Skip to main content
Till KTH:s startsida Till KTH:s startsida

DD2497 Project course in System Security 7.5 credits

A project course that will conclude a track in computer security.

About course offering

For course offering

Autumn 2024 syssec24 programme students

Target group

Open for students admitted to master's programmes as long as it can be included in your programme.

Part of programme

Master's Programme, Computer Science, åk 1, CSST, Conditionally Elective

Master's Programme, Cybersecurity, åk 1, Conditionally Elective

Master's Programme, Cybersecurity, åk 2, Conditionally Elective

Master's Programme, Industrial Engineering and Management, åk 1, PUET, Conditionally Elective


P2 (7.5 hp)


28 Oct 2024
13 Jan 2025

Pace of study


Form of study

Normal Daytime

Language of instruction


Course location

KTH Campus

Number of places

Places are not limited

Planned modular schedule


For course offering

Autumn 2024 syssec24 programme students

Application code



For course offering

Autumn 2024 syssec24 programme students


Roberto Guanciale


No information inserted

Course coordinator

No information inserted


No information inserted
Headings with content from the Course syllabus DD2497 (Autumn 2020–) are denoted with an asterisk ( )

Content and learning outcomes

Course contents

The course includes several technologies for security of system software. The technologies are based on memory isolation, monitoring, static analysis and diversification to prevent, discover or mitigate illegal behaviour.

  • Part I. Trends in system security: buffer overflow, code injection, control flow manipulation, side channel attack, error injection
  • Part II. Design of system software
  • Part III. Mechanisms for system security: memory inspection, remote control, memory address randomization, reliable start, isolation of error in software

The main assignment in the course are to design, implement and evaluate. The work is carried out in groups as a project.

We base our experiments on an existing operating system.

Intended learning outcomes

Having passed the course, the student should be able to:

  • identify vulnerability of systems, exploit them and evaluate their impact
  • compare the efficacy of different countermeasures
  • design and implement security mechanisms for computer systems
  • document their arguments and results

in order to

  • be able to evaluate and improve the security of computer systems.

Literature and preparations

Specific prerequisites

Data security equivalent to the course DD2395.

Recommended prerequisites

Computer security corresponding to the course DD2395. Operative systems corresponding to one of the courses ID1200/ID1206/ID2200/ID2206/IS1350.


No information inserted


No information inserted

Examination and completion

If the course is discontinued, students may request to be examined during the following two academic years.

Grading scale

P, F


  • INL1 - Project documentation, 1.0 credits, grading scale: P, F
  • PRO1 - Project work, 6.5 credits, grading scale: P, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

Opportunity to complete the requirements via supplementary examination

No information inserted

Opportunity to raise an approved grade via renewed examination

No information inserted


Ethical approach

  • All members of a group are responsible for the group's work.
  • In any assessment, every student shall honestly disclose any help received and sources used.
  • In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

Further information

Course room in Canvas

Registered students find further information about the implementation of the course in the course room in Canvas. A link to the course room can be found under the tab Studies in the Personal menu at the start of the course.

Offered by

Main field of study

Computer Science and Engineering

Education cycle

Second cycle

Add-on studies

The degree project.


Roberto Guanciale

Supplementary information

In this course, the EECS code of honor applies, see: