IMT4123 - System Security


Examination arrangement

Examination arrangement: Written examination
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
Written examination 100/100 3 hours E

Course content

  • Access control and information flow (formal models and systems)
  • System security analysis (attack-defense trees and covert channels)
  • Secure software development (security assurance and evaluation)
  • Vulnerabilities and attack patterns (analysis and detection)
  • Operating systems security (hardware protection, privileges, I/O protection, virtualization)

Learning outcome

Candidates who have successfully completed this course, should have achieved the following total learning outcome


  • Candidates are expected to possess in-depth knowledge of formal modelling techniques for secure computer systems
  • Candidates have advanced knowledge of common vulnerabilities, attack mechanisms, and methods against computer and information systems
  • Candidates have thorough knowledge on the theory and methods underlying access control and information flow policies
  • Candidates have thorough knowledge on security techniques and methods applied in operating systems
  • Candidates have thorough knowledge about secure software system assurance and evaluation


  • Candidates are capable of applying relevant methods for security modelling and analysis of software applications and information systems.
  • Candidates are capable of analysing, evaluating and enhancing the security of information systems independently by identifying potential threats and propose possible countermeasures

General Competence

  • Candidates can analyse relevant professional and research ethical problems related to securing information system and software.
  • Candidates are capable of applying their knowledge and skills in new fields, in order to carry out advanced tasks and projects.
  • Candidates can work independently and are familiar with terminology of the field of software and system security.
  • Candidates can communicate about academic issues related to system and software security both with specialists and public audience.
  • Candidates can contribute to innovation and innovation processes in information security.

Learning methods and activities

  • Lectures
  • Laboratory activities
  • Home reading
  • Obligatory assignments
  • Sustainability Lab

Additional information:

  • The course will be made accessible to both campus (Gjøvik) and remote students. The lectures in the course will be given digitally and are open for both categories of students. All the lectures will also be available through the university's learning management system.

Compulsory requirements:

  • Students are expected to hand in all obligatory assignments given during the semester.

Compulsory assignments

  • Coursework Requirements

Further on evaluation

Ordinary re-sit examination in August. Re-sit can be changed to oral exam.

The obligatory assignments given during the semester must be approved before the exam..

Specific conditions

Admission to a programme of study is required:
Information Security (MIS)
Information Security (MISD)
Information Security (MISEB)

Required previous knowledge


Course materials

Bishop, M. (2018). Computer Security: Art and Science. Addison-Wesley Professional

More on the course



Version: 1
Credits:  7.5 SP
Study level: Second degree level


Term no.: 1
Teaching semester:  AUTUMN 2024

Language of instruction: English

Location: Gjøvik , Trondheim

Subject area(s)
  • Information Security
Contact information
Course coordinator:

Department with academic responsibility
Department of Information Security and Communication Technology


Examination arrangement: Written examination

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn ORD Written examination 100/100 E INSPERA
Room Building Number of candidates
Summer UTS Written examination 100/100 E INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU