• Module: CMP417
• Title: Engineering Resilient Systems 1
• Overall Module Grade: A

This module had three parts: Software Security, Machine Learning and Human-Centered Security. The objective of this module was to understand how to design and implement procedures and policies to make a company secure from both a technical and human perspective. Each part followed the same scenario with some minor additions to fit the topic.

The scenario is ScottishGlen is a small company within the energy sector. You are the IT manager for the company. You oversee a team of developers who are responsible for the company's suite of applications, as well as some technical staff who attend to infrastructure. No one is specifically responsible for security. Employees have been receiving messages from a hacktivist group, who threaten to target the company following a recent blog post by the CEO. You do not know the nature of the attack they are planning. The CEO is concerned and has asked you to improve the security posture to better protect the company. The focus is on making the company resilient to attack, from both a technical (systems) and human (employee) perspective.

All in all, I enjoyed this module. It was fun to learn about the aspects on how to prevent attacks through various different methods such as static analysis tools, decision tres and phishing training/email filters. I think this was a great module to end the term with and the four years on the course. My assignments for each part can be found below