This is a graduate level course that is focusing on security and privacy issues in complex socio-cyber-physical systems from the threat modeling perspective. The students will learn and apply a systematic security and privacy threat modeling approach, and at the same time be exposed to and learn about a selection of the standard security and privacy problems, attacks, and development challenges. The course will also expose the students to a selection of the current security and privacy research and development challenges.

1. Be able to identify and fix security and privacy threats
2. Learn to use practical and actionable tools, techniques, and approaches for security and privacy
3. Explore the nuances of software-centric security and privacy threat modeling and discover its application to software and systems during the build phase and beyond
4. Apply threat modeling to improve security and privacy when managing complex systems
5. Manage potential security and privacy threats using a structured, methodical framework
6. Discover and discern evolving security and privacy threats

According to the examination regulation full attendance is intended for a PI. 80% attendance required to pass the course.

The required textbook for this course is “Threat Modeling: Designing for Security,” 1st Edition, by Adam Shostack, Wiley, ISBN-13: 978-1118809990. The required textbook will be complemented by a selection of additional readings as required by the current offering of the course.

There will be 5 evaluations:

1.       Project deliverable 1: Project Idea, Title, Abstract and Introduction as a proposal (Deadline Monday 03/18/24 11:59 PM; 5 marks; minimum 5 references)

2.       Project deliverable 2: Background/Related Work, System model (Deadline Monday 04/29/24 11:59 PM; 5 marks; minimum 15 references)

3.       Project deliverable 3: Research methods and preliminary results (Deadline Monday 05/27/24 11:59 PM; 10 marks; minimum 25 references)

4.       Project deliverable 4: Complete project report (Deadline Friday 06/28/24 11:59 PM; 30 marks; minimum 35 references)

5.       Final Exam (Monday 06/24/24: 01:00 to 03:00 PM ; 50 marks)

Grading Criteria 

unsatisfactory: ≤ 60%

sufficient: > 60 % to ≤ 70 %

satisfactory: > 70 % to ≤ 80 %

good: > 80 % to ≤ 90 %

excellent: > 90 %

Please log in with your WU account to use all functionalities of read!t. For off-campus access to our licensed electronic resources, remember to activate your VPN connection connection. In case you encounter any technical problems or have questions regarding read!t, please feel free to contact the library at readinglists@wu.ac.at.