This course teaches a threat modeling-based method for analyzing cybersecurity risks for systems-of-systems. It includes developing and combining models for computer system resilience, threat actor capabilities, and business impacts of realised threats into an overall cyber risk assessment. Moreover, the course addresses how cyber risk analysis is used for identifying and arguing for cost-efficient defence mechanism selection for protecting the analysed system-of-systems.
EP2791 Cybersecurity Threat Modelling and Risk Analysis 7.5 credits
Information per course offering
Course offerings are missing for current or upcoming semesters.
Course syllabus as PDF
Please note: all information from the Course syllabus is available on this page in an accessible format.
Course syllabus EP2791 (Autumn 2026–)Headings with content from the Course syllabus EP2791 (Autumn 2026–) are denoted with an asterisk ( )
Content and learning outcomes
Course contents
Intended learning outcomes
After passing the course, the student should be able to
- model in detail the architectures of large-scale computer systems (including software, networks, etc.)
- carefully and well balanced describe and evaluate threats and attacks in complex computer systems
- clearly describe defence mechanisms for computer systems and how these relate to vulnerabilities and attacks
- carry out qualified and well balanced risk analyses based on system models
- in a professional manner report and present models, cybersecurity risk analyses, and defence strategies for a computer system
in order to
- understand and explain which threats a specific system can have
- understand and explain how attacks work and propagate through a system architecture
- argue why certain risks should be prioritised
- choose an effective defence to decrease risks.
Literature and preparations
Specific prerequisites
Knowledge and skills in programming, 5 credits, equivalent to completed course DD1310-DD1318/DD1331/DD1333/DD1337/DD100N/ID1018/ID1022.
Knowledge in cybersecurity, 6 credits, equivalent to completed course DD2391/DD2395/IK2206/IV1013
or
knowledge and skills in ethical hacking, 7,5 credits, equivalent to completed course EN2720
or
knowledge in secure network systems, 7,5 credits, equivalent to completed course EP2500/EP2520.
Literature
You can find information about course literature either in the course memo for the course offering or in the course room in Canvas.
Examination and completion
Grading scale
A, B, C, D, E, FX, F
Examination
- PRO1 - Project Work, 6.5 credits, grading scale: A, B, C, D, E, FX, F
- SEM1 - Seminars, 1.0 credits, grading scale: P, F
Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability. The examiner may apply another examination format when re-examining individual students. If the course is discontinued, students may request to be examined during the following two academic years.
Examiner
No information inserted
Ethical approach
- All members of a group are responsible for the group's work.
- In any assessment, every student shall honestly disclose any help received and sources used.
- In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.
Further information
Course room in Canvas
Registered students find further information about the implementation of the course in the course room in Canvas. A link to the course room can be found under the tab Studies in the Personal menu at the start of the course.
Offered by
Main field of study
Computer Science and Engineering
Education cycle
Second cycle