Students are exposed to fundamental topics through thematic fortnights over the course of ten weeks. Each thematic fortnight is structured with week 1 involving lectures and week 2 uses a flipped classroom approach where student groups present critique of allocated papers with lecturers acting as learning mentors.

Week 1 of each thematic fortnight involves lectures on the selected topics and discussion points initiated by the lecturer. The students are then divided into groups from different disciplinary backgrounds and each group is allocated a scientific paper on the theme. Students read and discuss the paper before week 2 and prepare a presentation to share the insights and critique of the paper to the class in a flipped classroom mode, with lecturers acting as learning mentors.

This module consists of five thematic fortnights, each covering two topics from the foundational knowledge within CyBOK:

Security principles; Privacy & online rights.

1. Software security; secure software lifecycle.
2. Network security; distributed systems security.
3. Hardware security; cryptography.
4. Operating systems & virtualisation security; Authentication, Authorisation & Accountability.

Students are introduced to threats in blended, intermeshed large-scale infrastructures, current risk management and mitigation approaches and the challenges to scaling these up. The teaching takes the form of taught lectures and hands-on workshops where students work together to apply the concepts in the lectures to specific problems.

Topics include:

• Attacks and defences – how malware and attack technologies are scaling up, the factors driving adversarial behaviours and the challenges of undertaking security operations, forensics and incident management in such large-scale adversarial contexts;
• Threats arising from cross-domain nature of blended infrastructures – where data and information cross a range of platform, administrative, organisational and geographical boundaries;
• Threat modelling – including existing threat frameworks and their limitations; Risk management and assessment – perceptions of risks pertaining to large-scale infrastructures, how these impact mitigation, existing risk frameworks and their limitations;
• Connecting risk and threat profiles to policy and decision making – including understanding and countering biases in risk analysis (especially those pertaining to infrastructure critical to society)

This module provides students with an understanding of the critical role that human behaviour and psychology play in the field of cyber security. Students explore various factors that influence cyber security outcomes, e.g., social engineering, insider threats, user awareness. decision-making processes, and security culture within organisations. Through a combination of theoretical knowledge, case studies, and practical exercises, students develop the skills necessary to assess, mitigate, and manage human- and organisation-related risks in cyber security.

Topics include:

• Human behaviour in security and detecting and preventing social engineering attacks
• User Awareness and Insider Threats
• Usability and Human Centric Access Controls
• Security Culture, Decision Making, Policy and Governance

In this unit, students will develop expertise in challenge-led and problem-based research, futures literacy and responsible innovation as this relates to the broad topic of cybersecure everywhere. The unit will be structured in 2 phases with associated learning outcomes:

Phase 1 (Learning outcome 1: understand approaches relating to interdisciplinary, challenge / mission led and problem based learning and research).

Students will develop methodological expertise through a ‘challenge-led’ problem-based learning approach. They will be provided with relevant theoretical frameworks (e.g. problem - based learning) and associated methods e.g. action research methods. They will gain experience in research ethics and data management.

Phase 2 (Learning outcomes 2 and 3: gain experience in futures literacy and associated methods; gain experience in frameworks for responsible innovation.)

Acknowledging that the next frontier for cyber security is constantly evolving and changing, students will engage with concepts, theories and methods that allow them to analyse socio-digital futures, with a specific emphasis on Cyber Secure Everywhere. Students will also be introduced to the EPSRC ‘AREA Framework’. This has a strong emphasis on engendering capacities for anticipation, ethical reflection and engagement (with the general public and stakeholders), which is complementary to the challenge based approaches that students will be exposed to in Phase 1.

This unit is a fundamental element of our integrated challenge-led research model, combining skills for co-design and problem elicitation with stakeholders. This equips students with the necessary skills to participate in Sandpits, Placements and the RI Challenge in TB2.

Members of academic staff, industrial partners and prominent external speakers from academia, government and industry deliver 1-2 day deep dives on specialised topics on our four challenges relating to Cyber Secure Everywhere.

• Challenge 1: Security across space and time
• Challenge 2: Resilience across space and time
• Challenge 3: Sense-making across boundaries
• Challenge 4: Decision-making across boundaries

The format of the masterclasses adapts to requirements of specific topics, e.g., in-class delivery in combination with visits to industrial facilities or on-site delivery at an industry partner.

Example academic masterclasses have included: Security & Privacy in IoT and Smart Cities, Post-Quantum Cryptography, The wonderful world of supply networks: What they are, why they matter and User centric security and privacy in distributed systems while industry masterclasses have included: Malware analysis, Cyber incident response, and Law & regulation as well as site visits to major industrial partners.

At the start of the Spring term, students will participate in a set of co-creation sandpits where industry partners will highlight key future problems and members of the college of supervisors will present relevant major research challenges. Students will then work collaboratively with potential supervisors and industry partners to identify seed research to be undertaken in placements to underpin preparation and development of research proposals.

Students undertake two placements of 2 - 4 weeks each, one in an industry or practice organisation and one with the lead academic supervisor at Bristol or Bath. The placements provide students with hands-on experience of working on the identified problems in industry and research settings and, together with masterclasses, provide a strong basis for their research proposal.

Students learn about approaches to secure internet-of-things (IoT) and industrial internet-of-things (IIoT) devices and deployments. This includes the consumer-grade devices typically found in smart homes, as well as the industrial devices (and associated services) found in smart buildings/building automation systems and within industrial control systems. Students learn about a range of attack and defence methods for IoT/IIoT devices and protocols, and the associated architectures such as cloud environments. Students gain the ability to both perform security analysis of existing IoT devices and architectures, as well as design new IoT devices are architectures that are secured against attacks.

Students learn about approaches to secure large infrastructures based on industrial control systems. This includes learning about a range of attack and defence methods as well as vulnerabilities of networking protocols and architectures in such infrastructures. Students also learn about human and organisational aspects and how these intersect with technical aspects of software, hardware, sensors and actuators leading to risks and how to mitigate the impact of such risks. They also learn about incident response and post-incident forensics.

This unit offers practical knowledge on engineering secure systems across the software engineering life-cycle. The focus includes requirements, design, implementation, testing and maintenance of heterogeneous systems - cross-cutting multiple operational, deployment and data-sharing environment, which are long-lived and required to satisfy multiple stakeholders' objectives. At the end of this unit, students will be equipped with the skills necessary to apply software security and privacy techniques in the industry, as well as carry out research in building secure systems that are future-proof for the next evolution in digital transformation.