Year one lays the foundations for you to develop a deeper understanding of cyber space. You will be studying topics such as software development, computer architecture, networks, operating systems and the fundamentals of cyber security. Mathematical formalisms of discrete structures will be introduced to support a range of other topics.
Year two deepens and broadens your experience by exploring software engineering, programming languages, human computer interaction, secure systems, managing and securing information, all from a cyber security perspective.
The third year incorporates advanced topics in cyber security, incident management, digital forensics, low-level techniques such as identifying how potentially obfuscated code executes, and the science associated with dealing with bulk data. You will also complete an individual project, where you will apply your skills and knowledge to an area of your choice under the supervision of our academics.
Note that all modules are subject to annual curriculum review and enhancement so may vary slightly from what is described here and currently visible on the module catalogue. Any significant changes will have involved consultation with current affected students or offer holders.
Modules
Year 1 lays the foundations of computer science with a focus in cyber security for students to develop a deeper understanding of cyber space. The following core modules are included in your first year of study:
Programming for Cyber Security
Fluency in the process of software development is a prerequisite to the study of much of the remainder of this programme. This module brings together the fundamental concepts and skills related to the software development process. It will provide you with a foundation for other software-oriented aspects of the programme, such as: programming languages for cyber security, data science for algorithms and complexity in the cyber context, and the cyber context of software engineering.
Information correct as of 2025-26 year of entry
Computer Architecture and Operating Systems
Computer architecture and operating systems are crucial for providing a deep understanding of how computers function at a fundamental level. This knowledge is essential for effectively designing, developing, and troubleshooting software applications. It helps in optimising performance, identifying bottlenecks, and ensuring efficient resource utilization. Studying computer architecture and operating systems from a cyber security perspective helps gain insights into the vulnerabilities that arise from design choices, implementation flaws, or misconfigurations. It also allows the development of effective security measures and countermeasures to protect computer systems from attacks.
Information correct as of 2025-26 year of entry
Discrete Mathematics
Discrete mathematics forms the mathematical foundation of computer science and cyber security. It forms the basis of how computers work, allows us to prove system correctness and security, and underlies modern cryptography. On this module, you will be introduced to the discrete structures used by computers, as well as how to use them to solve problems in cyber security.
Information correct as of 2025-26 year of entry
Algorithms and Data Structures
Algorithms are the fundamental building blocks of computer science – but how can we prove that an algorithm does what we want it to? How can we improve the efficiency of existing algorithms? This module will provide you with a comprehensive understanding of the fundamental principles and techniques in algorithm design and optimisation. You will explore a wide range of topics, including sorting, searching and pathfinding algorithms, while evaluating their correctness and efficiency.
Information correct as of 2025-26 year of entry
Computer Networks
The Internet and computer networks have become pervasive, playing an increasingly vital role in our interconnected world. The smooth operation of computer networks is crucial for a wide range of computing activities. Currently, networks, whether wired or wireless, are an integral component of the present and future computing landscape. Computer networks form the foundation of modern information technology systems. They enable the seamless communication and transfer of data between devices and systems. As technology continues to advance, our reliance on networks is likely to increase. The future promises even greater integration of networks into various aspects of our lives. Emerging technologies like the Internet of Things (IoT), smart cities, autonomous vehicles, and augmented reality are all heavily reliant on the underlying network infrastructure. This module develops a theoretical understanding of core networks and communications concepts, instantiation of these concepts in the dominant suite of protocols comprising Ethernet, Internet Protocol (IP), Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), the practical realisation of devices to operate these protocols (switches, routers and firewalls in particular) and the cyber consequences of the organisation and configuration of these devices.
Information correct as of 2025-26 year of entry
Cyber Security Fundamentals
Understanding the steps and common attack patterns associated with cyber is essential to detecting, identifying, mitigating and responding to cyber-attacks.
Working on this module you will develop knowledge of these core concepts. You will also gain insight into how adversaries move from initially probing and performing reconnaissance of targets, to implementing a way to persist and maintain access to a device/network once compromised.
Information correct as of 2025-26 year of entry
Security Testing I
Increasing the robustness and resiliency of systems against threats and attacks is a key cyber security goal. Although, cyber security practitioners should be involved in system design early enough to design cyber-resiliency into the system, quite often, they are presented with legacy systems designed with little consideration to cyber-security. Notwithstanding, even well-designed systems are prone to cyber-attacks from both organised and ill-organised perpetrators.
Penetration testers and red teams must possess a good understanding of network protocols and design. This enables practitioners to gain a basic understanding of the root causes of network vulnerabilities and the associated remedial measures that can be taken, particularly where the root cause relates to network misconfiguration issues (both hardware and protocol related).
Information correct as of 2025-26 year of entry
Digital Forensic Fundamentals
At its core this module is concerned with doing science well. It is about drawing the correct inference from the digital data which pervades modern society. There are a number of challenges with drawing inference from modern digital data: it is fragile, its quantity may be overwhelming, it may be transient or volatile, it may not be legally accessible, it may not be technically accessible, its structure may be unclear. And it is not merely that drawing inference from the data is complicated; attributing inference back to an individual or organisation is especially vexed.
Information correct as of 2025-26 year of entry
Year 2 deepens and broadens students’ experience. The following core modules are included:
Secure Software Development
Software engineering is concerned with the application of theory, knowledge, and practice to effectively and efficiently build reliable and secure software systems that satisfy the requirements of customers and users. This discipline is applicable to small, medium, and large-scale systems. It encompasses all phases of the lifecycle of a software system, including requirements elicitation, analysis and specification; design; construction; verification and validation; deployment; and operation and maintenance. Whether small or large, following a traditional plan-driven development process, an agile approach, or some other method, software engineering is concerned with the best way to build good software systems. This module will look at software engineering in the context of cyber security, applying frameworks such as Trustworthy Software Framework, Secure Software Development Life Cycle, etc. when developing software systems.
Information correct as of 2026-27 year of entry
Behavioural Cyber Security
Human-computer interaction (HCI) is concerned with designing interactions between human activities and the computational systems that support them, and with constructing interfaces to afford those interactions. Interaction between users and computational artefacts occurs at an interface that includes both software and hardware. Human behaviour should influence interface design and implementation of core functionality. For end-users, the interface is the system, meaning design in this domain must be interaction-focused and human-centred. It is therefore imperative that during the design phase of this human-computer interface cyber security component of human behaviour is addressed. One of the most significant challenges in the cyber domain is the transfer of meaning between the fully human agent, and the fully digital sub-system. Failure to correctly align human behaviour with computing sub-system behaviour has contributed to numerous, historic cyber security problems.
In addition, psychological traits and individual differences among computer system users can further explain vulnerabilities to cyber security attacks and crimes, as cognitive biases can make individuals more susceptible to exploitation by cyber criminals. Cyber security procedures and policies are prevalent countermeasures for protecting organisations from cybercrimes and security incidents, however, without considering human behaviours, implementing these countermeasures will remain to no effect or even become counterproductive.
Consequently, this module places the person at the centre of the cyber domain by addressing issues of usability and human factors. As such, the focus is on trade-offs between usability and security on the one hand, and human psychology and human error on the other hand. Human vulnerabilities will be addressed in detail to build greater cyber resilience, and narrative around security awareness/training programmes and security culture will be also introduced for understanding broader, non-technical influences on security through minimising human related risks.
Information correct as of 2026-27 year of entry
Cryptosystems
Secure systems aim to create a trusted environment that protects sensitive data, maintains system functionality, and mitigates risks associated with unauthorized access, data breaches, and other security threats. The goal of a secure system is twofold: to ensure the protection and integrity of information and resources by enabling authorized and desired actions while preventing unauthorized access, malicious activities, and undesirable incidents. However, achieving this goal poses significant challenges. These challenges include defining which events are acceptable and which are not, predicting future possibilities, and determining the system's boundaries. Notwithstanding these challenges, there exist established approaches to constructing secure systems that provide robust protection and maintain system functionality while minimising the occurrence of unwanted incidents. Cryptography plays a crucial role in achieving these goals. It is an essential tool that allows us to protect information and ensure confidentiality, integrity, and authentication. It provides mechanisms to protect sensitive information, verify the identity of users and devices, and enable secure communication over unsecured networks. Cryptographic techniques, such as symmetric-key and public-key cryptography, are used in various contexts including secure messaging, online transaction protection, and virtual private networks (VPNs). This module introduces concepts of cryptography and explores how they are practically applied to ensure strong security measures in secure systems.
Information correct as of 2026-27 year of entry
Secure Networks
In today's digitally connected world, where vast amounts of information are exchanged over networks, ensuring the security and protection of data has become paramount. Network security plays a crucial role in safeguarding the integrity, confidentiality, and availability of information transmitted across computer networks. It encompasses a set of measures, technologies, and best practices designed to prevent unauthorized access, mitigate threats, and maintain the overall security posture of networked systems. As organisations rely heavily on networks to carry out their operations, any compromise in network security can have severe consequences. Breaches in network security can lead to data theft, financial loss, reputational damage, and legal liabilities. Consequently, businesses and individuals alike must prioritize the implementation of robust network security measures to protect sensitive information, maintain customer trust, and ensure business continuity. The module covers basic concepts of cyber security, such as confidentiality, integrity, availability, authentication, and authorization. These concepts will be explored within the context of several generic asset configurations, enabling students to understand the potential threats that may arise and various security measures that will be used to defend against these threats.
Information correct as of 2026-27 year of entry
Databases and Information Management
Databases are the backbone of modern information systems, serving as repositories for vast amounts of data. They provide structured organisation and efficient retrieval, making them essential in various industries, from business and healthcare to technology and research. Understanding databases is crucial for effective data management and decision-making. In this module, students will be introduced to the essential concepts of databases, data modelling, and optimisation. This knowledge will empower students to craft efficient databases for superior information management. As our digital world becomes increasingly data-driven, protecting this data from cyber threats is of paramount importance. Therefore, students will give particular attention to database security and cyber security, equipping them with the expertise needed to safeguard valuable data and defend against potential threats. From understanding Database Management Systems (DBMS) and data modelling to mastering Structured Query Language (SQL) and optimising queries, students will gain indispensable skills for designing and maintaining robust databases.
Information correct as of 2026-27 year of entry
Information Security and Risk Management
All organisations have information that they value and that value needs protecting. Within an organisation, some individuals carry formal responsibility for protecting the value of information. Ensuring that the responsible persons within an organisation have appropriate confidence in the security measures, which are protecting the organisation's valuable information, is the realm of information security management.
Why the organisation might value the information will vary from organisation to organisation and from information point to information point. The properties of the information that give it value similarly will vary by organisation and by information point. Some information will be special secret knowledge that gives the organisation competitive advantage; if that information leaks to a competitor, then its value is reduced. Some information may control the organisation's processes; if this controlling information is changed, then its value may be reduced since it causes the organisation to behave less well. Some information may relate to external perception of the organisation's ability to function; if external parties perceive this publicity information is not under the control of the organisation, then future opportunities for the organisation may be degraded through loss of trust.
Determining the relationship between the properties of information that give it value, the vulnerability of those properties to degradation, threats that might take advantage of the vulnerability to degradation, and the resultant impact to the organisation when bad things happen, is the realm of information risk management. Things can be done to reduce the vulnerability, the threat, or the severity of the impact. These things enhance information security.
Information correct as of 2026-27 year of entry
Security Testing II
Penetration testers and red teams require deep understanding of the underlying technologies, such as network protocols, operating systems, and applications, as well as a range of transferable skills such as project management, team working, report writing and communication. This module covers the latest techniques of ethical hacking and provides practical experience in selecting and applying suitable tools and techniques.
The module is also designed to ensure that students are able to define the scope of testing under certain requirements and develop a relevant project plan, and carry out a security assessment by applying appropriate testing methodologies and tools. Further emphasis is given to understanding of the requirements, preparation and reporting of testing results, impact, risk and countermeasures.
Information correct as of 2026-27 year of entry
Research and Professional Skills
This module is designed to familiarise students with researching cross-cutting issues in cyber security contexts, introduce them to a range of data collection methods and analytical options relevant to this, and help them develop relevant skills in data collection and analysis. Students will also be introduced to ethical issues in cyber security research, as well as provided with guidance on how to design, plan and manage their dissertation effectively. Lastly, the module will present students with careers-oriented tasks, giving them the opportunity to consider their professional skills and career aspirations.
Information correct as of 2026-27 year of entry
Year 3 exposes students to advanced topics in cyber security. You'll also complete an individual project, where you will apply your skills and knowledge to an area of your choice under the supervision of our academics. The following core modules are included:
Malware Analysis and Exploit Development
Modern programming approaches use high level constructs which abstract away the system's architecture. These high levels of abstraction use code generation programs such as compilers and assemblers to take the human author's input, and produce code that will execute as output. The modern programmer rarely needs to consider the underlying architecture of the machine that will execute the code.
There are situations where, rather than creating an executable from source, you need to go in the opposite direction; you need to infer what the source code might look like by analysing the executable. Perhaps you have some potential malware; or perhaps you perhaps you have to analyse and exploit a vulnerability which an executable might have. Either way, you want to know what the program will do, were it to run on your system. In order to reverse engineer an executable, you need to understand the typical idioms that an operating system, architecture and code generation programs will adopt to convert high level constructs into low level executables.
In addition, if the executable is malware, then it is likely the authors will have used some obfuscation in order to make the analysis more difficult. Under these circumstances you need to understand the typical idioms of obfuscation.
AI and Cyber Security
AI-based solutions are having a significant impact in a number of areas, including cyber security. This module aims to develop your knowledge of the development and application of the most common machine learning models, and in particular a critical understanding of the applicability of each machine learning algorithms in the solution of a particular problem (class of problems). It will cover the best practice and main steps of developing AI-based solutions, including data collection/engineering and pre-processing, model design, training and evaluation, and deployment.
Cyber Security Operations
This module seeks to introduce you to the state-of-the-art in effective and proactive cyberattack deterrents, including tools and techniques that can have long-term benefits in organisational policies while maintaining the resilience of our agile and delicate cyber infrastructures.
Cyber Security and Incident Response
This module comprises two related but distinct themes: cyber incident response and digital forensics. The focus of the module is on investigations that respond to incidents in corporate environments, while it sets the scene on examining potential evidence based on the principles that have been established by the digital forensics community.
The cyber incident response theme concentrates on enabling an organisation to support its critical services in the face of a cyber incident. The incident response lifecycle is covered from preparation, through monitoring, detection, containment, eradication, restoration and post incident review.
The digital forensics part of the module concentrates on preserving and forensically analysing potential evidence as part of the incident response process. It sets the requirements for digital forensics within the incident response process and explores the techniques that should be followed by a digital forensics investigator.
Cyber Security Project
A project for BSc Cyber Security must focus on the cyber security domain.
With support from a supervisor, you will undertake the full life cycle of a research or development project in the cyber security domain.
In the final year, you will be able to select two optional modules. Below are examples of existing modules but be aware that not all modules may be offered each year or may be replaced to reflect latest practice in Cyber Security.
Advanced Forensics and Investigations
Digital forensics unfold the digital trail of evidence and try to present potential explanations of how a related incident occurred. Digital forensics can involve criminal or civil investigations, corporate or intrusion investigations and even intelligence gathering. The investigations can involve all different sorts of digital devices, such as computers, networks, mobile devices, memory, and multimedia.
This module advances on previously gained skills in digital forensics and explores different themes.
One part of the module places a strong emphasis on engagement with applied research advances on contemporary topics in the field and current professional practises. The other part of the module, strongly focuses on the technical analysis and techniques involved when investigating different devices and technologies.
Privacy and Online Rights
Privacy is recognised as a fundamental human right, which however can be easily exploited in the digital domain due to the large scale of use and spread of advanced digital technologies for data mining and surveillance. Privacy enhancing technologies (PETs) are designed to minimise personal data use, maximise security and give individuals control of their data. Without that control malevolent actors can manipulate one's identity to serve their goals, with threats to individual privacy involving personal space intrusions, emotional manipulation, and physical interference, including spam emails and retargeting practices. On a large scale, the use of one’s identity and personal information can have severe impact on fundamental rights and democratic processes, meaning secure system should not only protect confidentiality of information, but also support freedom of speech and individuals’ autonomy of decision and self-determination.
As a result, technology companies, governments, and civil society must work together to find adequate solutions to online manipulation and lack of data privacy. In response to regulatory and consumer actions, companies might either comply with privacy rules, employing a reactive response that treats privacy as a compliance issue, or engage in privacy innovation (proactive response), viewing privacy as a core business value which potentially shapes new structures. This creates trade-offs and tensions in privacy and data that characterise regulatory–consumer–company interactions.
The primary goal of this module is to introduce students to the concepts and technologies for engineering systems that inherently protect users’ privacy. Three different privacy paradigms will be introduced, including privacy as confidentiality, privacy as control, and privacy as transparency, alongside technologies that underpin these paradigms, i.e., privacy technologies that keep data confidential, limit the use of disclosed data, and show digital footprint while supporting accountability. Students will be provided with the ability to identify privacy problems, to describe them from a technical perspective, and to select adequate technologies to eliminate, or at least, mitigate these problems. In addition, persuasive system design approach will be also introduced in the context on online privacy, including persuasive principles for enhancing usability of privacy interactions. The secondary goal is to introduce students to wider privacy issues in cyber security, including the common interests and tensions between privacy and cyber security, and considering how cyber security policy can affect privacy, as well as how privacy technologies can be used as double-edge sword by either supporting democracy or anti-social behaviours.
Disclaimer
Solutions to selectively revoke the protection provided by privacy technologies (i.e., adding backdoors or escrow possibilities to ease law enforcement) will not be covered as being strongly discouraged by the privacy researchers and practitioners alike. Moreover, many of the privacy technologies introduced in this module rely on the cryptographic concepts, which however will not be taught in this module. Familiarity with these basic concepts and cryptographic definitions and common primitives is therefore beneficial but not necessary to grasp the material since the focus is on more high-level perspectives as opposed to technical analysis.
Cloud and Virtualisation Security
This module considers the cyber security consequences of virtualised systems and the opportunities that they offer. Focusing on software containerisation systems such as Docker, and comparing their properties with other virtualisation tools and techniques, the course looks at the trust relationships and the available security controls between the underlying operating system, the container, or other virtualised environment, and the software executing within the container.
Students on the module will explore the consequences of the fact that all software executes in some context and in some sort of container. It may be as an app on a mobile device, it may be the operating system on a laptop, it may be a virtual device hosted on the cloud, or it could be an embedded system. It is the container and the context that determine what a program does and what resources it can access. Getting this regulation correct is a significant challenge, giving away just enough resource to get the job done but limiting the resource to prevent additional undesirable things being possible.
The module provides students with practical experience of containerisation systems together with the insights necessary to think clearly about them in the context of cyber security. The course will equip them with the understanding they need to be able to hold meaningful conversations with experts in the field and will allow them to more effectively contribute to informed decision-making about cyber security.
Cyber-Physical Systems
Much attention relating to cyber security is focussed on the digital aspects of cyber systems; all data tends to be represented as pure, abstract, ones and zeros. In reality, all these abstract ones and zeros need a physical representation in order to have an effect. That physical representation might be as electromagnetic radiation, travelling through space as a radio wave, it might be as electric charge in an electronic device or it could take a range of other forms.
Control systems gather information from a range of physical sensors (flow rate sensors, temperature gauges, accelerometers etc); after processing, they generate outputs which in turn produce physical effects via actuators (switches, motors, displays etc).
Much attention relating to communication in the cyber domain is focussed around the Internet. A range of other communication protocols and technologies are widely deployed in industrial control, vehicle and other systems.
Understanding the significant characteristics of the physical manifestations of digital information, understanding the interconnectedness of the cyber domain with the physical domain via sensors and actuators, and understanding non-Internet technologies and protocols reduces the risk of inadvertently leaving a cyber system in a vulnerable position.
The overall aim of this module is to enable the cyber security specialist to have a meaningful conversation with practising engineers concerning the security of cyber-physical systems.
Module availability
Please note that whilst the module catalogue shows the latest approved version of each module and what is currently being taught (academic year 2025), there may be minor updates to content or learning objectives year on year, to reflect the evolving state of knowledge and the requirements of teaching best practise. Any such amends will be updated following the department 'module approvals process' and reflected in the module catalogue before the start of the next academic year in 2026.
