Skip to main content

During 2021 we will continue to support students who need to study remotely due to the ongoing impacts of COVID-19 and travel restrictions. Make sure you check the location code when selecting a unit outline or choosing your units of study in Sydney Student. Find out more about what these codes mean. Both remote and on-campus locations have the same learning activities and assessments, however teaching staff may vary. More information about face-to-face teaching and assessment arrangements for each unit will be provided on Canvas.

Unit of study_

INFO3616: Principles of Security and Security Eng

This unit provides an introduction to the many facets of security in the digital and networked world, the challenges that IT systems face, and the design principles that have been developed to build secure systems and counter attacks. The unit puts the focus squarely on providing a thorough understanding of security principles and engineering for security. At the same time, we stress a hands-on approach to teach the state-of-the-art incarnations of security principles and technology, and we practice programming for security. We pay particular attention to the fact that security is much more than just technology as we discuss the fields of usability in security, operational security, and cyber-physical systems. At the end of this unit, graduates are prepared for practical demands in their later careers and know how to tackle new, yet unforeseen challenges. This unit also serves as the initial step for a specialisation in computer and communications security.


Academic unit Computer Science
Unit code INFO3616
Unit name Principles of Security and Security Eng
Session, year
Semester 2, 2020
Attendance mode Normal day
Location Camperdown/Darlington, Sydney
Credit points 6

Enrolment rules

ELEC5616 OR INFO2315
Assumed knowledge

(INFO1110 OR INFO1910) AND INFO1112 AND INFO1113 AND MATH1064. Knowledge equivalent to the above units is assumed. This means good programming skills in Python or a C-related language, basic networking knowledge, and skills from discrete mathematics. A technical orientation is absolutely required, especially capacity to become familiar with new technology without explicit supervision.

Available to study abroad and exchange students


Teaching staff and contact details

Coordinator Suranga Seneviratne,
Type Description Weight Due Length
Final exam (Open book) Type C final exam Final examination
Open Book examination
60% Formal exam period 1.5 hours
Outcomes assessed: LO3 LO7 LO4
Assignment group assignment Assignment 1
An assignment that requires submitting answers and code.
10% Week 07 N/A
Outcomes assessed: LO1 LO10 LO7 LO4 LO3 LO2
Assignment group assignment Assignment 2
A report submission analysing papers or security topic + presentation.
10% Week 08 NA
Outcomes assessed: LO1 LO10 LO7 LO4 LO3 LO2
Assignment group assignment Assignment 3
An assignment that requires submitting answers and code.
15% Week 11 N/A
Outcomes assessed: LO1 LO10 LO7 LO4 LO3 LO2
Tutorial quiz Quizzes
Week 11
5% Week 12 30 mins in-class quiz
Outcomes assessed: LO1 LO2 LO3 LO4 LO5 LO6 LO7 LO8 LO9 LO10
group assignment = group assignment ?
Type C final exam = Type C final exam ?

Three assignments.

Assignment 1 & 3 requires a report + code submission. Assignment 2 is report + presentation.

Assessment criteria

The University awards common result grades, set out in the Coursework Policy 2014 (Schedule 1).

As a general guide, a high distinction indicates work of an exceptional standard, a distinction a very high standard, a credit a good standard, and a pass an acceptable standard.

Result name

Detailed information for each assessment can be found on Canvas.

Mark range


High distinction

85 - 100



75 - 84



65 - 74



50 - 64



0 - 49

When you don’t meet the learning outcomes of the unit to a satisfactory standard. It is a policy of the School of Computer Science that in order to pass this unit, a student must achieve at least 40% in the written examination. For subjects without a final exam, the 40% minimum requirement applies to the corresponding major assessment component specified by the lecturer. A student must also achieve an overall final mark of 50 or more. Any student not meeting these requirements may be given a maximum final mark of no more than 45 regardless of their average.

For more information see

Late submission

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date:

  • Deduction of 5% of the maximum mark for each calendar day after the due date.
  • After ten calendar days late, a mark of zero will be awarded.

Special consideration

If you experience short-term circumstances beyond your control, such as illness, injury or misadventure or if you have essential commitments which impact your preparation or performance in an assessment, you may be eligible for special consideration or special arrangements.

Academic integrity

The Current Student website provides information on academic honesty, academic dishonesty, and the resources available to all students.

The University expects students and staff to act ethically and honestly and will treat all allegations of academic dishonesty or plagiarism seriously.

We use similarity detection software to detect potential instances of plagiarism or other forms of academic dishonesty. If such matches indicate evidence of plagiarism or other forms of dishonesty, your teacher is required to report your work for further investigation.

WK Topic Learning activity Learning outcomes
Week 01 Introduction to Security Engineering (2 hr) LO1 LO3 LO4 LO6 LO8
Week 02 Usability and Security (2 hr) LO1 LO3 LO5 LO6 LO8
Week 03 Access Control (2 hr) LO2 LO4 LO6 LO7
Week 04 Symmetric Cryptography (2 hr) LO1 LO2 LO4 LO7 LO9
Week 05 Asymmetric Cryptography (2 hr) LO1 LO2 LO4 LO7 LO9
Week 06 Hashes, MACs, and Signatures (2 hr) LO1 LO2 LO4 LO7 LO9 LO10
Week 07 Authentication, Key Establishment & Distribution (2 hr) LO1 LO2 LO4 LO7 LO9 LO10
Week 08 Network Security - Protocols (2 hr) LO1 LO2 LO4 LO7 LO9 LO10
Week 09 Network Security - Firewalls (2 hr) LO1 LO2 LO4 LO7 LO9 LO10
Week 10 Software Security (2 hr) LO4 LO6 LO9 LO10
Week 11 Threat Modelling (2 hr) LO1 LO2 LO5 LO7 LO8
Week 12 Web Security (2 hr) LO1 LO2 LO5 LO7 LO8

Study commitment

Typically, there is a minimum expectation of 1.5-2 hours of student effort per week per credit point for units of study offered over a full semester. For a 6 credit point unit, this equates to roughly 120-150 hours of student effort in total.

Learning outcomes are what students know, understand and are able to do on completion of a unit of study. They are aligned with the University’s graduate qualities and are assessed as part of the curriculum.

At the completion of this unit, you should be able to:

  • LO1. Search and retrieve relevant literature, and put it into the context of a security setup
  • LO2. Communicate the results of a security study to a non-security audience
  • LO3. identify and understand ethical, legal, and professional issues in security
  • LO4. recognise flaws in IT systems at the design stage
  • LO5. demonstrate knowledge of security principles to follow in designing a system, including implications for usability and performance
  • LO6. apply security principles in design phase
  • LO7. demonstrate knowledge of how security principles are matched to certain technologies, and the security goals they achieve
  • LO8. understand the key representatives of security technologies today
  • LO9. demonstrate knowledge in programming for security (software/communications/network)
  • LO10. understand common tools to explore a security setup and analyse it.

Graduate qualities

The graduate qualities are the qualities and skills that all University of Sydney graduates must demonstrate on successful completion of an award course. As a future Sydney graduate, the set of qualities have been designed to equip you for the contemporary world.

GQ1 Depth of disciplinary expertise

Deep disciplinary expertise is the ability to integrate and rigorously apply knowledge, understanding and skills of a recognised discipline defined by scholarly activity, as well as familiarity with evolving practice of the discipline.

GQ2 Critical thinking and problem solving

Critical thinking and problem solving are the questioning of ideas, evidence and assumptions in order to propose and evaluate hypotheses or alternative arguments before formulating a conclusion or a solution to an identified problem.

GQ3 Oral and written communication

Effective communication, in both oral and written form, is the clear exchange of meaning in a manner that is appropriate to audience and context.

GQ4 Information and digital literacy

Information and digital literacy is the ability to locate, interpret, evaluate, manage, adapt, integrate, create and convey information using appropriate resources, tools and strategies.

GQ5 Inventiveness

Generating novel ideas and solutions.

GQ6 Cultural competence

Cultural Competence is the ability to actively, ethically, respectfully, and successfully engage across and between cultures. In the Australian context, this includes and celebrates Aboriginal and Torres Strait Islander cultures, knowledge systems, and a mature understanding of contemporary issues.

GQ7 Interdisciplinary effectiveness

Interdisciplinary effectiveness is the integration and synthesis of multiple viewpoints and practices, working effectively across disciplinary boundaries.

GQ8 Integrated professional, ethical, and personal identity

An integrated professional, ethical and personal identity is understanding the interaction between one’s personal and professional selves in an ethical context.

GQ9 Influence

Engaging others in a process, idea or vision.

Outcome map

Learning outcomes Graduate qualities
No changes have been made since this unit was last offered.

“IMPORTANT: School policy relating to Academic Dishonesty and Plagiarism.

In assessing a piece of submitted work, the School of Computer Science may reproduce it entirely, may provide a copy to another member of faculty, and/or to an external plagiarism checking service or in-house computer program and may also maintain a copy of the assignment for future checking purposes and/or allow an external service to do so.”


The University reserves the right to amend units of study or no longer offer certain units, including where there are low enrolment numbers.

To help you understand common terms that we use at the University, we offer an online glossary.