certification of integrated master’s degrees in computer ... · bachelor's degree with...
TRANSCRIPT
Issue 5.0
03 September 2020
Certified Master’s in Cyber Security
Certification of Integrated Master’s Degrees in Computer Science for Cyber Security
Call for Applications
Closing Date: 18 December 2020, 16:00
Deadline for Expressions of Interest: 10 November 2020, 16:00
Briefing Session for Applicants: 22 September 2020, 14:30 (All potential applicants are strongly encouraged to attend)
© Crown Copyright 2020, The National Cyber Security Centre
Issue 5.0
03 September 2020
Page 2 of 38
TABLE OF CONTENTS
Document History
Issue Date Comment
1.0 18 August 2015 First issue
2.0 01 September 2016 Second issue
3.0 14 December 2017 Third issue
4.0 07 February 2019 Fourth issue
4.1 26 March 2019 References to Security Discipline replaced by Skills Group in CySec 1 and Table 3.1
5.0 03 September 2020 All references to Skills Groups replaced by Cyber Security Body of Knowledge
Table of Contents Introduction and background ................................................................................................................................................. 5
UK National Cyber Security Strategy............................................................................................................................. 5
Aims, benefits and vision of certified Integrated Master’s in cyber security ............................................................... 5
Scope of this call for applications ........................................................................................................................................... 6
Terminology used in this call ........................................................................................................................................ 6
2.1.1 Cyber Security ........................................................................................................................................................... 6
2.1.2 Level and credit ........................................................................................................................................................ 6
2.1.3 Integrated Master’s degrees .................................................................................................................................... 6
Integrated Master’s – different structures ................................................................................................................... 7
In scope ......................................................................................................................................................................... 8
2.3.1 Computer science requirements .............................................................................................................................. 8
2.3.2 Full certification ........................................................................................................................................................ 9
2.3.3 Provisional certification ............................................................................................................................................ 9
Out of scope .................................................................................................................................................................. 9
Eligibility ............................................................................................................................................................................... 10
How to apply ........................................................................................................................................................................ 11
Submitting applications .............................................................................................................................................. 11
Briefing session ........................................................................................................................................................... 11
Points of clarification .................................................................................................................................................. 11
Assessment ........................................................................................................................................................................... 12
Assessment Process .................................................................................................................................................... 12
Scoring ........................................................................................................................................................................ 12
Moving forwards .................................................................................................................................................................. 13
Key dates ..................................................................................................................................................................... 13
After the assessment process ..................................................................................................................................... 13
Successful applications ............................................................................................................................................... 13
Issue 5.0
03 September 2020
Page 3 of 38
TABLE OF CONTENTS
Unsuccessful applications ........................................................................................................................................... 13
Applications with a borderline fail .............................................................................................................................. 13
APPENDIX A: REQUIRED STRUCTURE OF APPLICATION ............................................................................................................... 14
HEI’s letter of support for the application (up to two sides of A4) ...................................................................................... 15
Signed letter of support for both full and provisional applications ............................................................................ 15
For provisional applications ........................................................................................................................................ 15
Description of the applicant (for both full and provisional applications, up to 7 sides of A4, excluding CVs) ..................... 16
Team ........................................................................................................................................................................... 16
Recent investments .................................................................................................................................................... 16
External linkages ......................................................................................................................................................... 16
Review and update process ........................................................................................................................................ 16
Facilities ...................................................................................................................................................................... 16
CVs and personal statements ..................................................................................................................................... 16
Criteria to be applied .................................................................................................................................................. 16
Description of the Integrated Master’s degree (for both full and provisional applications, up to 15 sides of A4, excluding
module descriptions) .................................................................................................................................................................... 17
Description of the degree ........................................................................................................................................... 17
Number of taught credits that can be mapped to computer science Subject Areas .................................................. 17
Detailed coverage of the computer science Subject Areas ........................................................................................ 17
Computer science module descriptions ..................................................................................................................... 17
Professional Knowledge and Skills .............................................................................................................................. 18
Criteria to be applied. ................................................................................................................................................. 24
3.6.1 Description of the degree ....................................................................................................................................... 24
3.6.2 Number of taught credits that can be mapped computer science Subject Areas .................................................. 24
3.6.3 Detailed coverage of the computer science Subject Areas .................................................................................... 24
3.6.4 Computer science module descriptions ................................................................................................................. 24
3.6.5 Professional Knowledge and Skills.......................................................................................................................... 24
Assessment materials (up to five sides of A4, excluding copies of examination papers etc.) ............................................. 25
Approach to assessment for both full and provisional applications ........................................................................... 25
4.1.1 Approach to assessment ........................................................................................................................................ 25
4.1.2 Marking .................................................................................................................................................................. 25
Examination papers .................................................................................................................................................... 25
4.2.1 Provisional application ........................................................................................................................................... 25
4.2.2 Full application ....................................................................................................................................................... 25
External examiner’s report – full application only ...................................................................................................... 25
Criteria to be applied .................................................................................................................................................. 25
4.4.1 For both full and provisional applications .............................................................................................................. 25
Issue 5.0
03 September 2020
Page 4 of 38
TABLE OF CONTENTS
4.4.2 For full certification only ........................................................................................................................................ 25
Individual projects and dissertations (up to five sides of A4, excluding list of dissertation titles and copies of
dissertations) ................................................................................................................................................................................ 26
Applications for both full and provisional certification .............................................................................................. 26
5.1.1 Level and credit value ............................................................................................................................................. 26
5.1.2 Guidance to students ............................................................................................................................................. 26
5.1.3 Allocation of dissertation topics ............................................................................................................................. 26
5.1.4 Scope of dissertation topics ................................................................................................................................... 26
5.1.5 Monitoring of students’ progress ........................................................................................................................... 26
5.1.6 Assessment of dissertations ................................................................................................................................... 26
Dissertations – for full certification only ..................................................................................................................... 26
5.2.1 List of dissertation topics ........................................................................................................................................ 26
5.2.2 Example dissertations ............................................................................................................................................. 26
5.2.3 Marks for example dissertations ............................................................................................................................ 26
Criteria to be applied .................................................................................................................................................. 27
5.3.1 Applications for both full and provisional certification .......................................................................................... 27
5.3.2 Applications for full certification only .................................................................................................................... 27
Student numbers and grades awarded – applications for full certification only (up to five sides of A4) ............................ 28
Student entry data ...................................................................................................................................................... 28
Student exit data ........................................................................................................................................................ 29
Student satisfaction .................................................................................................................................................... 30
Criteria to be applied .................................................................................................................................................. 30
APPENDIX B: TOPICS TO BE COVERED IN INTEGRATED MASTER’S DEGREES IN COMPUTER SCIENCE FOR CYBER SECURITY ..... 31
Introduction.......................................................................................................................................................................... 31
Computer Science Subject Areas .......................................................................................................................................... 32
Professional Knowledge and Skills ....................................................................................................................................... 38
Issue 5.0
03 September 2020
Page 5 of 38
INTRODUCTION AND BACKGROUND
Introduction and background
UK National Cyber Security Strategy
Section 7 (‘Develop’) of the UK National Cyber Security
Strategy (2016-2021)1 states that
the UK requires more talented and qualified
cyber security professionals
Objective 7.1 is
to ensure the sustained supply of the best
possible home-grown cyber security talent
Working in partnership over the past few years, the
Department for Digital Culture Media and Sport (DCMS),
Cabinet Office (CO), UK Research and Innovation (UKRI)
and the National Cyber Security Centre (NCSC) have
initiated a number of programmes across academia
designed to address the knowledge, skills and capability
requirements for cyber security in Objective 7.14,
including:
• Academic Centres of Excellence in Cyber Security
Research2
• Academic Centres of Excellence in Cyber Security
Education3
• Academic Research Institutes in Cyber Security4
• Centres for Doctoral Training in Cyber Security
Research5 6 7 8
As part of this strategy, the NCSC initiated a programme
to certify postgraduate Master’s and undergraduate
degrees in cyber security subjects taught at UK Higher
Education Institutions (HEIs)9.
1 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016.pdf 2 https://www.ncsc.gov.uk/information/academic-centres-excellence-cyber-security-research 3 https://www.ncsc.gov.uk/information/ace-cse-recognition-call 4 https://www.ncsc.gov.uk/section/education-skills/research-and-academia
Aims, benefits and vision of certified Integrated
Master’s in cyber security
The overall aim is to identify and recognise Integrated
Master’s degrees run by UK HEIs that provide well-
defined and appropriate content and that are delivered to
an appropriate standard.
The anticipated key benefits of the certified Integrated
Master’s programme include:
• providing guidance to prospective students and
employers on the content and quality of
Integrated Master’s degrees
• providing Integrated Master’s students who have
completed their certified degree with an
additional form of recognition – i.e., that they
have successfully completed an NCSC-certified
degree
• helping to further enhance the quality, focus and
relevance of Integrated Master’s degrees
• helping universities with certified Integrated
Master’s degrees to attract additional numbers /
higher quality students both from the UK and
abroad
• helping employers (in industry, government and
academia) during the recruitment process to
better understand, and distinguish between, the
Integrated Master’s qualifications of job
applicants
5 https://www.royalholloway.ac.uk/research-and-teaching/departments-and-schools/information-security/studying-here/centre-for-doctoral-training-in-cyber-security-for-the-everyday 6 https://www.cybersecurity.ox.ac.uk/education/cdt 7 https://www.ucl.ac.uk/computer-science/study/postgraduate-research/centre-doctoral-training-cybersecurity 8 https://www.bristol.ac.uk/cdt/cyber-security/ 9 https://www.ncsc.gov.uk/section/education-skills/higher-education
Issue 5.0
03 September 2020
Page 6 of 38
SCOPE
Scope of this call for applications This call is for the certification of Integrated Master’s
degrees with Honours that are addressing underpinning
computer science for cyber security.
This call is for Integrated Master’s degrees (including
distance learning degrees) delivered, examined and
awarded in the UK by UK HEIs.
There are two types of certification: ‘Full Certification’ and
‘Provisional Certification’. Certifications of individual
Integrated Master’s degrees by the NCSC will be subject
to a set of terms and conditions (T&Cs).
Terminology used in this call
2.1.1 Cyber Security
The National Cyber Security Strategy 2016-202110
describes cyber security as ‘the protection of information
systems (hardware, software and associated
infrastructure), the data on them, and the services they
provide, from unauthorised access, harm or misuse. This
includes harm caused intentionally by the operator of the
system, or accidentally, as a result of failing to follow
security procedures.’
This call’s use of the term cyber security is consistent with
this definition. However, it should be recognised that
there are many definitions of cyber security and a succinct
definition will always be rather abstract. That is why we
take the Cyber Security Body of Knowledge (CyBOK)11 to
define the discipline of cyber security, its boundaries and
its dependencies and relationships with regards to other
disciplines.
2.1.2 Level and credit
Throughout this document, the terms ‘level’ and ‘credit’
are taken from the Higher Education Credit Framework
for England12. If an HEI uses a different framework, it
should describe what it uses and map its framework to
10 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016.pdf 11 https://www.cybok.org 12 https://www.qaa.ac.uk/docs/qaa/quality-code/academic-credit-framework.pdf?sfvrsn=940bf781_12 13 https://www.qaa.ac.uk/docs/qaa/quality-code/academic-credit-higher-education-in-england-an-introduction.pdf 14 https://www.qaa.ac.uk/docs/qaa/quality-code/master's-degree-characteristics-
the QAA framework. One credit is assumed to require a
nominal 10 hours of work by a student13.
2.1.3 Integrated Master’s degrees
The QAA describes Integrated Master’s degrees as
follows14:
Integrated Master's degrees are common in
science, mathematics and engineering but are also
used in other subjects and delivered through a
course that combines study at the level of a
Bachelor's degree with Honours with study at
Master's level during the latter stages of the
course. As such, a student usually graduates with a
Master's degree after a continuous four-year (or
five-year in Scotland) course of study. If a work
placement is included, the time taken to complete
the course may be extended.
The QAA Subject Benchmark Statement for Computing
states15 16:
Integrated Master’s degrees (MComp, MEng
and MSci) include the outcomes of Bachelor's
degrees with Honours and go beyond them to
provide a greater range and depth of specialist
knowledge, often within a research and
industrial environment, as well as a broader
and more general academic base. Such
programmes provide a foundation for
leadership. Integrated Master’s programmes of
study are designed as an integrated whole from
entry to completion, although earlier parts may
be delivered in common with a parallel
Bachelor's degree with honours.
For the purposes of this call document, Integrated
Master’s degrees with Honours are assumed to typically
take four years of study (or equivalent for part-time
students) leading to the award of Master’s degrees such
as MComp, MEng, MSci, etc. Intermediate Bachelor’s
statement8019abbe03dc611ba4caff140043ed24.pdf?sfvrsn=86c5ca81_12#:~:text=7-,2.2%20Integrated%20master's%20degrees,latter%20stages%20of%20the%20course. 15 https://www.qaa.ac.uk/docs/qaa/subject-benchmark-statements/subject-benchmark-statement-computing.pdf?sfvrsn=ef2c881_10 16 https://www.qaa.ac.uk/docs/qaa/subject-benchmark-statements/subject-benchmark-statement-computing-(masters).pdf?sfvrsn=15f2c881_10
Issue 5.0
03 September 2020
Page 7 of 38
SCOPE
degrees are not awarded. Typically, Integrated Master’s
degrees comprise 480 credits with a minimum of 120
credits at level 7.
Typically for a 4-year Integrated Master’s: year 1 would be
at level 4; year 2 at level 5; year 3 at level 6; and year 4 at
level 7.
Integrated Master’s – different structures
The structure of Integrated Master’s degrees does vary
from university to university. By way of example only,
during the first three years students might undertake a
Bachelor’s level programme with the fourth year being at
Master’s level. Students would only be able to enter the
fourth year if they have achieved a good overall mark
during their first three years. In other Integrated Master’s
degrees, students might undertake a common
programme during the first two years before undertaking
Integrated Master’s modules during years 3 and 4. In
Scotland, Integrated Master’s degrees typically take 5
years. Some universities might offer 5-year Integrated
Master’s with one year spent working in industry.
Thus, in its application it is important that an HEI clearly
describes the structure of its Integrated Master’s degree.
Issue 5.0
03 September 2020
Page 8 of 38
SCOPE
In scope
This call is open to Integrated Master’s degrees that meet the scope requirements below.
2.3.1 Computer science requirements
Requirements Description
ComSci 1 Across levels 4 to 7, there must be a minimum of 330 taught computer science credits
ComSci 2 Across levels 4 to 7, there must be a minimum of 300 taught computer science credits that can be mapped to the
Computer Science Subject Areas shown in Appendix B
ComSci 3 The computer science taught credits must provide coverage of Subject Areas 1 to 15 shown in Appendix B in good
breadth and depth, at the levels indicated in Appendix B
ComSci 4 Students must undertake an individual project and dissertation at level 6 or 7 accounting for between 20 and 50 credits
which is relevant to cyber security and within the scope of the Computer Science Subject Areas 10-16
Table 1: Computer science requirements
Issue 5.0
03 September 2020
Page 9 of 38
SCOPE
If the number of credits associated with the individual
project and dissertation at level 6 or 7 is less than 20 then
an HEI will need to clarify how students are able to gain
sufficient understanding and experience of undertaking
individual project work. If the number of credits
associated with the individual project and dissertation at
level 6 or 7 is greater than 50 then an HEI will need to
justify the value of having such a large individual project
and dissertation.
2.3.2 Full certification
To be in scope, applications for full certification require
the following three requirements to be met:
i. a cohort of students to have successfully
completed the Integrated Master’s degree in
academic year 2019-20
ii. the external examiner’s report to be available
for academic year 2019-2017
iii. the Integrated Master’s degree to be running in
academic year 2020-21
2.3.3 Provisional certification
To be in scope, applications for provisional certification
must meet one of the requirements i, ii and iii below:
i. the Integrated Master’s degree is running in
academic year 2020-21, though a cohort of
students did not complete the degree in
academic year 2019-20
ii. the new/revised Integrated Master’s degree has
not yet started but will start by (up to and
including) October 2022
iii. although the Integrated Master’s degree meets
the requirements for full certification, an HEI
may if it so wishes apply for provisional
certification
17 Where the external examiner’s report for 2019-20 is not available by the submission deadline, please provide the most recent report and the
Out of scope
The following degrees are out of scope:
• postgraduate Master’s degrees that typically
take one year of study (or equivalent for part-
time students) – these are addressed in other
calls
• Integrated Master’s degrees that do not have the
required computer science and cyber security
content
• Integrated Master’s degrees that are planned to
start later than October 2022
HEI’s response. Please state when the 2019-20 report and response will be available and submit them as soon as they are available.
Issue 5.0
03 September 2020
Page 10 of 38
ELIGIBILITY
Eligibility This call is open to all officially recognised bodies listed at https://www.gov.uk/check-a-university-is-officially-
recognised/recognised-bodies.
Applicants should note that there will be no funding associated with successful certification of Master’s degrees.
Issue 5.0
03 September 2020
Page 11 of 38
HOW TO APPLY
How to apply
Submitting applications
All applicants intending to apply for certification must
register an expression of interest by 16:00 on 10
November 2020 by emailing
[email protected]. Applications from
HEIs that have not registered by this date will not be
accepted. Applicants should indicate whether they intend
to apply for full or provisional certification.
Applications should be emailed to
[email protected] by 16:00 on 18
December 2020. The NCSC will email applicants to
confirm receipt of applications.
Please put ‘Int Master’s CSforCS application – <Name of
your HEI><Email n of m>’ on the subject line.
Applications should be sent as one pdf file that does not
exceed 15MB, and should be structured to follow the
guidance in Appendix A. Please use bookmarks and page
numbers to aid navigation through the document. Please
name the file as follows: <Name of your
HEI><Certification A or B >. If multiple files need to be
sent, please email the NCSC ahead of the deadline to
discuss this.
Applicants are solely responsible for ensuring that any
application that they submit reaches the NCSC and for all
costs related to, or connected with, the preparation of
their applications. Nothing in this call for applications
document, including any documents annexed to it or
otherwise made available (including information or
statements made verbally) as part of the application
process, shall constitute a contract between the NCSC and
applicants or potential applicants (whether express or
implied).
Briefing session
The NCSC intends to hold a briefing session for applicants
at 14:30 on 22 September 2020. The session will take
place remotely via Microsoft Teams. If you would like to
attend, please email [email protected]
by 16:00 on 21 September 2020. All potential applicants
are strongly encouraged to attend. In particular:
• HEIs intending to renew their certification
• HEIs that were unsuccessful in previous
applications and that have not attended a recent
individual feedback session with the NCSC
• HEIs that have not previously applied
• HEIs that have not previously attended a briefing
session
Experience shows that applications from those HEIs that
have attended a briefing session tend to contain fewer
mistakes and are less likely to be ruled out on grounds of
non-compliance with the process.
Points of clarification
Call documents and a list of points of clarification regarding the application process will be maintained at: https://www.ncsc.gov.uk/information/ncsc-degree-certification-call-new-applicants-0. Applicants are advised to check this web page regularly
for any updates to the application process or changes to
this call document, such changes to be made at the
absolute discretion of the NCSC and without notice.
Applicants are welcome to contact the NCSC before 16:00
on 04 December 2020 to discuss any questions or areas of
concern they might have. Please contact the NCSC at
Issue 5.0
03 September 2020
Page 12 of 38
ASSESSMENT
Assessment Applications within scope will be assessed by an
assessment panel that will include representatives from
the NCSC, wider government, industry and academia.
Each application will be read and scored independently by
a minimum of three members of the assessment panel.
Assessment Process
Applications must be submitted in full by the deadline.
At the assessment panel each application will be assessed
within the five areas shown below, and further described
in Appendix A, against the set of assessment criteria also
shown in Appendix A:
• Description of the applicant
• Description of the Integrated Master’s degree
• Assessment materials
• Individual projects and dissertations
• Student numbers and grades awarded
(applications for full certification only)
The HEI’s letter of support for the application is not
scored but must be included in the application.
Scoring
At the assessment panel meeting, panel members will
present their scores and the rationale for their scores. The
assessment panel will agree a consensus score for each
section of each application. The panel’s decision is final.
There is no maximum number of successful applications
for certification. In terms of providing evidence to meet
the assessment criteria, each scored section of each
application will be marked using the scale shown in Table
2 below. Each section must achieve a threshold score of 3.
If an application includes a letter of support and the
consensus score is at threshold or above in each scored
section, then the application will be deemed to be
successful overall.
Score Meaning
0 No response or no response capable of assessment has been submitted, or the response
does not address the criteria of the requirement.
1 The response meets some but not a majority of the requirement and/or insufficient
evidence is provided to substantiate the response. There are significant deficiencies in the
response.
2 The response meets the majority but not all of the requirement and there are minor
deficiencies in how the application addresses the remaining criteria. For those parts of the
requirement that are met, sufficient evidence to substantiate the response is provided.
3
(pass mark)
The response meets the requirement in full and is supported by evidence that substantiates
the response. All the criteria of the requirement are satisfactorily covered by the response.
4 The response meets, and in some places exceeds, the requirement. The response is backed
up by substantial and convincing evidence.
Table 2: Scoring scale used to assess applications.
Issue 5.0
03 September 2020
Page 13 of 38
MOVING FORWARDS
Moving forwards
Key dates
Call issued 07 September 2020
Briefing session registration 21 September 2020
Briefing session 22 September 2020
Deadline for expressions of interest
10 November 2020, 16:00
Deadline for applications 18 December 2020, 16:00
Assessment of applications January – February 2020
Announcement of results March 2020
After the assessment process
All applicants will be notified individually whether their
applications have been successful.
Successful applications
Successful full applications will be awarded ‘Certified’
status for a period of five years, subject to the HEI
agreeing the T&Cs that will document the ongoing
requirements for the HEI and the NCSC.
Successful provisional applications will be awarded
‘Provisional Certification’ status. This will be conditional
on the applicant agreeing the T&Cs associated with
provisional applications, which will include a limit on the
length of time a ‘Provisional Certification’ status can be
held without obtaining full certification.
The T&Cs describe the terms of use of the branding
associated with certification such as in
advertising/promotional material and the award
documents given to students who have successfully
completed the degree.
The T&Cs also describe the ongoing requirements that the
HEI must satisfy in order for the certification to remain
valid.
Unsuccessful applications
Applications that are not successful in this call will be
given written feedback and offered a face-to-face
feedback session.
Applications with a borderline fail
If an application is a ‘borderline’ fail, then at the
discretion of the assessment panel the HEI may be
contacted by the NCSC after the panel meeting and given
the opportunity to re-submit a revised version of the
relevant section(s). The HEI will need to confirm that no
changes have occurred that would affect the other
sections of the application. The assessment panel will only
assess the re-submitted section(s) and assume that the
scores for the other sections from the previous
submission still stand. However, it must be stressed that
the HEI will need to liaise with the NCSC and obtain the
NCSC’s approval if it wishes to only submit a revised
version of the unsuccessful section(s).
Issue 5.0
03 September 2020
Page 14 of 38
APPENDIX A: REQUIRED STRUCTURE OF APPLICATION
APPENDIX A: REQUIRED STRUCTURE OF APPLICATION
This appendix provides details of the information that applicants should provide with their application for full or provisional certification along with the criteria that will be applied.
Applicants should refer to section 2.3.22 that describes the requirements for an application for full certification to be in scope, and to section 2.3.33 that describes the requirements for an application for provisional certification to be in scope.
Please note that an HEI should submit one application per Integrated Master’s degree against this call. An HEI can submit more than one Integrated Master’s degree for certification against this call if the HEI believes that more than one of its Integrated Master’s degrees meet the criteria below.
Documents should be in pdf format, no larger than 15MB, with the font size no smaller than 10pt. Unless specifically asked
for, additional pages and other material in addition to that outlined below will not be read and will not therefore form part of
the assessment for certification. All information provided will be treated confidentially and used only for the purposes of
assessing applications.
Applications should be well signposted, using bookmarks, page numbers, hyperlinks, headers and footers. They should
contain a contents page and should follow the headings structure of the call document.
Each application for full certification should comprise the following six sections:
1. ‘Institution’s letter of support for the application’ (up to two sides of A4).
2. ‘Description of the applicant’ (up to seven sides of A4, excluding CVs).
3. ‘Description of the Integrated Master’s degree’ (up to fifteen sides of A4, excluding the module descriptions).
4. ‘Assessment materials’ (up to five sides of A4, excluding copies of examination papers, copies of information provided for coursework and copy of external examiner’s report).
5. ‘Individual projects and dissertations’ (up to five sides of A4, excluding list of dissertation titles and copies of dissertations).
6. ‘Student numbers and grades awarded’ (up to five sides of A4).
Each application for provisional certification should comprise the following five sections:
1. ‘Institution’s letter of support for the application’ (up to two sides of A4).
2. ‘Description of the applicant’ (up to seven sides of A4, excluding CVs).
3. ‘Description of the Integrated Master’s degree’ (up to fifteen sides of A4, excluding the module descriptions).
4. ‘Assessment materials’ (up to five sides of A4, excluding copies of examination papers and copies of information provided for coursework).
5. ‘Individual projects and dissertations’ (up to five sides of A4)
Issue 5.0
03 September 2020
Page 15 of 38
APPENDIX A: LETTER OF SUPPORT
HEI’s letter of support for the application
(up to two sides of A4)
Signed letter of support for both full and
provisional applications
Please provide a signed letter from the Vice Chancellor (or
equivalent) showing support for the HEI’s application to
have an Integrated Master’s degree considered for
certification by the NCSC.
The letter of support is not scored but applicants may
want to consider using it as an opportunity for the HEI’s
senior management to:
• demonstrate commitment to the Integrated
Master’s programme specifically and cyber
security more generally
• highlight recent HEI investment in the area and
any future planned investment
• describe the importance of the area in the HEI’s
future strategy, etc.
• outline how Covid-19 is impacting the HEI
generally and the Integrated Master’s degree
specifically along with the steps being taken by
the HEI to deal with the issues being raised
For provisional applications
For those Integrated Master’s degrees that have not yet
started, it is important that the HEI confirms the start
date for the Integrated Master’s degree and that the
degree will start by (up to and including) October 2022.
For those Integrated Master’s degrees that meet the
requirements for full certification to be applied for, it is
important that the HEI confirms that it has chosen to
submit an application for provisional certification and also
provides its reasons for making a provisional application.
Issue 5.0
03 September 2020
Page 16 of 38
APPENDIX A: DESCRIPTION OF APPLICANT
Description of the applicant (for both full
and provisional applications, up to 7 sides
of A4, excluding CVs)
Team
Please provide the names and structure of the
department(s)/group(s)/school(s) responsible for the
Integrated Master’s degree together with the names,
seniority and roles of the members of staff responsible for
delivering the degree content, setting and marking
examinations, supervising dissertations, etc.
Please provide a diagram that clearly shows the roles and
responsibilities of team members.
Where there is a core team delivering the Integrated
Master’s, it may be helpful to clearly separate the core
team from ‘associate’ members of the team. Please
describe briefly how the team functions as a cohesive
unit.
Recent investments
Please describe any recent investments from the HEI,
government, industry etc. in the groups running the
Integrated Master’s degree programme.
External linkages
Please describe any external linkages that add value to
the Integrated Master’s degree, and the impact these
bring to the degree programme: e.g., visiting lecturers
with specialist knowledge from other academic
departments, government or industry; projects
suggested, and monitored, by industry; etc.
Review and update process
Please describe the process used to review and renew the
course content to keep it up to date, for example: how
often is the course content reviewed, by whom, and what
external advice is taken (e.g., industrial advisory boards).
Facilities
Please describe the facilities available to Integrated
Master’s students in general and those dedicated to
students undertaking the Integrated Master’s degree
specifically, for example: computer laboratories,
dedicated equipment, library (access to textbooks), on-
line journal subscription (for research dissertations), etc.
CVs and personal statements
For each member of staff named above please provide a
tailored CV (up to 2 sides of A4 in length). This should
contain:
• a personal statement of experience and
expertise in computer science and/or a personal
statement of experience and expertise in cyber
security using the CyBOK Knowledge Areas (KAs)
as a framework
• details of academic background
• details of computer science and/or cyber-
security related employment
• contribution to computer science and/or cyber
security at the HEI
• computer science and/or cyber-security related
and other esteem indicators – e.g., editorships,
invited talks, membership of national and
international advisory groups
• computer science and/or cyber-security
knowledge and expertise indicators, such as
recent publications, work with
industry/government, research activities
• any other information that might be relevant in
demonstrating computer science and/or cyber
security expertise
CVs should go in an appendix to section 2.
Criteria to be applied
i. There must be a coherent team responsible for
delivering the Integrated Master’s, with clear
roles and responsibilities.
ii. The team members delivering the modules,
setting the examinations and marking papers
must have the appropriate technical knowledge
and skills.
iii. The team must be well supported by the HEI. It
would be desirable to see that the Integrated
Master’s degree programme has valuable
external linkages.
iv. There should be a well-defined process for
keeping the Integrated Master’s degree up to
date that takes account of appropriate internal
and external advice.
v. Students undertaking the Integrated Master’s
should have access to well-equipped modern
computer laboratories with easy access to
information on the latest developments in
computer science and cyber security.
Issue 5.0
03 September 2020
Page 17 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Description of the Integrated Master’s
degree (for both full and provisional
applications, up to 15 sides of A4, excluding
module descriptions)
Description of the degree
a. Please provide a high-level description of the
Integrated Master’s degree. This should include:
• the name of the degree and the specific
degree awarded (e.g., MComp, MEng,
MSc etc.)
• the start date of the degree
• the number of academic years the
degree has been running and whether it
is being run in academic year 2020-21
b. Please confirm that the degree satisfies the QAA
qualification framework for Integrated Masters.
In particular:
• minimum of 480 credits across levels 4
to 7
• minimum of 120 credits at level 7
• 1 credit equating to a nominal 10 hours
of work by a student
c. Please provide a description of how the
Integrated Master’s degree is delivered, for
example:
• the UK campuses at which delivery takes
place18
• the use of online learning materials
particularly in relation to issues arising
from Covid-19
• if applicable, whether the degree is
offered on a part-time basis and a
description of how the degree is
structured to accommodate part-time
students
d. Please provide a description of the overall aims
of the degree.
18 Certification is only available for delivery at UK campuses.
e. Please describe how the Integrated Master’s is of
value to students, employers and the academic
community.
Number of taught credits that can be mapped to
computer science Subject Areas
a. Please provide Tables 3.1a, b, c, d, e, f, g, h that
show for each taught compulsory and optional
module the number of credits allocated to the
computer science Subject Areas19.
b. Please provide Table 3.2 that summarises the
number of taught credits allocated to computer
science to meet the requirements for ComSci 1
and ComSci 2 (section 2.3.1). Please use the final
column in Table 3.2 to record where, for
example, the choice of optional modules has a
bearing on meeting the requirements for the
number of credits.
Detailed coverage of the computer science
Subject Areas
a. Following the example row provided, please
complete Table 3.3 showing topic coverage in
the Integrated Master’s is achieved (requirement
ComSci 3) by both the taught modules and the
associated assessments. The assessments should
show good broad coverage of the Indicative
Topics, but it is to be expected that some of
those taught may not be assessed.
b. To help the Assessment Panel assess coverage of
Subject Areas, please indicate whether a module
significantly or partially covers the topics within a
given Subject Area (e.g. based upon the
Indicative Topics listed, or others that you
consider relevant to the Subject Area and which
are apparent from your supplied module
descriptions).
Computer science module descriptions
In an appendix to this section, please include a module
description for each module that addresses a computer
science Subject Area in Table 3.3.
At the beginning of each module description, please
provide a table that lists the Subject Areas that the
19 Please do not include projects or dissertations in these tables.
Issue 5.0
03 September 2020
Page 18 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
module covers along with brief justifications for why this
is the case.
The module descriptions should provide good evidence of
the Subject Areas and Indicative Topics coverage claimed
in Table 3.3.
Professional Knowledge and Skills
Please describe how the areas in Professional Knowledge
and Skills (Appendix B, section 3) are addressed in the
Integrated Master’s degree. By way of example, describe
how team-working, communication skills, professional
ethics, etc. are covered within the degree programme as a
whole. It is not a requirement to have a separate
dedicated module covering Professional Knowledge and
Skills.
Issue 5.0
03 September 2020
Page 19 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Name of compulsory module20 21 Member(s) of staff
delivering module
Number of credits Subject Area(s) covered Number of Credits addressing Subject Area(s)22
Module 1
…
Module f
Total number of compulsory
credits
Table 3.1a: Level 4 compulsory taught modules.
20 Please only include taught modules in this table and do not include projects or dissertations. 21 To help assessors please use short meaningful names (e.g., NetSec) rather than course codes (e.g. YY6203A) for module names. 22 If there are not any, please state ‘None’
Issue 5.0
03 September 2020
Page 20 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Name of compulsory module Member(s) of staff
delivering module
Number of credits Subject Area(s) covered Number of Credits addressing Subject Area(s)
Module 1
…
Module f
Total number of optional credits
to be taken at level 4
Table 3.1b: Level 4 optonal taught modules
Please provide equivalent tables for:
• Level 5: Tables 3.1c, d
• Level 6: Tables 3.1e, f
• Level 7: Tables 3.1g, h
Issue 5.0
03 September 2020
Page 21 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Requirements (section 2.3.1) Number of credits in Integrated Master’s If applicable, additional information including
comments on choice of optional modules required
ComSci 1:
• across levels 4 to 7 there must be a minimum of 330
taught computer science credits
ComSci 2:
• across levels 4 to 7 there must be a minimum of 300
taught computer science credits that can be mapped to
the computer science Subject Areas
Table 3.2: Table showing the number of credits in the Integrated Master’s in relation to the first two of the certification requiremnts.
Issue 5.0
03 September 2020
Page 22 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Computer Science Subject Area and
level at which it should be covered
Level at
which it is
covered
Indicative Topics Module(s) providing
significant coverage
Module(s) providing partial
coverage
Assessment
By way of example only
1. Algorithms and Complexity (4/5) 4
basic analysis CS123 CS123 Exam
algorithmic strategies CS123 CS123 Exam
fundamental data structures + algorithms CS123 CS123 Exam
basic automata, computability and
complexity
CS123 CS124 CS123 Exam
2. Architecture and Organisation (4/5)
3. Discrete Structures (4/5)
4. Programming Languages (4-6)
5. Software Development Fundamentals
(4/5)
6. Software Engineering (5/6)
7. Systems Fundamentals (4/5)
8. Human-Computer Interaction (4/5)
9. Information Management (4/5)
10. Security Fundamentals (4/5)
11. Operating Systems (4-6)
Table 3.4:Module coverage of the computer science Subject Areas – requirement ComSci 3
Issue 5.0
03 September 2020
Page 23 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Computer Science Subject Area and
level at which it should be covered
Level at
which it is
covered
Indicative Topics Module(s) providing
significant coverage
Module(s) providing partial
coverage
Assessment
12. Networks (4-6)
13. Secure Programming (5/6)
14. Low level Techniques and Tools (5/6)
15. Systems Programming (5/6)
16. Embedded Systems (5/6)
Table 3.4 (continued):Module coverage of the computer science Subject Areas – requirement ComSci 3
Issue 5.0
03 September 2020
Page 24 of 38
APPENDIX A: DESCRIPTION OF INTEGRATED MASTER’S DEGREE
Criteria to be applied.
3.6.1 Description of the degree
i. The degree must satisfy the QAA qualification
framework for Integrated Master’s. In particular:
• minimum of 480 credits across levels 4 to 7
• minimum of 120 credits at level 7
• 1 credit equating to a nominal 10 hours of
work by a student
ii. The ways in which the Master’s is delivered
should be clear and appropriate. It should be
clear which UK campuses deliver the Master’s
and how on-line teaching is being used to deal
with the issues around Covid-19.
iii. If offered as a part-time Integrated Master’s,
part-time students should cover the same
breadth and depth of content as full-time
students
iv. For full Certification:
• the degree must have had a cohort of
students successfully complete the
degree in academic year 2019-2020 and
it must be currently active in academic
year 2020-2021.
For provisional Certification:
• new/revised Integrated Master’s
degrees that have not yet started must
start by (up to and including) October
2022.
v. The overall aims of the degree must be clearly
articulated, coherent and appropriate for an
Integrated Master’s in Computer Science for
Cyber Security.
vi. The Integrated Master’s must be of value to
students, employers, and the academic
community.
3.6.2 Number of taught credits that can be mapped
computer science Subject Areas
vii. The completed Tables 3.1a, b, c, d, e, f, g, h and
Table 3.2 must show that the requirements of
ComSci 1 and ComSci 2 are met.
3.6.3 Detailed coverage of the computer science
Subject Areas
viii. Table 3.3 must show that requirement ComSci 3
is met.
ix. Table 3.3 must show that where coverage of a
Subject Area is claimed there should be (an)
associated assessment(s), and this is consistent
with the information on assessments shown in
section 4 of this appendix.
3.6.4 Computer science module descriptions
x. The module descriptions should provide good
evidence of the Subject Areas and Indicative
Topics coverage claimed in Table 3.3.
3.6.5 Professional Knowledge and Skills
xi. The Integrated Master’s degree should address
the requirements for Professional Knowledge
and Skills.
Issue 5.0
03 September 2020
Page 25 of 38
APPENDIX A: ASSESSMENT MATERIALS
Assessment materials (up to five sides of
A4, excluding copies of examination papers
etc.)
Approach to assessment for both full and
provisional applications
4.1.1 Approach to assessment
Please describe the overall approach to assessment of the
taught modules on the Integrated Master’s degree. This
should include:
• assessment methodology
• marking scheme
• the pass mark for individual modules and the
taught part of the degree overall
4.1.2 Marking
Please describe how the overall mark for the degree as a
whole is worked out from the taught component and the
individual project and dissertation. Please describe the
mark required to achieve first, 2.i, 2.ii, 3rd (or equivalent)
of the overall degree.
Examination papers
4.2.1 Provisional application
For each of the modules identified in section 3 that
addresses a computer science Subject Area, please
describe the process (to be) used for assessment (e.g.,
examination, coursework, practical exercises, etc.). Please
provide a copy of examination paper(s) that students
have sat or specimen paper(s) of the examinations they
will sit. For assessed coursework, please provide copies of
all assignments (to be) provided to students. For each
assessed coursework please also provide a specific,
tailored, marking scheme, or a narrative explaining what
the marker would expect a student to provide in a good
response. This information should be placed in an
appendix to section 4.
4.2.2 Full application
For academic year 2019-2020, for each of the modules
identified in section 3 that addresses a computer science
Subject Area, please describe the process used for
assessment (e.g., examination, coursework, practical
23 Where the external examiner’s report for 2019-20 is not available by the submission deadline, please provide the most recent report and the
exercises, etc.). Please provide a copy of the examination
paper(s) that students sat. For assessed coursework,
please provide copies of all assignments provided to
students. For each assessed coursework please also
provide a specific, tailored, marking scheme, or a
narrative explaining what the marker would expect a
student to provide in a good response. This information
should be placed in an appendix to section 4.
External examiner’s report – full application only
For academic year 2019-2020, please provide a copy of
the external examiner’s report23. Please describe the
process for engagement with the external examiner.
Please describe the technical background and experience
of the external examiner.
For academic year 2019-2020, please provide a copy of
the HEI’s response to the external examiner’s report and
any follow-up actions that have been undertaken in
response to the report.
Criteria to be applied
4.4.1 For both full and provisional applications
i. The overall approach to the assessment of the
taught component to the Integrated Master’s
must be clear and coherent. The marking scheme
must make it clear what students have to
demonstrate in their work in order to be
awarded the relevant marks/grades.
ii. The examination and assessment process must
rigorously test students’ understanding and
critical analysis of the computer science Subject
Areas shown in Appendix B.
4.4.2 For full certification only
iii. The external examiner should have the
appropriate technical background and their
report must provide a positive picture of the
Integrated Master’s degree under assessment.
iv. The progress to any follow-on actions suggested
by the external examiner should be made clear.
HEI’s response. Please state when the 2019-20 report and response will be available and submit them as soon as they are available.
Issue 5.0
03 September 2020
Page 26 of 38
APPENDIX A: INDIVIDUAL PROJECTS AND DISSERTATIONS
Individual projects and dissertations (up to
five sides of A4, excluding list of
dissertation titles and copies of
dissertations)
Applications for both full and provisional
certification
5.1.1 Level and credit value
Please confirm the level and credit value of the individual
project and dissertation. If the credit value is less than 20
credits, please describe how students are able to gain
sufficient understanding and experience of undertaking
individual project work. If the credit value is more than 50
credits, please clarify the value of having such a large
individual project and dissertation.
5.1.2 Guidance to students
Please describe the guidance the HEI provides, or will
provide, to Integrated Master’s students before they
embark on their projects, for example: research methods,
undertaking literature reviews, etc.
5.1.3 Allocation of dissertation topics
Please describe the process for allocation of dissertation
topics to students, for example:
• is it up to students to come up with topic ideas?
• do members of staff identify possible topics?
• does the HEI have links with industry partners
who suggest topics?
5.1.4 Scope of dissertation topics
Please describe the process for ensuring:
• that students are supervised by appropriately
knowledgeable personnel
• that dissertation topics are within the scope of
Subject Areas 10 to 16 and relevant to cyber
security
5.1.5 Monitoring of students’ progress
Please describe the process for monitoring the progress of
students on their dissertations.
24 Where these classifications of dissertations are not used please refer to the grades that are used by the HEI.
5.1.6 Assessment of dissertations
Please describe the process for assessing dissertations.
Please provide a specific, tailored marking scheme for the
dissertations, clearly showing how grades are determined
for a first, 2:i, 2:ii etc24.. Please indicate whether this or
other similar guidance is provided to students.
Dissertations – for full certification only
5.2.1 List of dissertation topics
For each of academic years 2019-2020 and 2018-2019 (if
any), please provide a list of Integrated Master’s
dissertations undertaken by students. This should include
the dissertation title, a short (one paragraph) abstract, its
relevance to cyber security, and – if appropriate –
whether there was any external involvement in the
dissertation (e.g., from industry).
Where there were more than 20 students undertaking
dissertations in an academic year, please provide
information for a representative sample of 20
dissertations only.
5.2.2 Example dissertations
For academic year 2019-2020, please provide one
anonymised and representative copy of a dissertation for
each of25:
a. a dissertation that achieved a first
b. a dissertation that achieved a 2:i
c. a dissertation that achieved a 2:ii
d. a dissertation that achieved a third
If none in 2019-2020, try 2018-2019; if none, please
contact the NCSC ahead of the deadline for applications.
Dissertations should be placed in an appendix at the end
of the application and must be included in the email
submission.
5.2.3 Marks for example dissertations
For each of the dissertations in the previous section,
please provide:
a. the overall mark awarded
25 Where these classifications of dissertations are not used please refer to the grades that are used by the HEI.
Issue 5.0
03 September 2020
Page 27 of 38
APPENDIX A: INDIVIDUAL PROJECTS AND DISSERTATIONS
b. the components of the overall mark, for example
marks awarded to:
• viva (including any demonstration)
• dissertation plan
• dissertation
c. key comments from the internal examiners
d. any additional information that you feel would
help the assessment panel as part of its job to
determine whether the grade awarded to each
dissertation is appropriate.
Criteria to be applied
5.3.1 Applications for both full and provisional
certification
i. The individual project and dissertation should be
undertaken at level 6 or 7. If the number of
credits is less than 20, it should be clear that
students are still able to gain sufficient
understanding and experience of undertaking
individual project work. If the number of credits
is more than 50, then the value of having such a
large individual project should be clear.
ii. Students should be given appropriate guidance
and support before starting their research work.
iii. There needs to be a well-defined process for the
allocation of dissertation topics to students.
iv. There needs to be a well-defined process for
ensuring that dissertation topics are within the
scope of Subject Areas 10 to 16 and relevant to
cyber security.
v. There needs to be a well-defined process for
ensuring that students are supervised by
appropriately knowledgeable personnel.
vi. There needs to be a well-defined process for
monitoring the progress of students.
vii. There needs to be a well-defined and rigorous
process for the assessment of dissertations.
5.3.2 Applications for full certification only
viii. The list of dissertation topics must show that
dissertations topics are within the scope of
Subject Areas 10 to 16 and relevant to cyber
security.
ix. The grades awarded to the representative
dissertations should be appropriate and show no
evidence of regular over-grading.
Issue 5.0
03 September 2020
Page 28 of 38
APPENDIX A: STUDENT NUMBERS AND GRADES ACHIEVED
Student numbers and grades awarded – applications for full certification only (up to five sides of A4)
Student entry data
Where the data are available, for each of academic years 2019-2020 and 2018-2019, please provide the information requested in Table 6.1. Please provide a separate table for each
academic year.
Entry
Requirements
Number of full-time
students in final year
Number of part-time
students in final year
Number of final year
students who gained
equivalent of 120 tariff
points or above at A Level
in 3 STEM subjects
Number of final year students who
gained equivalent of 2.i or above
at end of year prior to entry to
Integrated Master’s degree
Students with UK
nationality
Students with EU
nationality
Students without UK
or EU nationality
Table 6.1: Student entry data.
Issue 5.0
03 September 2020
Page 29 of 38
APPENDIX A: STUDENT NUMBERS AND GRADES ACHIEVED
Student exit data
For academic years 2019-2020 and 2018-2019, please provide the information requested in Table 6.2.
Academic year Number of students
scheduled to
complete Integrated
Master’s
Number
achieving first
overall
Number
achieving 2:i
overall
Number
achieving 2:ii
overall
Number
achieving third
Number
failing
Integrated
Master’s
Number
deferring for
additional
year(s)
Number with
other
outcomes (if
applicable)
2018 - 2019
2019 - 2020
Table 6.2: Student exit data
Issue 5.0
03 September 2020
Page 30 of 38
APPENDIX A: STUDENT NUMBERS AND GRADES ACHIEVED
Student satisfaction
Please provide the results of the National Student Survey
and any actions that have been taken by the HEI as a
result.
Criteria to be applied
i. It would be expected that the majority of UK
students should have the equivalent of a tariff
points score of 120 points or above at A Level in
3 STEM subjects.
ii. It would be expected that the majority of EU
(excluding UK) and non-EU students have the
equivalent of a tariff points score of 120 points
or above at A Level in 3 STEM subjects.
iii. It would be expected that the majority of students
formally entering the Integrated Master’s degree
would have achieved a minimum of the equivalent
of a 2:i at level 5 or level 6.
iv. It would be expected that the distribution of
first, 2:i, 2:ii etc. achieved at Integrated Master’s
level should to some extent reflect the entry
qualifications of the student intake at A Level and
the grades achieved at level 5 or level 6. In this
regard, the external examiner’s report will be
referred to in case they have raised any concerns.
v. It would be expected that the percentage of
students failing or accepting a lesser qualification
should be low. In this regard, the external
examiner’s report will be referred to in case they
have raised any concerns.
vi. The HEI should encourage its students to
participate in the National Student Survey. The
results of the survey should paint a largely
positive picture of students’ learning experience
on the Integrated Master’s and the HEI should be
able to demonstrate progress on any key issues
raised.
Issue 5.0
03 September 2020
Page 31 of 38
APPENDIX B
APPENDIX B: TOPICS TO BE COVERED IN INTEGRATED MASTER’S DEGREES IN COMPUTER SCIENCE FOR
CYBER SECURITY
Introduction The tables in section 2 of this Appendix show the Subject Areas to be covered in Master’s degrees in Computer Science for
Cyber Security. The tables draw on the ACM/IEEE Computer Science Curricula26 and the Academic Requirements for
Designation as a Centre of Excellence in Cyber Operations27.
The tables in section 2 show the computer science Subject Areas (numbered 1 to 16) and associated Indicative Topics that
would be expected to be covered in eligible Integrated Master’s degrees.
The Indicative Topic Coverage highlights examples of the specific topics that one would expect to see represented within the
syllabi of Integrated Master’s modules in order for broad coverage of the related computer science Subject Area to be
achieved. Given that they are indicative topics, programmes would not be required to cover all of them explicitly (and indeed
other topics may additionally be relevant), but in order to demonstrate that a Subject Area is satisfactorily addressed, it
needs to be clear that a good breadth and depth of the indicative (or other relevant) topics is covered. In addition, several of
the tables also include references to the CyBOK28 Knowledge Areas where additional information may be found on some of
the Indicative Topics.
Throughout this document, the terms ‘level’ and ‘credit’ are taken from the Higher Education Credit Framework for
England29. If an HEI uses a different framework, it should describe what it uses and map its framework to the QAA
framework. Typically for a 4-year Integrated Master’s: year 1 would be at level 4; year 2 at level 5; year 3 at level 6; and year
4 at level 7.
In the tables in section 2, levels should be interpreted as follows:
• indicative level m/n – it would be expected that some coverage of the topics would take place at level m or level n
• indicative level m to n – it would be expected that some (more introductory) topics are covered at a lower level, m,
as well as coverage of more advanced topics at a higher level, n
Section 3 of this appendix provides examples of the Professional Knowledge and Skills that would be expected to be covered
in Integrated Master’s degrees.
26 ACM computer science curricula 2013: http://www.acm.org/education/curricula-recommendations 27 National Centres of Excellence in Cyber Operations: https://www.nsa.gov/resources/students-educators/centers-academic-excellence/ 28 https://www.cybok.org 29 https://www.qaa.ac.uk/docs/qaa/quality-code/academic-credit-framework.pdf?sfvrsn=940bf781_12
Issue 5.0
03 September 2020
Page 32 of 38
APPENDIX B
Computer Science Subject Areas
Computer Science Subject Area Indicative
Level
Description Indicative Topic Coverage
1. Algorithms and Complexity 4/5 • defines the central concepts and skills required to
design, implement and analyse algorithms for
solving problems
• basic analysis
• algorithmic strategies
• fundamental data structures and algorithms
• basic automata, computability and complexity
2. Architecture and Organisation 4/5 • develops an understanding of the hardware
environment upon which all computing is based
and the interface it provides to higher software
layers
• digital logic and digital systems
• machine level representation of data
• assembly level machine organisation
• memory system organisation and architecture
• interfacing and communication
3. Discrete Structures 4/5 • provide a foundation for many areas of computing • sets, relations and functions
• basic logic
• proof techniques
• basics of counting
• graphs and trees
• discrete probability
Issue 5.0
03 September 2020
Page 33 of 38
APPENDIX B
Computer Science Subject Area Indicative
Level
Description Indicative Topic Coverage
4. Programming Languages 4-6 • are the medium through which programmers
precisely describe concepts, formulate algorithms,
and reason about solutions
• object-oriented programming
• functional programming
• event-driven and reactive programming
• type systems
• program representation
• language translation and execution
• syntax analysis
• compiler semantic analysis
• code generation
5. Software Development Fundamentals 4/5 • provides a foundation for other software-oriented
knowledge areas – programming languages,
algorithms and complexity, and software
engineering
• algorithms and design
• fundamental programming concepts
• fundamental data structures
• secure software development
• development methods
6. Software Engineering 5/6 • the application of theory, knowledge and practice
to effectively build reliable software systems that
meet the requirements of customers and users
• software processes
• software project management
• tools and environments
• requirements engineering
• software design
• software construction
• software verification and validation
• software evolution
• software reliability
• secure software development
Issue 5.0
03 September 2020
Page 34 of 38
APPENDIX B
Computer Science Subject Area Indicative
Level
Description Indicative Topic Coverage
7. System Fundamentals 4/5 • the underlying hardware and software
infrastructure upon which applications are
constructed is collectively described as ‘computer
systems’
• computational paradigms
• cross-layer communications
• state and state machines
• parallelism
• evaluation
• resource allocation and scheduling
• proximity
• virtualisation and isolation
• reliability through redundancy
8. Human-computer interaction 4/5 • concerned with designing interactions between
human activities and the computational systems
that support them
• foundations
• designing interaction
• programming interactive systems
• user-centred design and testing
• human factors and security
9. Information Management 4/5 • concerned with concepts ranging from the
capture and representation of information
through to effective access and data modelling
• information management concepts
• database systems
• data modelling
Issue 5.0
03 September 2020
Page 35 of 38
APPENDIX B
Computer Science
Subject Area
Indicative
Level
Description Indicative Topic Coverage Relevant CyBOK Knowledge Areas
10. Security fundamentals 4/5 • provides the building blocks for
understanding the threats to
systems and the principles
underlying their security
• foundational concepts
• principles of secure design
• threats and attacks
• cryptography
• security architecture
• Introduction
• Risk Management and Governance
• Adversarial Behaviours
• Cryptography
• Law and Regulation
11. Operating Systems 4-6 • an OS defines an abstraction of
hardware and manages resource
sharing among a computer’s users
• OS principles
• concurrency and synchronisation
• processes and threads, process/thread management, synchronisation, inter-process communication
• scheduling and dispatch
• memory management
• security and protection
• file systems
• I/O system
• kernel security and reliability
• network file system
• network layer and transport layer protocols
• Windows kernel
• Linux kernel
• Operating Systems and Virtualisation
12. Networks 4-6 • the Internet and computer
networks are now ubiquitous and
fundamental to computer systems
• routing, network and application protocols
• network architectures
• network devices
• network security
• wireless network security
• network traffic analysis
• protocol analysis
• network mapping techniques
• Network Security
Issue 5.0
03 September 2020
Page 36 of 38
APPENDIX B
Computer Science
Subject Area
Indicative
Level
Description Indicative Topic Coverage Relevant CyBOK Knowledge Areas
13. Secure programming 5/6 • covers the potential vulnerabilities
that can arise in software
construction and the approaches
that can be used to develop
software that is more robust and
resilient to attack
• defensive programming
• memory corruption
• injection techniques
• privilege escalation
• user and kernel space vulnerabilities
• web applications
• static analysis
• application/system logic flaws
• compiler defences
• managed vs un-managed code
• Software Security
• Secure Software Lifecycle
• Operating Systems and Virtualisation
14. Low level techniques
and tools
5/6
• understanding the low-level
aspects of processors and code is
important for analysing security
vulnerabilities and malware
• assembly language programming
• machine-level instruction set and organisation
• compilers
• reverse engineering techniques
• reverse engineering for malware analysis
• reverse engineering communications
• de-obfuscation of obfuscated code
• common tools for reverse engineering
• anti-debugging mechanisms
• fuzzing
• Malware and Attack Technologies
Issue 5.0
03 September 2020
Page 37 of 38
APPENDIX B
Computer Science
Subject Area
Indicative
Level
Description Indicative Topic Coverage Relevant CyBOK Knowledge Areas
15. Systems programming 5/6 • covers development of the
underlying software upon which
computer systems are constructed
• advanced C programming
• kernel internals
• device drivers
• multi-threading
• file I/O
• process management
• file and directory management
• memory management
• signals
16. Embedded systems 5/6 • embedded systems are now found
in a great variety of application
domains
• hardware, design and fabrication
• software architectures
• programming and systems development
• security and reliability
• applications of embedded devices and systems
• hardware-debugging (JTAG, UART, etc)
• side-channel attacks and differential power analysis
• Hardware Security
• Cyber-Physical Systems
Issue 5.0
03 September 2020
Page 38 of 38
APPENDIX B
Professional Knowledge and Skills The table below provides examples of the professional knowledge and skills that would be expected to be covered in
Integrated Master’s degrees.
Professional Knowledge and Skills
Written and oral communication
Working in teams
Ethics for the cyber security professional
Understanding intellectual property