Unit information: Resilient Socio-technical Infrastructures in 2021/22

Unit name	Resilient Socio-technical Infrastructures
Unit code	COMSM0030
Credit points	30
Level of study	M/7
Teaching block(s)	Teaching Block 2 (weeks 13 - 24)
Unit director	Dr. Adepu
Open unit status	Not open
Pre-requisites	COMSM0032
Co-requisites	None
School/department	School of Computer Science
Faculty	Faculty of Engineering

Description including Unit Aims

Students will learn about approaches to keep large socio-technical infrastructures in operation when they operate in partially-trusted settings and even when parts of the infrastructure are compromised, e.g., inclusion of malicious human actors, software or hardware. Topics will include:

• Resilience as more than just a technical issue, inter-relationship between security and safety, and integrated safe-secure architectures.
• How trust is formed and impacted, how to engender trust in large-scale socio-technical infrastructures by the general public and users and mitigating adversarial behaviours in such infrastructures.
• Integrity and recoverability of information (while preserving privacy) in large-scale infrastructures.
• Technical approaches to resilience, e.g., moving target defence, automated software diversity, autonomous (secure) arbitration of resources, hardware roots of trust.
• Graceful recovery when compromised, including automated and semi-automated techniques.

Students undertake an extensive analysis of two major testbed infrastructures, reflect on their resilience and make proposals for improvements.

Aims

Students will develop a deep understanding of the challenges of keeping infrastructures operational when under attack and gain hands-on expertise in analysing large-scale infrastructures from a resilience perspective.

Intended Learning Outcomes

Upon successful completion of this unit students are expected to:

1. Have knowledge of techniques and methods for detecting when large-scale infrastructures are under attack.
2. Be able to analyse the underlying causes of the compromise and develop strategies to keep the infrastructure operational while limiting the attackers’ movement through to other parts of the infrastructure.
3. Have knowledge of techniques to recover the infrastructure to a fully operational, secure and safe state.
4. Ability to analyse the problems from different disciplinary perspectives and devise solutions that synthesise different disciplinary perspectives – leverage both human and technical resources in such infrastructures.
5. Hands-on knowledge and experience of working on TIPS problems in real-world contexts.

Teaching Information

This unit will delivered through a combination of synchronous and asynchronous sessions including taught classes, Q&A sessions and office hours.

Assessment Information

Coursework (100%)

1. Analysis of the Bristol Cyber Security testbed - group work - 40%
2. Analysis of the Energy Demand Management System - group work - 40%
3. Critical reflection - Individual Work - 20%

Resources

If this unit has a Resource List, you will normally find a link to it in the Blackboard area for the unit. Sometimes there will be a separate link for each weekly topic.

If you are unable to access a list through Blackboard, you can also find it via the Resource Lists homepage. Search for the list by the unit name or code (e.g. COMSM0030).

How much time the unit requires
Each credit equates to 10 hours of total student input. For example a 20 credit unit will take you 200 hours of study to complete. Your total learning time is made up of contact time, directed learning tasks, independent learning and assessment activity.

See the Faculty workload statement relating to this unit for more information.

Assessment
The Board of Examiners will consider all cases where students have failed or not completed the assessments required for credit. The Board considers each student's outcomes across all the units which contribute to each year's programme of study. If you have self-certificated your absence from an assessment, you will normally be required to complete it the next time it runs (this is usually in the next assessment period).
The Board of Examiners will take into account any extenuating circumstances and operates within the Regulations and Code of Practice for Taught Programmes.