NWEN405 (2019) - Security Engineering


The Internet's role as a large, public, distributed system has raised security to an issue of critical importance. This course examines security mechanisms, security policies, security evaluation and risk management, security issues in networks and operating systems, and case studies that show how these security techniques can be used to solve real- world problems such as conducting trustworthy auctions and secret ballots.

Course learning objectives

Students who pass this course should be able to:

  1. Demonstrate their understanding of key security concepts through activities such as solving set problems or writing reports.
  2. Demonstrate their understanding of key security engineering principles by applying those principles to the analysis of a secure system.
  3. Demonstrate their understanding of threats to computer systems by being able to carry out an assessment of the security of a networked system.

Course content

Main topics:

  • Technical attacks (malware, networks)
  • Technical defences (IDS, Firewalls, IPS)
  • Causes of vulnerabilities and mitigating them (bugs, building better systems)
  • People (social engineering)
  • Case studies (elections, trustworthy auctions)

Withdrawal from Course

Withdrawal dates and process:


Ian Welch (Coordinator)

We will guest workshop leader Prof Ray Hunt who will run network security labs during the mid-term break.

Teaching Format

We will be working on the network security assignment project during the mid-term break (15, 16, 17 and 18th April). You will be required to be here for at least two days to complete the practical work under supervision. If you cannot make this you must inform the course coordinator as soon as possible and an alternative assessment will be put in place.
During the trimester there will be two lectures per week.

Student feedback

Student feedback on University courses may be found at:  www.cad.vuw.ac.nz/feedback/feedback_display.php

Dates (trimester, teaching & break dates)

  • Teaching: 04 March 2019 - 09 June 2019
  • Break: 15 April 2019 - 28 April 2019
  • Study period: 10 June 2019 - 13 June 2019
  • Exam period: 14 June 2019 - 29 June 2019

Class Times and Room Numbers

04 March 2019 - 14 April 2019

  • Monday 12:00 - 12:50 – 631, Murphy, Kelburn
  • Wednesday 12:00 - 12:50 – 631, Murphy, Kelburn
29 April 2019 - 09 June 2019

  • Monday 12:00 - 12:50 – 631, Murphy, Kelburn
  • Wednesday 12:00 - 12:50 – 631, Murphy, Kelburn


We will be referring to readings from "Computer Security: Principles and Practice, Global Edition eBook (4e)" by William Stallings and Lawrie Brown. There is an e-book version available for NZ$60 from http://www.pearsoned.co.nz/9781292220635
You will be able to access this book for free via the University library website.
We will also be using "Security Engineering" by Ross Anderson. This book is available for free from the authors' website (https://www.cl.cam.ac.uk/~rja14/book.html).

Mandatory Course Requirements

In addition to achieving an overall pass mark of at least 50%, students must:

  • Achieve a minimum of 40% averaged over the two projects..
  • Achieve a minimum of 40% in the final examination.

If you believe that exceptional circumstances may prevent you from meeting the mandatory course requirements, contact the Course Coordinator for advice as soon as possible.


This course will be assessed through two projects and a final examination.

Assessment ItemDue Date or Test DateCLO(s)Percentage
Software security(approx 20 hours).Week 6CLO: 130%
Network security project (approx 20 hours).Week 11CLO: 130%
Final examination (2 hours).During examination period.CLO: 2,340%


Late submissions will receive a penalty of 10% for each day late, rounded up to the nearest whole day.


Students receive two free "late days" for which no penalty will be applied and which are applied automatically by the ECS marking system. You do not need to apply for these. Late days are used in fractions, for example, using 0.1 of a late day leaves you with 1.9 late days. Late days are provided to cope with unexpected problems. Do not use late days to cover procrastination. Extensions to assignments beyond the late days should only be sought in cases of serious personal difficulty (e.g., significant illness) and are considered on their merits. We reserve the right to ask for documentation to support your case.

Submission & Return

All work is submitted through the ECS submission system, accessible through the course web pages. Marks and comments will be returned through the ECS marking system, also available through the course web pages.

Marking Criteria

Details about the assessment requirements and marking criteria will be posted on the ECS course website.


In order to maintain satisfactory progress in NWEN 405, you should plan to spend an average of 10 hours per week on this paper. A plausible and approximate breakdown for these hours would be:

  • Lectures: 2 hours
  • Readings: 4 hours
  • Practical work: 4 hours

Teaching Plan

See https://ecs.victoria.ac.nz/Courses/NWEN405_2019T1/LectureSchedule for the Lecture Schedule.

Communication of Additional Information

The primary means of communication outside of lectures is the NWEN 405 web site at https://ecs.victoria.ac.nz/Courses/NWEN405_2019T1/. There you will find, among other things, more details about course requirements, the course schedule (with links to copies of the lecture slides), details and resources for the project work, the NWEN 405 Forum, ways of getting help, and a link to the assignment submission system. The forum is a web-based bulletin board system. Questions, comments, and responses can be posted to the forum.

Offering CRN: 18606

Points: 15
Prerequisites: NWEN 304, 30 further 300-level pts from (COMP, ECEN, NWEN, SWEN)
Duration: 04 March 2019 - 30 June 2019
Starts: Trimester 1
Campus: Kelburn