User Tools
security_engineering
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
security_engineering [2018/08/25 15:31] fabio.massacci@unitn.it [Assessment Methods and Criteria] |
security_engineering [2018/08/25 15:42] fabio.massacci@unitn.it |
||
|---|---|---|---|
| Line 71: | Line 71: | ||
| * Step-by-Step Qualita/ve RA Exercises during the course: 12 points | * Step-by-Step Qualita/ve RA Exercises during the course: 12 points | ||
| * Identify Assets, Threats, Pre and Post Controls | * Identify Assets, Threats, Pre and Post Controls | ||
| - | * Technical Assessment of Cyber Vulnerabilities: 10 points | + | * Technical Assessment of Cyber Vulnerabilities: 8 points |
| * Students will use the CVSS (Common Vulnerabilities Scoring System), world standard to identify risk | * Students will use the CVSS (Common Vulnerabilities Scoring System), world standard to identify risk | ||
| * from descriptions as they arrive in a CERT Bulletin | * from descriptions as they arrive in a CERT Bulletin | ||
| * as they apply to one's own security architecture | * as they apply to one's own security architecture | ||
| - | * Final Project: 12 points | + | * Final Project: 14 points |
| * A complete detailed quantitative risk assessment of the industrial automation case study security architecture | * A complete detailed quantitative risk assessment of the industrial automation case study security architecture | ||
| * Evaluation by Industry experts from the case study | * Evaluation by Industry experts from the case study | ||
| Line 82: | Line 82: | ||
| Being able to defend one's ideas in class is an important part of the evaluation (if a student cannot explain why s/he choses something him/her will get a negative vote for the relative exercise). | Being able to defend one's ideas in class is an important part of the evaluation (if a student cannot explain why s/he choses something him/her will get a negative vote for the relative exercise). | ||
| + | |||
| + | |||
| + | ==== Reference and Bibliographic Material ==== | ||
| + | |||
| + | The following books might be useful: | ||
| + | * [[http://www.jblearning.com/catalog/9781284055955/|Gibson. "Managing Risk in Information Systems"]]. Jones and Bartlett. ISBN13: 9781284055955 | ||
| + | |||
| + | Other recommended texts are | ||
| + | * [[http://www.cl.cam.ac.uk/~rja14/book.html|Anderson. "Security Engineering"]] For which a old version is also on the web. | ||
| + | * [[https://www.wiley.com/WileyCDA/WileyTitle/productCd-0470741155,miniSiteCd-BSG.html|Gollmann. "Computer Security"]] which is mostly a reference book for Security Technologies. | ||
| ===== Detailed Schedule and Additional Material ===== | ===== Detailed Schedule and Additional Material ===== | ||
security_engineering.txt ยท Last modified: 2021/01/29 10:58 (external edit)
Page Tools
