IV2036 Systems Theory and Security 7.5 credits

Cyernetics and control systems
Generell Systems Theory
Living Systems Theory
Threat - Risk - Protection
* Introduction to the vulnerable society
* Introduction to system theories
* The ICT infrastructure: distributed platforms and distributed computing
* The use of ICT in the society: in the public administration, in the industry, in service provision, in logistics and the supply of energy, water and food
* Scenarios of attacks on national, organisational and personal levels

Present system theories such that the students can understand how to approach IT related security holistically
Having completed this course the student will be able to
1. Define and describe vital concepts of general and particularized system theories and approaches, used as epistemology for the /ICT/security area
2. Explain and exemplify control principles according to various laws and models for steering and control
3. Analyze security and risk according to various laws and models for steering and control.
4. Communicate and analyze threat, risk and security as systemic phenomena and vice versa
5. Identify and report on a /ICT/ security problem, its reason or origin and suggested solutions as reported in /scientific/ journals
6. As a group member report and present in scientific manners, written descriptions and analyses of some current security phenomenon or problem including relating the phenomenon/problem to system theories.
7. Orally present and defend own and debate other groups’ presentations

For "free movers" applying to single courses:

• Completed, documented upper secondary education incl documented proficiency in English  and
• 90 hp in Computer Science, Information technology or equivalent.

Preliminary:

Schoderbek, Schoderbek, Kefelas: Management Systems. Conceptual Considerations (Edition: 4th or later), BPI/IRWIN, 1990, 0-256-07897-1

See First Class for reading instructions

Compendium:
Yngström, Louise: Systemic-Holistic Approach to IT Security, DSV, 1999 or later is available in the course’s First Class

For students who plan a Swedish career the vocabular "Terminologi för informationssäkerhet, SIS HB 550, 2003" is strongly recommended. 

If the course is discontinued, students may request to be examined during the following two academic years.

• INL1 - Assignment, 3.0 credits, grading scale: P, F
• TEN1 - Examination, 4.5 credits, grading scale: A, B, C, D, E, FX, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

Written exam. Assignment incl seminars.

Grading criteria are given for each goal

Examination

1. Define and describe vital concepts of general and particularized system theories and approaches, used as epistemology for the /ICT/security area
A 20 acceptable answers chosen from a predefined list of concepts
B 18 acceptable answers chosen from a predefined list of concepts
C 16 acceptable answers chosen from a predefined list of concepts
D 14 acceptable answers chosen from a predefined list of concepts
E 12 acceptable answers chosen from a predefined list of concepts
Fx 10 acceptable answers chosen from a predefined list of concepts
F Mainly incomplete or wrong answers

2. Explain and exemplify control principles according to various laws and models for steering and control
A Independent and innovative explanation and example of control principles in relation to some law or model for steering and control
B Independent explanation and example of control principles in relation to some law or model for steering and control
C Exhaustive explanation and example of control principles in relation to some law or model for steering and control
D Adequate explanation and example of control principles in relation to some law or model for steering and control
E Adequate explanation or example of control principles in relation to some law or model for steering and control
Fx Weak or partly invalid explanation and/or example of control principles in relation to some law or model for steering and control
F Invalid or no answer

3. Analyze security and risk according to various laws and models for steering and control.
A Independent, innovative and exhaustive analysis of security and risk in relation to some law or model for steering and control
B Independent, and exhaustive analysis of security and risk in relation to some law or model for steering and control
C Exhaustive analysis of security and risk in relation to some law or model for steering and control
D Adequate analysis of security and risk in relation to some law or model for steering and control
E Outlined analysis of security and risk in relation to some law or model for steering and control
Fx Weak or partly invalid analysis of security and risk in relation to some law or model for steering and control
F Invalid or no answer

4. Communicate and analyze threat, risk and security as systemic phenomena and vice versa
A Independent, innovative and exhaustive analysis of the relation threat-risk-security and systemic phenomena
B Independent and exhaustive analysis of the relation threat-risk-security and systemic phenomena
C Exhaustive analysis of the relation threat-risk-security and systemic phenomena
D Adequate analysis of the relation threat-risk-security and systemic phenomena
E Outlined analysis of the relation threat-risk-security and systemic phenomena
Fx Weak or partly invalid analysis of the relation threat-risk-security and systemic phenomena
F Invalid or no answer

5. Identify and report on a /ICT/ security problem, its reason or origin and suggested solutions as reported in /scientific/ journals
A Independently, innovative, exhaustive and in proper language (English or Swedish) state and comment the problem described, its reason or origin and suggested solution
B Independently, exhaustive and in proper language (English or Swedish) state and comment the problem described, its reason or origin and suggested solution
C Exhaustive and in proper language (English or Swedish) state and comment the problem described, its reason or origin and suggested solution
D Adequately and in proper language (English or Swedish) state and comment the problem described, its reason or origin and suggested solution
E Outlining the problem described, its reason or origin and suggested solution
Fx Weak or partly invalid statements and comments to the problem described, its reason or origin and suggested solution
F Invalid or no answer

Group assignment
6. As a group member report and present in scientific manners, written descriptions and analyses of some current security phenomenon or problem including relating the phenomenon/problem to system theories.

P Written presentation: A group of 1-3 persons shall for a seminar present a content wise well structured report inevitably produced by the group itself according to a pre-defined format in proper English or Swedish. The report shall further show how system theories/models can be applied to the chosen subject. References have to be treated in a united and correct way in text as well as in the list of references/bibliography.
Fx Written presentation: Incompleteness regarding structure of report, conduct of language, application of system theories on chosen subject as well as treatment of references
F Written presentation: inability to present a full report produced by the group itself

7. Orally present and defend own and debate other groups' presentations
P Supported by audiovisual material all group members shall participate at the presentation of own group and participate in discussions and debates of other groups' work at seminar
Fx Insufficient participation in presentation or discussion of own or other groups reports at seminar
F Not participated at presentation and discussions of own or other groups' work.

Grading of the exam questions
A At least 4 A and nothing lower than B (or equv weight)
B At least 4 B and nothing lower than C (or equv weight)
C At least 4 C and nothing lower than E (or equv weight)
D At least 3 D and nothing lower than E (or equv weight)
E At least E on all
Fx At least 3Fx (or equiv weight)
F All others

Grading of assignment
P/Fx/F

Grading of the course equals the exam grade

Louise Yngström

• All members of a group are responsible for the group's work.
• In any assessment, every student shall honestly disclose any help received and sources used.
• In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

IV2024 "Principles of Computer Security"