Computer Science - Software Engineering - Computer Security - Forensic Computing

Module Title: Module Code:

Organisations, Project Management and Research CTEC2121 Credit 30.00 DMU Credit Value: Level: Owning Board: CTEC Faculty: Faculty of Technology Academic Period: 2014 Term/Semester in which the Semester Y module can run:

Module description (including outline content) This module introduces the business contexts within which IT projects are procured and developed. This includes the feasibility of computer system development viewed from economic, technical, social, legal, and ethical perspectives. Students will develop an understanding of the roles of main organisational functions (including marketing, HR, finance) and the broader organisational structures in which they operate. The role of professional standards bodies and professional organisations is explained. 1. a. b. c. 2. a. b. c. d. The Business Context Commercial and economic context of IT Organisational structures Professional standards and professional bodies The Software Lifecycle Traditional approaches (waterfall, V-model) Alternative approaches (e.g. agile, prototyping) Requirements analysis and project feasibility Software maintenance

3. Project Management a. The nature of the project, its components, risks, success factors and associated politics. b. Information Systems investment justifications. Approaches to investment appraisal. c. Identification and management of benefits. Assessing the intangibles. d. Organisation of systems development. Reporting structures. e. Project planning and control. Work breakdown structures. Estimation, budgeting, planning methods (PRINCE 2). f. Project administration. Tracking and reviewing. Configuration management and change control. g. Staff management, motivation, leadership. h. Quality Management. Standards and accreditation. i. Managing software project risks. j. Managing large-scale projects. Implementation and post-implementation review. 4. a. b. Software Development Tools Integrated Development Environments Version Control Tools
1

Computer Science - Software Engineering - Computer Security - Forensic Computing c. d. Documentation Tools Management Support Tools

5. Research Project An area relevant to the student's course of study will be selected for research. The work will be presented to a professional standard. Major components of the software lifecycle are considered from a theoretical perspective. The emphasis is on the overall process and comparing traditional and alternative lifecycle models. In this module specific emphasis is placed on two particularly important phases requirements analysis and maintenance. This will include a consideration of maintenance costs, system adaptation, and the management of the maintenance process. (The lifecycle phases of design and implementation are covered in more detail in other modules). The module covers risk factors during different phases of the lifecycle, and introduces students to the techniques used both to measure and to ensure software quality. These include software quality metrics, measures of reliability, software quality assurance standards, and issues of compliance. A variety of standard tools for supporting the management and development process are presented. A selection of supporting software tools will be used so that practical experience can be gained in their use. (For example, these may include version control, integrated development environments, documentation and project management tools.) Students will research an area relevant to their course of study and present their findings in a professional manner. (This may take the form, for example, of a research conference poster.) Learning outcomes 1 Discuss the commercial and economic context of system development including the major phases of the lifecycle; the roles of the main organisational functions of a business organisation; and the role of professional standards bodies and professional organisations. 2 Describe the principal activities involved in performing a system requirements analysis. 3 Identify and assess appropriate risk factors involved in the management of software development projects. This includes a study of the factors affecting the feasibility of a software project. 4 Discuss the principal factors involved in ensuring software integrity including software quality assurance, and software maintenance. 5 Identify the major planning and staffing issues involved in Information Systems project management and recommend appropriate techniques and methods for a given project. 6 Undertake research into a relevant topic area and present the work to a professional standard. Assessment Type of Assessment: Other Coursework 1 Learning Outome: 1,2,3,4,5,6, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: Volume:
2

Computer Science - Software Engineering - Computer Security - Forensic Computing Description: Coursework Type of Assessment: Unseen Examination 1 Learning Outome: 1,2,3,4,5, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: 120 Volume: Description: Exam Assessment notes Students will typically undertake two pieces of coursework. The first piece will normally be a written report with the subject drawn from any of the main topics covered on the module. The second piece will be a piece of group work in which a topic will be researched and presented to a professional standard (this may, for example, take the form of a conference poster, or a report written in the style of an academic paper.) A two-hour examination will require students to demonstrate their understanding of the key concepts covered by the module. Reassessment By Failed Component Expected methods of delivery A range of strategies will be used to facilitate student learning. Case studies with origins in the industry will be used as vehicles to enhance insight into key areas. Lectures will be used to introduce major topics, drawing together material from a variety of sources and providing the opportunity for interaction with short exercises. Tutorials will offer the opportunity for discussion of issues and will allow students to analyse different scenarios, focusing on particular systems building problems. Students will be expected to gain practical experience with a selection of software development support tools covered on the module. Students will be encouraged to read widely, using the reading list as a starting point and library resources and the Internet for further information. The coursework element of assessment will provide the opportunity for students to develop their research skills and their ability to communicate key findings and recommendations in a professional manner. The research and presentation assignment will take the form of a group activity. The Virtual Learning Environment (VLE) will provide essential module information such as a week by week teaching plan, copies of tutorial sheets so that students can prepare in advance, the reading list and assessment information. It will also be used to direct the students to useful sources of information and for essential updates such as drawing the students' attention to recently-published relevant papers.

Computer Science - Software Engineering - Computer Security - Forensic Computing

Module Title: Module Code:

Forensics and Security CTEC2122 Credit Value: Owning Board: CTEC Faculty: Faculty of Technology Academic Period: 2014 Term/Semester in which the Semester Y module can run:

30.00

DMU Credit Level:

Module description (including outline content) This module develops the principles of forensics and the principles security as abstract concepts, then looks at two operating systems from two perspectives: Linux is studied from a security perspective with the overall aim of understanding how to make a Linux installation less vulnerable; Windows is studied from a forensic perspective with the overall aim of understanding what non-volatile digital residue is left which has evidential value. Learning outcomes 1 Analyse how the principles of digital forensics should be or have been applied in a given context. 2 Identify the forensic significance of Windows operating system artefacts. 3 Perform a forensic investigation of a Windows device. 4 Analyse how the principles of digital security should be or have been applied in a given context. 5 Explain the major phases of the Linux boot sequence 6 Identify the major configuration settings that influence a machine's security posture. 7 Harden a Linux operating systems to suit various deployment scenarios such as a server operating in a DMZ or desktop workstation in a corporate environment. Assessment Type of Assessment: Other Coursework 1 Learning Outome: 2,3,6,7, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: Volume: Description: Coursework Type of Assessment: Unseen Examination 1 Learning Outome: 1,2,4,5,6, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: 120 Volume: Description: Exam Assessment notes Students will typically undertake two pieces of coursework: one relating to the forensic investigation of a Windows artefact, the other relating to the hardening of a Linux device The examination will require students to demonstrate their understanding of the key concepts covered by the module. Reassessment By Failed Component
4

Computer Science - Software Engineering - Computer Security - Forensic Computing Expected methods of delivery Virtualisation will pay a significant part in student learning on this module. Module Title: Module Code: Owning Board: Faculty: Academic Period: Module Leader: Module Prerequisites: OO Software Design and Development CTEC2602 Credit 30.00 DMU Credit 2 Value: Level: CTEC Faculty of Technology 2014 Susan Bramer Level 1 foundation in programming and computer architecture.

The typical student studying this module will have studied a 30 credit level one programming course such as CSCI1401 Progamming in C, and a 30 credit foundational module such as CSCI1408 Foundations of Computer Science or CSCI1410 Computer Systems and Computation. Term/Semester in which the Semester Y module can run: Module description (including outline content) Object-oriented software development is now the preferred approach of many established developers, typically using software tools based on Sun's Java 2 or Microsoft's .NET platforms. This module enables students to design and implement medium scale software systems using an object-oriented approach. The design notation used is the Unified Modelling Language (UML) and the implementation language is Java. It is essentially a programming module, with the emphasis on implementing OO designs. Students enrolling on this module will have a foundation in programming gained from the study of a Level 1 programming module. The first part of this module introduces UML and the Java language. Students learn how to write simple object-based programs, and how to exploit the extensive library packages provided by the Java 2 Software Development Kit (SDK). Fundamental OO concepts and design issues are discussed. Emphasis is placed on the design and structure of software, and the OO development process. UML is used to document designs, and the concept of software design patterns is introduced. Software quality, reliability, and maintainability are integral to the development of software, and these issues are discussed and applied as necessary. Outline Content: The Java programming language: Essential language constructs Ability to use the Java SDK API's

Computer Science - Software Engineering - Computer Security - Forensic Computing Java collection classes, the data structures that underpin them., and using them to implement aggregations that appear in OO designs. A working knowledge of several programming domains, typically: GUI & event handling, exceptions, file handling, persistence, collections, utilities such as dates, formatting, tokenizing. It is not expected that all these features are covered in detail. By the end of the course students should have become more independent learners with the ability to learn features not covered in the course. OO software design: UML notation: class diagrams, collaboration diagrams, use cases, state; relationship between an OO 'analysis' design and a program design; implementation of associations: composition and aggregation; user defined classes; data representation decisions; interfaces and abstraction. Identification and application of software architectures and design patterns as they arise in case studies. In particular: Model-View-Controller software architecture; Composite; Command; Decorator. Quality issues in software development, including: Documentation for maintainability and reusabilty, use of 'javadoc' tool; Unit and system testing; Correctness; Robustness; HCI issues. Learning outcomes 1 Use Java to implement standard object-oriented designs given in UML 2 Use UML to document object-oriented designs 3 Address issues of quality, maintainability, correctness, and robustness with respect to software design and development. 4 Make effective use the Java Software Development Kit Application Programming Interfaces. Assessment Type of Assessment: Other Coursework 1 Learning Outome: 1,3,4, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: Volume: Description: Coursework Type of Assessment: Unseen Examination 1 Learning Outome: 1,2,3,4, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: 120 Volume: Description: Examination

Assessment notes The coursework assessments are based on formative work carried out in lab and tutorial classes. The earlier assignment is biased towards using Java effectively (outcome 1). The later assignment uses more advanced features of the JDK (outcome 4) and additionally expects consideration of design issues (outcome 1) and quality issues (as outlined in learning outcome 3).
6

Computer Science - Software Engineering - Computer Security - Forensic Computing

The examination will verify a student's individual ability to write essential Java code (outcome 1); and their understading of basic UML notation (outcome 2); and to demonstrate their understanding of OO implementation issues (outcomes 1 and 2); An exam question may ask students to produce skeleton classes and critical fragments of code in order to demonstrate their ability to transform an OO design into an implementation. Reassessment By Failed Component Expected methods of delivery Lectures will be used to introduce the main features of OO Design and Java using small case studies, Case studies are chosen carefully to illustrate 'how to' realise a program effectively starting from a given (UML) OO design, and to demonstrate common design patterns and software architectures. The emphasis is on understanding designs given in UML and how to implement them, rather than creating designs. This module has a significant practical element. Students are expected to build up their knowledge and experience through graded practical exercises. Small formative assignments give the opportunity for students to gain feeback on their progress from the tutor, and additonally to introduce skills of critical evaluation by using self and peer assessment. Summative assignments are used to formally assess the students' practical software development skills. Staffed laboratories are used for monitoring student activity, giving guidance on the practical tasks, and for consultation. Self- and peer- assessments may be conducted in the lab sessions. The module resources include a web site/VLE with essential module information such as the week-by-week teaching plan, example programs, laboratory and other exercises, reading list, study guides and assessment information. It contains background materials and links. It is also used to broadcast news and updates to the module information. The recommended text book(s) contain explanations and examples for the majority of the technical content of the module. There is also wealth of on-line tutorials and resources. The examination is used mainly to assess the students' understanding of the object-oriented designs and the software development process, and in part the students' ability to provide some implementation details.

Computer Science - Software Engineering - Computer Security - Forensic Computing Module Title: Module Code: Multi-tier Web Applications CTEC2701 Credit 30.00 Value: Owning Board: CTEC Faculty: Faculty of Technology Academic Period: 2014 Module Leader: Clinton Ingrams Term/Semester in which the Semester Y module can run:

DMU Credit Level:

Module description (including outline content) This module provides a firm technical foundation of how a web application uses various Internet protocols so that a user's browser can be a client to the application's web server which in turn acts as client to the database server which holds the assets being accessed. Structured data, held in relational databases, accessed via SQL, supports a substantial proportion of modern web-applications. This is however, not a new phenomenon. Structured data, held in relational databases, accessed via SQL, have supported 'modern' applications for decades. In this module the student will learn the fundamentals of how to design the structure of data within a relational database, how to interact with data within the database, and how to protect the data within the database. Sitting atop the TCP/IP/Ethernet stack are the application layer protocols that make the Web what it is. Particularly significant in this category are DNS, HTTP and HTTPS. In this module, students will study the key features of these protocols alongside key protocols relating to email. They will learn how servers that deliver some of these protocols are configured. Markup languages that control structure and appearance of web content (XML, HTML and CSS) will be studied. Rudimentary web application penetration testing will introduced in order to emphasise the hostile attention that public facing web content will attract. Modern web applications typically make heavy use of scripting both at the server and also in the client browser. A server-side scripting language that has achieved prominence over recent years has been PHP. This pragmatic language is used to great effect by some web developers and with catastrophic naivety by others. On the client side, Javascript has similar prominence and similar problems. In this module students will be introduced to programming practice in these two languages that should enable them to go on to develop robust components of web-applications. It is assumed that students are already competent C programmers, prior to starting this module. Outline Content 1. a. b. c. d. Internet Protocols: The client server paradigm. Web protocols and standards: HTTP(S), HTML, CSS, XML Other Internet protocols: DNS, SMTP, IMF Configuration of selected servers.
8

Computer Science - Software Engineering - Computer Security - Forensic Computing e. 2. a. b. c. d. Introduction to web-application penetration testing. Database: The relational model, Top down modelling of business requirements, ER model, keys, relationships, traps, SQL mapping schema to implementation via DDL, querying data using DML, Integrity, transactions, access control and security.

3. Secure Scripting: a. Server-side scripting using PHP b. Client-side scripting using Javascript Common patterns of usage and failure Learning outcomes 1 Explain the core concepts of the client / server paradigm. 2 Read, interpret and explain the specifications for key application level Internet protocols. (HTTP, DNS, XML, HTML, SMTP, IMF). 3 Configure, operate, abuse and secure a range of servers / services and security devices. (HTTP(S) server, DNS server, HTTP proxy, mail server, IDS). 4 Derive a suitably normalised database design from a data model that reflects the business requirements of a typical corporate scenario. 5 Implement a database design via a Relational Database Management System addressing business use cases, information integrity and information security 6 Identify common web-application security vulnerabilities including both client-side and server-side vulnerabilities. 7 Develop a robust component of a web application. Assessment Type of Assessment: Unseen Examination 1 Learning Outome: 1,2,4,6, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: 120 Volume: Description: Examination Type of Assessment: Other Coursework 1 Learning Outome: 3,5,7, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: Volume: Description: Coursework Assessment notes The 50% coursework component will typically comprise three equally weighted separate sub-components: one for Protocols (probably related to server configuration), one for Database (probably related to extending a pre-existing design and implementation) and one for Scripting (probably concerning the development of of a web-application component to work alongside existing components). The emphasis will be on the students performing small-scale development in the context of a larger scale scenario. Reassessment By Failed Component
9

Computer Science - Software Engineering - Computer Security - Forensic Computing

Expected methods of delivery Each of the three main topics (Protocols, Database, Scripting) will be delivered separately from each other. Virtual environments will be used for server configuration and testing. Open source / free resources will be used insofar as is possible to encourage students' independent experimentation on their own infrastructure where feasible. Module Title: Module Code: Data Structures and Algorithms CTEC2901 Credit 30.00 Value: Owning Board: CTEC Faculty: Faculty of Technology Academic Period: 2014 Module Leader: David Smallwood Term/Semester in which the Semester Y module can run:

DMU Credit Level:

Module description (including outline content) This module introduces a variety of data structures and algorithms for sequential and concurrent execution. Classical data structures will be introduced (including stacks, queues, lists, trees, and hash tables) and algorithms for searching and sorting. The performance characteristics of these data structures and algorithms will be explained. Specific coding issues will also be considered such as modularity, genericity, equality, assignment, mutable and immutable objects. The module will introduce students to concurrent program design in the context of multi-core architectures and distributed applications. Where appropriate formal notation will be used for specification. Outline Content 1. Sequential algorithms for searching and sorting and their performance characteristics 2. Classical data structures (linear, hierarchical, hash tables) 3. Implementation issues (genericity, reference and value semantics, mutable and immutable objects) 4. Formal notation for functional specification 5. Concurrent (and parallel) algorithms 6. Program (and program library) support for concurrent (and parallel) algorithm implementation Learning outcomes 1 Explain and implement a variety of classical data structures 2 Apply classic sequential algorithms for searching and sorting 3 Analyse specific programming language and library support for the development of both sequential and concurrent programs 4 Apply standard concurrent algorithm design patterns 5 Explain formal notation in specific contexts

10

Computer Science - Software Engineering - Computer Security - Forensic Computing Assessment Type of Assessment: Other Coursework 1 Learning Outome: 1,4, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: Volume: Description: Coursework Type of Assessment: Unseen Examination 1 Learning Outome: 1,2,3,4,5, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: 120 Volume: Description: Examination Assessment notes Theory and practice in this module are very highly coupled. Practical work will typically involve the implementation and testing of data structures and algorithms. The examination should cover both practical and theoretical aspects of the course. Reassessment By Failed Component Expected methods of delivery The theoretical material will be delivered using traditional lectures. Small group sessions will be used to support the lectures. Module Title: Module Code: Issues In Criminal Justice LAWG2003 Credit Value: Owning Board: LAWG Faculty: Faculty of Business & Law Academic Period: 2014 Module Leader: Jonathan Merritt Term/Semester in which the Semester Y module can run:

30.00

DMU Credit Level:

Module description (including outline content) The criminal justice system and process raises many issues of interest not only to specialist lawyers but to the wider community. This module provides non-lawyers with the opportunity to examine some of the key issues that occupy criminal lawyers and the criminal justice system. They will look at those issues from a policy perspective as well as examining the legal rules, in the context of standards imposed by the European Convention on Human Rights. Learning outcomes 1 Demonstrate an appropriate understanding of the key legal principles and concepts within which the forensic scientist within the criminal justice process works. 2 Demonstrate an appropriate understanding of basic legal sources and methodology. 3 Demonstrate an appropriate ability to find and retrieve legal source material, both in hard copy and electronic form. 4 Demonstrate a capacity for deductive reasoning, evaluation and application.
11

Computer Science - Software Engineering - Computer Security - Forensic Computing 5 Demonstrate an appropriate ability to present competent and coherent written arguments. 6 Demonstrate an appropriate ability to work independently. 7 These level descriptors are intended to reflect the generic level descriptors in the Subject Template Assessment Type of Assessment: Essay 1 Learning Outome: 1,2,3,4,5,6, Final Assessment Y/N: Weighting: 25% Threshold: % Essential: No Duration: Volume: 1,500 Description: Unsupervised (Word limit 1,500 words)(Best 2 out of 3 pieces). The word limit for the essay is 1,500 words. Type of Assessment: Seen Examination 1 Learning Outome: 1,2,4,5,6, Final Assessment Y/N: Weighting: 50% Threshold: % Essential: No Duration: 120 Volume: Description: The examination will comprise of 20 multiple choice questions and one seen problem based question. Type of Assessment: Phase Test 1 Learning Outome: 2,3,4,5,6, Final Assessment Y/N: Weighting: 25% Threshold: % Essential: No Duration: 1 Volume: Description: The phase test will comprise of 20 MCQ's (best 2 out of 3 pieces counted). Assessment notes Assessment criteria will be such as may be agreed from time to time by the Law Assessment Board. Students will be set three pieces of coursework:1. Two unsupervised essays (word limit 1,500 words) and one multiple choice question phase test - each worth 25%, Best 2 out 3 pieces to count for 50% 2. One 2 hour examination (worth 50%) Late Submission of Coursework: Tutors will advise students of the dates coursework assignments have to be handed in. A student must normally submit his or her coursework by the deadline. However, in exceptional circumstances a student may be able to negotiate an extension with the Extensions Tutor and this is normally be done before the deadline for submission. The decision to grant an extension is at the discretion of the Extensions Tutor and is not an automatic right to which a student is entitled. If a piece of work is submitted up to 7 days after the deadline or the agreed extension, no mark above 40% will be awarded. Where a piece of work is submitted after 7 days following the deadline or agreed extension, the work will receive a zero mark. Assessments and Learning Outcomes The detail of the assessments, which will vary from year to year, will ensure that the students always have an opportunity to achieve the Learning Outcomes of the module.

12

Computer Science - Software Engineering - Computer Security - Forensic Computing Reassessment When a student fails to obtain an overall pass mark taking into account all the elements of assessment, the student will be required to re-present him/herself in each failed element, unless agreed otherwise by the Law Assessment Board. Expected methods of delivery Teaching will fulfil the aims and objectives of the module. The module is a double module taught over two semesters by interactive student seminars.

13