Output #
- A defensive programme as set out in the KSBs listed.
- A written justification for the approach taken (a 1,000 word +/- 100 words written document).
KSBs #
| Type | Index | Name | Pass Description |
|---|---|---|---|
| TC | 6 | Write, test, debug programs in high and low level languages and scripts. | Write, test and debug a programme in a highlevel language that works to achieve a defined specification. Design and implement solutions to problems using a variety of programming styles. Map between a high-level programming language expression and its low-level executable code. Design and implement simple solutions directly in an assembler language. Design and implement solutions using a scripting language. |
| TC | 7 | Design, implement and analyse algorithms. | Design, implement and analyse algorithms for solving problems. |
| TC | 10 | Apply secure programming principles and design patterns to address security issues. | Apply secure programming principles to analyse software designs and implementations to mitigate identified security vulnerabilities to produce more resilient code, with evidence. Apply secure design patterns and organisational coding standards in the development of a software solution. |
| TC | 11 | Apply system engineering and software development methodologies and models. | Apply a systematic software development methodology, employing appropriate tools, to develop a solution that meets the needs of users and customers and that addresses the whole lifecycle. Create a system description of a complex system of interest including aspects of people, culture, technology and process in a defined environment. Use the system description to identify and analyse security aspects. |
| TKU | 6 | Algorithm and program design concepts, compilers and logic. Programming languages. | Understand: algorithms and program design; fundamental programming concepts; fundamental data structures; typical program development environment and methods. Understand that programming languages are the medium through which programmers precisely define concepts, formulate algorithms, and reason about solutions: object-oriented programming; functional programming; event driven and reactive programming; language translation and execution; syntax analysis; compiler semantic analysis; code generation; coding in assembler; machine code; scripting language. |
| TKU | 7 | Algorithms, complexity and discrete maths. | Understand the central concepts of algorithms and complexity: analysis; algorithmic strategies; fundamental data structures and strategies; automata, computability and complexity. Understand the foundations of discrete mathematics applied to computing: sets, relations and functions; logic and proof techniques; graphs and trees. |
| TKU | 10 | Defensive programming, malware resistance, code analysis, formal methods, good practice. | Knowledge and understanding of defensive programming (input validation, least privilege, defence in depth, data sanitization, etc.) Understanding of how to resist malware techniques (memory corruption, code injection, user/kernel space vulnerabilities, privilege escalation, etc.) Use of design patterns for developing secure software. Understand how to use compiler features to support creation of secure code. Understand how to apply static and dynamic code analysis techniques. Obtain and apply sources of secure programming practices, including employer or software development organisation, for different types of software systems (OWASP, CERT, etc.). Describe at least 1 formal method (e.g. CSP) that may be applied to software development and its strengths and weaknesses when applied to development of software with security properties. Defensive programming |
| TKU | 11 | System development principles, tools, approaches, complexity, software engineering. | Understand of how the different aspects in a software development lifecycle combine to deliver a successful outcome. (Considering: meeting a need, design, trade-offs, implementation, deployment, support, evolution, validation, verification and assurance). Describe different approaches to developing software, including sequential, iterative/agile approaches. Give an explanation of the advantages and disadvantages of different software development processes, and justify choice of process in different contexts. Understand how to select and use different tools and environments that support software development at different stages in the lifecycle. Understand the principles of systems engineering, including all aspects of technology, people, culture and process and the environment within which a system of interest exists and operates. Explain the benefits of a system approach to dealing with challenges arising from complexity, emergence, adaption and co-evolution. |
| UPIBKS | Fluent in written communications and able to articulate complex issues. | Produce well-structured and concise written work that sets out complex technical matters in ways which that would be accessible to non-technical recipients as well as technical staff (as appropriate). | |
| UPIBKS | Analytical and critical thinking skills for Technology Solutions development and can systematically analyse and apply structured problem-solving techniques to complex systems and situations. | Evaluate information and then make a rational decision on the approach to take to solve the problem, based on their findings; spot trends in data and articulate the implications. | |
| UPIBKS | Can conduct effective research, using literature and other media. | Put into practice sound research techniques (using literature and other media) and articulate in writing and/or verbally how they have utilised the findings in their work. | |
| UPIBKS | Logical thinking and creative approach to problem solving. | Observe and analyse phenomena, reactions and feedback, and draw logical conclusions based on that input. | |
| UPIBKS | Able to demonstrate a ‘security mind-set’ (how to break as well as make). | Think about how things can be made to fail, as well as about how things can be made to work. | |
| Bh | Demonstrates business disciplines, ethics and courtesies, demonstrating timeliness and focus when faced with distractions and the ability to complete tasks to a deadline with high quality. | Act in a professional way as required in the cyber security context. | |
| Bh | Flexible attitude and ability to perform under pressure. | Deliver the best project outcomes against goals, re-prioritising as necessary, even in challenging circumstances. |