204. Trusted Systems Engineering
Lecture, four hours; outside study, eight hours. Trust is placed in information systems to behave properly, but cyber threats and breaches have become routine, including penetration of financial, medical, government, and national security systems. To build systems that can protect confidentiality, integrity, and availability involves more than composing systems from network security, computer security, data security, cryptography, etc. One can use most secure components, and resulting system could still be vulnerable. Skills learned ensure that systems are architected, designed, implemented, tested, and operated for specific levels of trust. Aspects include assessing vulnerability and risk for systems, establishing protection principles, and using them as guide to formulate system architectures; translating architecture into system design and verifying correctness of design; and constructing and following trusted development and implementation process. Letter grading.