University of Malta

Study-Unit Description
UOM Main Page
Apply - Admissions 2016
Campus Map button


TITLE Security, Quality and Risk Issues in I.S.

LEVEL 03 - Years 2, 3, 4 in Modular Undergraduate Course


DEPARTMENT Computer Information Systems

DESCRIPTION Operating system security: Writing secure applications; Proactive Security Development Processes.
Threat Modelling; Secure Coding Techniques; Least Privileges & Access Control (Linux, Unix, XP, Vista);
Input Issues; Secure Software Installation;
Securing RPC, ActiveX and DCOM; Securing .NET code.

Internet security: security concerns in Email, USENET, RSS and the Web;
Cross-Site Scripting Attacks; Cryptography & Attacks on Web Services;
User Input Attacks; Client Vulnerabilities;
State-based Attacks; Server Attacks;
Denial of Service & DDOS Attacks; Threats of Malicious Software and its Removal.

Security Testing & Mitigating Problems.

Quality Management Issues;
Quality Standards BS5750, ISO9001, TickIt;
Quality Planning and Review Issues and configuration management;
Quality Systems for software;
The quality elements for ISO9001.

Introduction to Project Risk Management;
Risk administration techniques;
Risk identification activities;
Risk quantification and impact estimation;
Risk prioritizing and filtering;
Risk mitigation strategies;
The SERIM and RISKMAN methodologies.

• Mike Andrews & James A Whittaker How to break Web Software: Functional and Security Testing of Web Applications and Web Services Addison-Wesley Professional ISBN-10: 0321369440 ISBN-13: 978-0321369444.
• Michael Howard & David C. LeBlanc Writing Secure Code, Second Edition Microsoft Press ISBN-10: 0735617228 ISBN-13: 978-0735617223.
• William Stallings Cryptography and Network Security: Principles and Practices (3rd ed) Prentice-Hall ISBN: 0-13-091429-0.
• Karolak P., Software Engineering Risk Management, Wiley-IEEE Computer Society Press.
• Carter B., Introducing RISKMAN Methodology, NCC Blackwell.
• Oskarsson O., ISO9000 Approach to building quality software, Prentice Hall.
• Bentley C., Quality Management within Prince, Stationery Office Books.

ADDITIONAL NOTES Students taking this study-unit require expertise in CIS.


Assessment Component/s Resit Availability Weighting
Examination (3 Hours) Yes 100%

Anthony Spiteri Staines

The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints.
Units not attracting a sufficient number of registrations may be withdrawn without notice.
It should be noted that all the information in the study-unit description above applies to the academic year 2017/8, if study-unit is available during this academic year, and may be subject to change in subsequent years.
Study-unit Registration Forms 2017/8


For Undergraduate (Day) and Postgraduate students.


Faculty of ICT Timetables


ICT Timetables are available from Here.

Health and Safety Regulations for Laboratories Form

The Faculty of ICT Health and Safety Regulations for Laboratories form can be found here


13th Edition of EY’s Annual Attractiveness Event




The 13th Edition of EY’s Annual Attractiveness event will be held on 25th October 2017 at the InterContinental Hotel,

St. Julians. It is titled "Thinking without the box: disruption, technology and FDI".


The  students' invitation and more information can be found here

The conference programme can be found here



Log In back to UoM Homepage