities, etc.). This in turn has created entire new ecosystems that include technical, social and economical factors.

The specialisation Applied Security focuses on addressing security and privacy for these new ecosystems trying a holistic approach that does not focus only on technical issues. It covers the technological aspects such as investigating and experimenting new class of threats and vulnerabilities that apply to these new systems or designing user authentication mechanisms for devices were passwords cannot be an option. It also covers the economic aspects that are crucial to understand attackers, their motivations and the best defense strategy (i.e., When is worth patching a vulnerability? Which vulnerability is worth patching? Are economic-related questions rather than technical-related ones).

Specialisation courses:

• Multimedia Data Security (6 ECTS)
• Offensive Technologies (12 ECTS)
• Project course (6 ECTS)
• Research course (12 ECTS)
• Security Testing (6 ECTS)
• Distributed systems 2 (6 ECTS)
• Privacy and Intellectual Property Rights (6 ECTS)

The specialisation iis embedded in the Computer Science Master programme at the University of Trento. For more information (including scheduling and sample study plans), please click here.

Programme coordinator: Prof Fabio Massacci fabio.massacci@unitn.it

Prof Dr Fabio Massacci received a M.Eng. in 1993 and PhD in Computer Science and Engineering at University of Rome La Sapienza in 1998. He visited Cambridge University in 1996-97 and was visiting researcher at IRIT Toulouse in 2000. He joined the University of Siena as assistant professor in 1999, and in 2001 he became a full professor at the University of Trento. His research interests are in security requirements engineering and verification and load-time security for mobile and embedded systems (Security-by-Contract). He co-founded the ESSOS with W. Jousen, Engineering Secure Software and Systems Symposium, which aims at bringing together requirements, software engineers and security experts. He was leading the Empirical Security Requirements and Risk Engineering Challenge (ERISE). He has been a scientific coordinator of multimillion-euro EU projects on security compliance, security engineering and secure evolution.

Cyber Security: High Tech, Human Touch (University of Twente)

Although cryptography has been around for quite some time, emerging concepts such as “Bring Your Own Technology”, the “Internet of Everything”, or “Crypto Currencies”, that increasingly exploit mobility and personalisation, put new requirements on security technologies; think about the e-cigarette USB-charger that infects a big corporation with malware. Today’s high diversity of Internet-connected systems and services led to a substantial increase of (new) cyber-attacks in the past years.

Such Internet-connected systems can be found in almost every domain, including critical infrastructures (e.g., water supply), as well as in large-scale services (e.g., hospitals) and embedded systems (e.g., in-car control systems). Notably, many risks for such systems are not solely technical but use the human factor as a characteristic element (e.g., through social engineering).

Our specialisation looks at the many risks in the above-mentioned settings and provides mitigations that can be used at design time and at operation time, while taking into account the specific requirements of the various systems and the impact that risks might have. As a distinguishing element, we include the “human touch” in our attack analysis and mitigation techniques (e.g., replacing password-checks with biometric-verification or raising situational awareness to mitigate social engineering attacks).

Specialisation courses:

• Secure Data Management (5 EC)
• Introduction to Biometrics (5 EC)
• Economics of Security (5 EC)
• Cyber Security Management (5 EC)
• System Validation (5 EC)
• Security Verification (5 EC)
• Fundamentals of Quantum Information (4 EC)
• Quantum Cryptography (5 EC)
• Computer Ethics (5 EC)

The University of Twente (UT) holds the title of the most entrepreneurial university in Europe. As such, it has an extremely large network in industry that includes around 700 university spin-offs (e.g., Booking.com was founded by a UT alumni). This provides excellent opportunities to connect to industry and access to a multitude of internship offers.

For more information (including scheduling and sample study plans), please visit: www.4tu.nl/cybsec/en/EIT/

Programme coordinator: Dr Andreas Peter (a.peter@utwente.nl)

Dr Andreas Peter is an assistant professor at the University of Twente (The Netherlands) and the local node-coordinator of the EIT Digital Cyber Security specialization in Twente on “Cyber Security: High Tech, Human Touch”. His own research focuses on both fundamental and applied security and privacy aspects in IT systems with a focus on privacy-enhancing technologies and cryptographic protocol design & analysis. He served on the programme committees of several workshops and conferences devoted to information security and privacy. Since 2015, he serves on the Editorial Board of the MDPI Open Access Journal on Cryptography and the SpringerOpen EURASIP Journal on Information Security.

Mobile and Cloud Security (EURECOM)

Security of Networked Systems (University of Turku)

Software Security (University of Rennes 1)