University of Rennes 1 (UR1), France

Link to the university: https://www.univ-rennes1.fr/
Programme
Contact: Pierre-Alain Fouque, pierre-alain.fouque@univ-rennes1.fr

LIST OF COURSES:

FIRST SEMESTER

Compulsory courses

• Introduction to Security (semester 1 - 5 ECTS)
• Software engineering and Security (semester 1 - 5 ECTS)
• Operating Systems and Security (semester 1 - 5 ECTS)
• Network Security (semester 1 - 5 ECTS)

Electives courses
I&E

• Introduction to Innovation and Business (semester 1 - 5 ECTS)
• Knowledge and intangible assets management (semester 2 - 5 ECTS)
• Business Development Laboratory 1 semester 1 - 5 ECTS)

SECOND SEMESTER

Compulsory courses

• Algorithmics for security (semester 2 - 5 ECTS)
• Privacy (semester 2 - 5 ECTS)
• System Security (semester 2 - 5 ECTS)
• Software Security (semester 2 - 5 ECTS)

Electives courses

I&E

• Business Development Laboratory 2 (semester 2 - 5 ECTS)
• (EIT Digital summer school, offered by EIT 4 ECTS)

University of Trento (UniTN), Italy

Link to the university: https://www.unitn.it/en
Programme
Contact: Prof. Fabio Massacci; fabio.massacci@unitn.it

LIST OF COURSES:

Compulsory courses:

• Introduction to Computer and Network Security - 6 ECTS
• Cryptography - 6 ECTS
• Software Security Testing - 6 ECTS
• Cyber Security Risk Assessment - 6 ECTS
• Network Security - 6 ECTS
• Privacy and IPR - 6 ECTS

Advanced and Eligible Courses:

• Machine Learning - 6 ECTS
• Data Hiding - 6 ECTS
• Formal Techniques for Crypto Protocol Analysis - 6 ECTS
• Laboratory on Offensive Technologies - 12 ECTS
• Finite Fields and Symmetric Cryptography - 6 ECTS
• Distributed Systems 2 - 6 ECTS

Innovation and Enterpreneurship Courses:

• Innovation and Entrepreneurship Basics (Economics and Management) - 6 ECTS
• Business Development Lab - 9 ECTS
• ICT Innovation - Product Design and Development - 6-9 ECTS
• I&E Studies - 6 ECTS

University of Turku (UTU), Finland

Link to the university: http://www.utu.fi/
Programme
Contact: Dr Seppo Virtanen, seppo.virtanen@utu.fi

Compulsory courses

• System and Application Security - 5 ECTS
• Network Infrastructure Technologies and Security - 5 ECTS
• Human Element in Information Security - 5 ECTS
• Management of Information System Security and IT Service Continuity - 6 ECTS
• Foundations of Cryptography - 5 ECTS
• Cryptography I - 5 ECTS

I&E

• Introduction to Innovation and Business - 5 ECTS
• Business Development Laboratory - 7 ECTS
• Enterprise Architecture - 6 ECTS
• Business Management of Startups - 3 ECTS
• (EIT Digital summer school, offered by EIT) - (4 ECTS)

Elective courses

• Selected together with student from available courses during personal study planning.

University of Twente (UT), The Netherlands

Link to the university: https://www.utwente.nl/
Programme
Contact: Andreas Peter, a.peter@utwente.nl

LIST OF COURSES:
FIRST SEMESTER

Compulsory major courses (15 ECTS)

Compulsory I&E courses (15 ECTS)

Optional courses

SECOND SEMESTER

Compulsory major courses (15 ECTS)

Compulsory I&E courses (5 ECTS)

Optional courses

Eötvös Loránd University (ELTE), Hungary

Link to the university: https://www.elte.hu/
Programme
Contact: Prof Peter Sziklai; sziklai@cs.elte.hu

Specialisation: Advanced Cryptography at Eötvös Loránd University (ELTE), Budapest, Hungary.

The specialisation focuses on the general ideas, techniques and methods of applied cryptography as well as on the theoretical background and solid knowledge, putting security in a wider context. Security and privacy are considered both from the technological and from the economical point of view, which supports decisions in many practical cases. Applied cryptography serves as a base for most of the secure IT-systems (e.g. in Future Media and Content Delivery, Smart Spaces, Digital cities, Health and ICT-Mediated Human Activity, and Enabling the Internet of the Future).

List of courses (Compulsory and Electives) with credits included:

Complusory courses (24 ECTS):

• Advanced cryptography - (6 ECTS)
• Cryptography and its applications - (6 ECTS)
• Cryptographic protocols - (6 ECTS)
• Economics of Security and Privacy - (6 ECTS)

Elective courses:

• Applied Cryptography Project Seminar - (6 ECTS)

Peter Sziklai is Professor, Head of the Department of Computer Science at Eötvös Loránd University, Budapest , Research professor at the MTA-ELTE Geometric and Algebraic Combinatorics Research Group, Doctor of Science (D.Sc.) of the Hungarian Academy of Sciences, Head of the ELTECRYPT research group and also the coordinator of the EIT Digital Master School Cyber Security programme.

University of Trento (UniTN), Italy

Link to the university: https://www.unitn.it/en
Programme
Contact: Prof. Fabio Massacci; fabio.massacci@unitn.it

Specialisation: Applied Security

In recent years, the most popular computing and communications platforms have changed dramatically from old desktops and personal computers to a myriad of new devices, often embedded and personal. New devices used not only to navigate the web, send email and write document but rather to support pervasively most of the activity users perform during their everyday life. This revolution has touched private, business and governmental domains (e.g., industry 4.0, Internet of Things, critical infrastructures, smartphones, smart cities, etc.). This in turn has created entire new ecosystems that include technical, social and economical factors.

The specialisation Applied Security focuses on addressing security and privacy for these new ecosystems trying a holistic approach that does not focus only on technical issues. It covers the technological aspects such as investigating and experimenting new class of threats and vulnerabilities that apply to these new systems or designing user authentication mechanisms for devices were passwords cannot be an option. It also covers the economic aspects that are crucial to understand attackers, their motivations and the best defense strategy (i.e., When is worth patching a vulnerability? Which vulnerability is worth patching? Are economic-related questions rather than technical-related ones).

Specialisation courses:

• Multimedia Data Security (6 ECTS)
• Offensive Technologies (12 ECTS)
• Project course (6 ECTS)
• Research course (12 ECTS)
• Security Testing (6 ECTS)
• Distributed systems 2 (6 ECTS)
• Privacy and Intellectual Property Rights (6 ECTS)
• Machine Learning (6 ECTS)

Prof Dr Fabio Massacci received a M.Eng. in 1993 and PhD in Computer Science and Engineering at University of Rome La Sapienza in 1998. He visited Cambridge University in 1996-97 and was visiting researcher at IRIT Toulouse in 2000. He joined the University of Siena as assistant professor in 1999, and in 2001 he became a full professor at the University of Trento. His research interests are in security requirements engineering and verification and load-time security for mobile and embedded systems (Security-by-Contract). He co-founded the ESSOS with W. Jousen, Engineering Secure Software and Systems Symposium, which aims at bringing together requirements, software engineers and security experts. He was leading the Empirical Security Requirements and Risk Engineering Challenge (ERISE). He has been a scientific coordinator of multimillion-euro EU projects on security compliance, security engineering and secure evolution.

University of Twente (UT), The Netherlands

Link to the University: https://www.utwente.nl/
Programme
Contact: Dr Andreas Peter; a.peter@utwente.nl

Specialisation: High Tech, Human Touch

Although cryptography has been around for quite some time, emerging concepts such as “Bring Your Own Technology”, the “Internet of Everything”, or “Crypto Currencies”, that increasingly exploit mobility and personalisation, put new requirements on security technologies; think about the e-cigarette USB-charger that infects a big corporation with malware. Today’s high diversity of Internet-connected systems and services led to a substantial increase of (new) cyber-attacks in the past years.

Such Internet-connected systems can be found in almost every domain, including critical infrastructures (e.g., water supply), as well as in large-scale services (e.g., hospitals) and embedded systems (e.g., in-car control systems). Notably, many risks for such systems are not solely technical but use the human factor as a characteristic element (e.g., through social engineering).

Our specialisation looks at the many risks in the above-mentioned settings and provides mitigations that can be used at design time and at operation time, while taking into account the specific requirements of the various systems and the impact that risks might have. As a distinguishing element, we include the “human touch” in our attack analysis and mitigation techniques (e.g., replacing password-checks with biometric-verification or raising situational awareness to mitigate social engineering attacks).

Specialisation courses:

• Secure Data Management (5 EC)
• Introduction to Biometrics (5 EC)
• Economics of Security (5 EC)
• Cyber Security Management (5 EC)
• System Validation (5 EC)
• Security Verification (5 EC)
• Fundamentals of Quantum Information (4 EC)
• Quantum Cryptography (5 EC)
• Computer Ethics (5 EC)

The University of Twente (UT) holds the title of the most entrepreneurial university in Europe. As such, it has an extremely large network in industry that includes around 700 university spin-offs (e.g., Booking.com was founded by a UT alumni). This provides excellent opportunities to connect to industry and access to a multitude of internship offers.

Dr Andreas Peter is an assistant professor at the University of Twente (The Netherlands) and the local node-coordinator of the EIT Digital Cyber Security specialization in Twente on “Cyber Security: High Tech, Human Touch”. His own research focuses on both fundamental and applied security and privacy aspects in IT systems with a focus on privacy-enhancing technologies and cryptographic protocol design & analysis. He served on the programme committees of several workshops and conferences devoted to information security and privacy. Since 2015, he serves on the Editorial Board of the MDPI Open Access Journal on Cryptography and the SpringerOpen EURASIP Journal on Information Security.

EURECOM, France

Link to the university: http://www.eurecom.fr/en
Programme
Contact : Philippe Benassi; master-eit-cse@eurecom.fr

Specialisation: The specialization Mobile and Cloud Security focuses on mobile systems and the security and privacy issues thereof, with a strong focus on android based smartphones and wireless protocols.

Compulsory courses (8 ECTS)

• Mobile Systems and Smartphone Security (5 ECTS)
• Security and privacy for Big Data and Cloud (3 ECTS)

Elective courses (10 ECTS)

• Mobile Applications and Services (5 ECTS)
• Mobile Communication Systems (5 ECTS)
• Distributed Systems and Cloud Computing (5 ECTS)
• Machine Learning and Intelligent System (5 ECTS)

I&E courses (6 ECTS)

• I&E Study (6 ECTS)

Language course

• French or another foreign language for French speakers (1 ECTS)
• Semester project (6 ECTS)

Master thesis (30 ECTS)

Prof. Philippe Benassi

Bio: http://www.eurecom.fr/en/people/benassi-philippe

Prof. Marc Dacier ; master-eit-cse@eurecom.fr

Bio: http://www.eurecom.fr/en/people/dacier-marc

University of Turku, Finland

Link to the university: http://www.utu.fi/en/Pages/home.aspx
Programme
Contact: Dr Seppo Virtanen seppo.virtanen@utu.fi

Specialisation: Security of Networked Systems

The specialisation Security of Networked Systems focuses on researching cyber security technologies for networked systems and applications of the communication-intensive future. The technological topics covered include system and network security, security of communication systems and applications, and designing secure systems.

The goal of this specialisation is to give its students profound and substantial education and expertise in the field.

Optional studies selected personally for each student build a special individual information security expertise profile. The curriculum consists of both theoretical and hands-on study modules. Also a large group project module called “Capstone project” can be included in the studies.

The graduates of this specialisation will have strong technological, theoretical and practical understanding in security of networked systems. With their new knowledge and skills the graduates can proceed to building a successful career in securing the information and communication technology in the industry.

List of courses:

Compulsory courses (15 ECTS):

• Firewall and IPS Technology (5 ECTS)
• Security Engineering (5 ECTS)
• Protocol Processing and Security (5 ECTS)

I&E:

• I & E Study (6 ECTS)

Elective courses:

• Communication Technologies and Security in IoT (5 ECTS)
• Secure Sensor Network Systems (5 ECTS)
• Capstone Project (in a cyber security topic) (15 ECTS)
• Cryptography 2 (5 ECTS)
• Algebraic Structures in Cryptography (5 ECTS)
• Advanced Sensor Networking (5 ECTS)
• Software Development and Software Security (5 ECTS)
• Privacy and Security for Software Systems (5 ECTS)
• Seminar 1 (TurkuSec meetings) (1-5 ECTS)
• Additional specialization courses may be available annually. Electives are chosen individually for each student when their personal study plan is made.

Dr Seppo Virtanen is an adjunct professor (docent) at University of Turku, Finland, where he also heads the Master’s Degree Programme in Information Security and Cryptography. Dr Virtanen received his MSc degree in electronics and information technology in 1998 and DSc (Tech.) degree in Communication Systems in 2004 from the University of Turku. He serves regularly as a programme committee member and referee for international journals and conferences. Currently the focus in his research is on information security issues in the communication and network technology domain, specifically focusing on design and methodological aspects of reliable and secure communication systems and secure communication for IoT. He has acted as the supervisor or the examiner of 5 PhD theses, 94 Master’s theses and 35 Bachelor’s theses.

University of Rennes 1 (UR1), France

Link to the university: https://www.univ-rennes1.fr/
Programme
Contact: Pierre-Alain Fouque, pierre-alain.fouque@univ-rennes1.fr

Specialization: Software Security

Although cryptography has solved many problems concerning the security of communication channel, the main challenges that cryptography tries to address nowadays concern the security of the computations. For instance, side-channel is a real issue on smart cards and embedded systems. Today these attacks have also been mounted on classical PC and more recently, cache attacks have also been devastating on smartphone. Moreover, the security of database access and symmetric searchable encryption show that applied cryptography has many practical applications and the software security is a real and important challenge.

The specialisation Sofware Security looks at the many risks in the above-mentioned settings and provides mitigations that can be used at design time and at operation time, while taking into account the specific requirements of the various systems and the impact that risks might have.

List of courses (Compulsory and Electives)

• Software Security (5 ECTS)
• Vulnerabilities Studies (5 ECTS)
• Security of embedded cryptographic implementations (5 ECTS)
• Security Verification for Protocols (5 ECTS)
• Security for Web Applications (5 ECTS)
• Supervision for Security (5 ECTS)

Pr. Pierre-Alain Fouque is a Professor at the University of Rennes (France) and the local node-coordinator of the EIT Digital Cyber Security specialisation in Rennes on “Software Security”. His own research focuses on both cryptography and applied cryptography aspects in IT systems with a focus on cryptanalysis, side-channel attack and cryptographic protocol design & analysis. He served on the programme committees of several IACR conferences

Mohamed Sabt is an associate professor at the University of Rennes (France) and participates in coordinating the EIT Digital Cyber Security in Rennes. His own research focuses on both smart phones security and post-quantum encryption for constrained devices. He also has 5-year experience in the industry of digital security and was the security leader of a French startup company for one year.