695.614.8VL - Security Engineering

Cybersecurity
Spring 2024

Description

This course covers cybersecurity systems engineering principles of design. Students will learn the foundational and timeless principles of cybersecurity design and engineering. They will learn why theories of security come from theories of insecurity, the important role of failure and reliability in security, the fundamentals of cybersecurity risk assessment, the building blocks of cybersecurity, intrusion detection design, and advanced topics like cybersecurity situational understanding and command and control. The course develops the student’s ability to understand the nature and source of risk to a system, prioritize those risks, and then develop a security architecture that addresses those risks in a holistic manner, effectively employing the building blocks of cybersecurity systems— prevention, detection, reaction, and attack-tolerance. The student will learn to think like a cyber-attacker so that they can better design and operate cybersecurity systems. Students will attain the skill of systematically approaching cybersecurity from the top down and the bottom up and have confidence that their system designs will be effective at addressing the full spectrum of the cyber-attack space. The course also addresses how the cybersecurity attack and defense landscape will evolve so that the student is not simply ready to address today’s problems, but can quickly adapt and prepare for tomorrow’s. The course is relevant at any stage in a student’s curriculum: whether at the beginning to enable the student to understand the big picture before diving into the details, at the end as a capstone, or in the middle to integrate the skills learned to date.

Instructor

Profile photo of Sami Saydjari.

Sami Saydjari

ssaydjari@gmail.com

Course Structure

The course materials are divided into modules which can be accessed by clicking Modules on the course menu. A module will have several sections including the recorded lecture after completed, lecture slides, readings, discussions, and assignments. You are encouraged to preview all sections of the module before starting. You should regularly check the Calendar and Announcements for assignment due dates.

Course Topics

What is the nature of the cybersecurity engineering problem and how do we approach solutions?
How to we systematically analyze attack paths into the system and prioritize the risks they create?
What are the fundamental building blocks of cybersecurity design such as authentication, authorization, and intrusion detection?
How do we weave cybersecurity building blocks using architecture principles to effectively defense systems?
Where is cybersecurity headed into the future?

Course Goals

To learn the principles of cybersecurity design and be able to apply them to effectively achieve an engineered acceptable risk level.

Course Learning Outcomes (CLOs)

Textbooks

Engineering Trustworthy Systems, by O. Sami Saydjari.

Required Software

Students will significantly benefit on their projects from downloading and obtaining a free trial license for SecurITree from Amenaza.

Student Coursework Requirements

Assignment
Weight
Notes
Project30%In Four Parts, including a presentation
Final Exam20%Comprehensive, Essay
Midterm Exam20%Essay answers
Homework10%Three problems due weekly
Take-aways5%Weekly, description of key ideas from lecture
Class Participation15%Attendance, participation in class discussions, questions, online discussions

Attendance in class is mandatory, though students may have up to two unexcused absences.  All others must be excused by permission of the instructor.
Students may miss up to three take-away assignments without loss of points.
Students may miss up to two homework assignments without loss of points.

Grading Policy

Score RangeLetter Grade
100-97A+
96-93A
92-90A-
89-87B+
86-83B
82-80B-
79-77C+
76-73C
72-70C-
69-67D+
66-63D
<63F

Late assignments automatically lose 5% per day.
Assignments more than two days late are automatically given a zero.

Academic Policies

Deadlines for Adding, Dropping and Withdrawing from Courses

Students may add a course up to one week after the start of the term for that particular course. Students may drop courses according to the drop deadlines outlined in the EP academic calendar (https://ep.jhu.edu/student-services/academic-calendar/). Between the 6th week of the class and prior to the final withdrawal deadline, a student may withdraw from a course with a W on their academic record. A record of the course will remain on the academic record with a W appearing in the grade column to indicate that the student registered and withdrew from the course.

Academic Misconduct Policy

All students are required to read, know, and comply with the Johns Hopkins University Krieger School of Arts and Sciences (KSAS) / Whiting School of Engineering (WSE) Procedures for Handling Allegations of Misconduct by Full-Time and Part-Time Graduate Students.

This policy prohibits academic misconduct, including but not limited to the following: cheating or facilitating cheating; plagiarism; reuse of assignments; unauthorized collaboration; alteration of graded assignments; and unfair competition. Course materials (old assignments, texts, or examinations, etc.) should not be shared unless authorized by the course instructor. Any questions related to this policy should be directed to EP’s academic integrity officer at ep-academic-integrity@jhu.edu.

Students with Disabilities - Accommodations and Accessibility

Johns Hopkins University values diversity and inclusion. We are committed to providing welcoming, equitable, and accessible educational experiences for all students. Students with disabilities (including those with psychological conditions, medical conditions and temporary disabilities) can request accommodations for this course by providing an Accommodation Letter issued by Student Disability Services (SDS). Please request accommodations for this course as early as possible to provide time for effective communication and arrangements.

For further information or to start the process of requesting accommodations, please contact Student Disability Services at Engineering for Professionals, ep-disability-svcs@jhu.edu.

Student Conduct Code

The fundamental purpose of the JHU regulation of student conduct is to promote and to protect the health, safety, welfare, property, and rights of all members of the University community as well as to promote the orderly operation of the University and to safeguard its property and facilities. As members of the University community, students accept certain responsibilities which support the educational mission and create an environment in which all students are afforded the same opportunity to succeed academically. 

For a full description of the code please visit the following website: https://studentaffairs.jhu.edu/policies-guidelines/student-code/

Classroom Climate

JHU is committed to creating a classroom environment that values the diversity of experiences and perspectives that all students bring. Everyone has the right to be treated with dignity and respect. Fostering an inclusive climate is important. Research and experience show that students who interact with peers who are different from themselves learn new things and experience tangible educational outcomes. At no time in this learning process should someone be singled out or treated unequally on the basis of any seen or unseen part of their identity. 
 
If you have concerns in this course about harassment, discrimination, or any unequal treatment, or if you seek accommodations or resources, please reach out to the course instructor directly. Reporting will never impact your course grade. You may also share concerns with your program chair, the Assistant Dean for Diversity and Inclusion, or the Office of Institutional Equity. In handling reports, people will protect your privacy as much as possible, but faculty and staff are required to officially report information for some cases (e.g. sexual harassment).

Course Auditing

When a student enrolls in an EP course with “audit” status, the student must reach an understanding with the instructor as to what is required to earn the “audit.” If the student does not meet those expectations, the instructor must notify the EP Registration Team [EP-Registration@exchange.johnshopkins.edu] in order for the student to be retroactively dropped or withdrawn from the course (depending on when the "audit" was requested and in accordance with EP registration deadlines). All lecture content will remain accessible to auditing students, but access to all other course material is left to the discretion of the instructor.