CmpE 494 Sp. Tp. Information Security 2019 Fall

Course Schedule: 


Course Program: 

Information Security is a course that provides the students with comprehensive, in-depth knowledge about information and computer security. This field is of importance for every individual: think of the privacy concerns when we are using social media, or consider the viruses and worms that endanger our computers. Moreover, security is crucial when it comes to organizations, which have to protect themselves from attackers aiming to spoil their reputation or to steal some trade secrets, have to train their own employees so that they act in accordance with security best practices and norms, and have to design software systems that are not harmful and that cannot be exploited by attackers.

Upon completion of the course, the student:

  • Can explain and illustrate the main security properties such as confidentiality, integrity, and authenticity.
  • Knows the fundamental security terminology that is essential to read security news, bulletins, and to apprehend advanced techniques
  • Can recognize and explain the main attacks to computer and information security
  • Knows the main security solutions and their underlying principles
  • Can conduct risk analysis to determine the most adequate set of security solutions for a given context
  • Can apply state-of-the-art techniques to design secure software systems, especially during the requirements engineering phase

The course will feature a tight interplay between theory and practice.


Security in Computing (5th Edition) by Charles P. Pfleeger, Shari Lawrence Pfleeger, Jonathan Margulies. Prentice Hall, ISBN: 978-0134085043


Evaluation (subject to change):

The course includes three graded components:

  1. Seven Bi-weekly tests on materials presented in the previous week(s) (Each 4% of the final grade)
  2. Two group assignments (Each 15% of the final grade)
    1. A1: Risk assessment with Coras
    2. A2: Security requirements modeling with STS-ml
  3. Final exam (42% of the final grade)

In order for a student to pass, three conditions should hold

  • The average grade of the bi-weekly tests should be at least 60
  • The grade of the final exam should be at least 55
  • The overall weighted average of all components should be at least 55

How do I repair my grade?

  • If tests < 60 → Retake of the bi-weekly tests
    • Failed or missed tests (1) → Retake the missed test (different questions on the same contents)
    • Failed (2+) or missed tests (2) → Retake the two tests with the lowest grade (different questions on the same contents)
    • Missed tests (more than 2)  → Fail (case will be discussed with the instructor)
  • If exam ≥ 55 and tests ≥ 60 and overall average < 55 → hand in revision of A1 and/or A2 (discuss with instructor)


  • The tests and final examination will be “closed books and notes”.
  • You can follow the announcements about the course from Moodle.
  • You can obtain the text book from the bookstore and some of the reference books from the instructor.
  • Attendance for both the tests and the final exam, and submitting both projects are obligatory. Otherwise, you will fail the course, regardless of the grades obtained in other parts of the course.
  • Attendance for lectures is not obligatory. But you are responsible from lectures’ contents.
  • We will strictly follow the department’s rules and regulations for cheating behavior during this course.


Contact us

Department of Computer Engineering, Boğaziçi University,
34342 Bebek, Istanbul, Turkey

  • Phone: +90 212 359 45 23/24
  • Fax: +90 212 2872461

Connect with us

We're on Social Networks. Follow us & get in touch.