IMT4123 - System Security


Examination arrangement

Examination arrangement: Written examination
Grade: Letters

Evaluation Weighting Duration Grade deviation Examination aids
Written examination 100/100 3 hours E

Course content

-Access control and information flow (formal models and systems) -System security analysis (attack-defense trees and covert channels) -Secure software development (security assurance and evaluation) -Vulnerabilities and attack patterns (analysis and detection) -Operating systems security (hardware protection, privileges,  I/O protection, virtualization)

Learning outcome

Candidates who have successfully completed this course, should have achieved the following total learning outcome

Knowledge -Candidates are expected to possess in-depth knowledge of formal modelling techniques for secure computer systems -Candidates have advanced knowledge of common vulnerabilities, attack mechanisms, and methods against computer and information systems -Candidates have thorough knowledge on the theory and methods underlying access control and information flow policies -Candidates have thorough knowledge on security techniques and methods  applied in operating systems -Candidates have thorough knowledge about secure software system assurance and evaluation

Skills -Candidates are capable of applying relevant methods for security modelling and analysis of software applications and information systems. -Candidates are capable of analysing, evaluating and enhancing the security of information systems independently by identifying potential threats and propose possible countermeasures

General Competence -Candidates  can analyse relevant professional and research ethical problems related to securing information system and software. -Candidates  are capable of applying their knowledge and skills in new fields, in order to carry out advanced tasks and projects. -Candidates  can work independently and are familiar with terminology of the field of software and system security. -Candidates can communicate about academic issues related to system and software security both with specialists and public audience. -Candidates can contribute to innovation and innovation processes in information security.

Learning methods and activities

-Lectures -Course work -Obligatory assignments

Additional information: -The course will be made accessible for both campus (Gjøvik) and remote students. Every student is free to choose the pedagogic arrangement form that is best fitted for her/his own requirement. The lectures in the course will be given on campus and are open for both categories of students. All the lectures will also be available on Internet through the university's learning management system.

Compulsory requirements: -Students are expected to hand in all obligatory assignments.

Compulsory assignments

  • Coursework Requirements

Further on evaluation

Ordinary re-sit examination in August.

Specific conditions

Compulsory activities from previous semester may be approved by the department.

Admission to a programme of study is required:
Information Security (MIS)
Information Security (MISD)
Information Security (MISEB)

Required previous knowledge


Course materials

Bishop, M. (2018). Computer Security: Art and Science. Addison-Wesley Professional

Credit reductions

Course code Reduction From To
IMT4541 2.5
IMT4561 2.5
More on the course



Version: 1
Credits:  7.5 SP
Study level: Second degree level


Term no.: 1
Teaching semester:  AUTUMN 2021

Language of instruction: English

Location: Gjøvik

Subject area(s)
  • Information Security
Contact information
Course coordinator:

Department with academic responsibility
Department of Information Security and Communication Technology


Examination arrangement: Written examination

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Autumn ORD Written examination 100/100 E 2021-12-09 09:00 INSPERA
Room Building Number of candidates
A-atriet-2/3 (A-160) Ametyst 48
M405-Eksamensrom 4.etg Mustad, Inngang A 1
SL310 blå sone Sluppenvegen 14 1
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU