COMP0107 Language Based Security

This database contains the 2018-19 versions of syllabuses.

Note: Whilst every effort is made to keep the syllabus and assessment records correct, the precise details must be checked with the lecturer(s).

Academic session



Language Based Security



Module delivery

1819/A7P/T2/COMP0107 Postgraduate

Related deliveries

1819/A7U/T2/COMP0107 Masters (MEng)

Prior deliveries




FHEQ Level


FHEQ credits



Term 2

Module leader

Clark, David


Clark, David

Module administrator

Nolan, Martin


The aim of this module is to provide students with specialist knowledge and understanding to solve software related problems associated with the security of software systems.

Learning outcomes

On successful completion of the module, a student will be able to:

  1. understand the relationship between computer program design and security.
  2. understand how various security-related properties of computer programs are formulated and guaranteed.
  3. understand how to apply in-depth knowledge of a variety of contexts.

Availability and prerequisites

This module delivery is available for selection on the below-listed programmes. The relevant programme structure will specify whether the module is core, optional, or elective.

In order to be eligible to select this module as optional or elective, where available, students must meet all prerequisite conditions to the satisfaction of the module leader. Places for students taking the module as optional or elective are limited and will be allocated according to the department’s module selection policy.

Programmes on which available:

  • MSc Computer Science
  • MSc Software Systems Engineering


To be eligible to select this module, students must have:

  • an understanding of the basics of programming and software engineering.


The course covers in depth major issues in computer security related to computer programming, in particular it provides a detailed treatment of theory and practice for:

  1. Vulnerabilities and faults
  2. Secure information flow

Students will be introduced to removal of vulnerabilities of code via fault detection. Topics covered will include Data Flow Analysis and Fuzz Testing.

The bulk of the course will be devoted to theory and practice of secure information flow. Students will learn how to use dependence analysis extracted via a slicing tool to do practical information flow control. They will learn how type systems can be used to assess information flow properties such as confidentiality and tainting. They will be taught some underlying theory and progress to more advanced topics such as flow sensitive type systems, information erasure, declassification, Secure Multi Execution and measuring information flow. Concepts will be illustrated with code examples and techniques supported by tools such as JIF, PARAGON, CBMC and LeakWatch.

An indicative reading list is available via


The module is delivered through a combination of lectures, problem solving sessions and training on laboratory tools.


This module delivery is assessed as below:



Weight (%)



Unseen written examination (2hrs 30mins)




Review essay




Technical exercise



In order to pass this module delivery, students must achieve an overall weighted module mark of 50%.