Security specialization

at Chalmers and University of Gothenburg

We are proud to possess multifaceted security expertise at Chalmers University of Technology and University of Gothenburg, home to a world-leading research environment on computer and network security.

Based on this expertise, we offer a security specialization that consists of the following course package.

Disclaimer: Specialization course packages are no more and no less than wide range course lists aiming at in-depth focus in specific knowledge areas . Specialization course packages are thus far informal, and the diplomas will not mention them. At the same time, we will maintain this page and encourage referring to this page from your resume.

Computer Security

The course provides basic knowledge in the security area, i.e. how to protect systems against attacks. Attacks may change or delete resources (data, programs, hardware, etc), get unauthorized access to confidential information or make unauthorized use of the system's services. The course covers threats and vulnerabilities, as well as rules, methods and mechanisms for protection. Modeling and assessment of security and dependability as well as metrication methods are covered. A holistic security approach is presented and organizational, business-related, social, human, legal and ethical aspects are treated.

Runs in study period 3


The course covers cryptographic primitives such as private-key and public-key ciphers, hash functions, MAC's and signatures and how to embed these in cryptographic protocols to achieve basic goals such as confidentiality, authentication and non-repudiation, but also more elaborate services, such as key management, digital cash and electronic voting. Many examples of broken protocols are also discussed to enhance understanding of the engineering difficulties in building secure systems.

Runs in study period 2

Language-based Security

The course covers the principles of programming language-based techniques for computer security. The goal is understanding such application-level attacks as races, buffer overruns, covert channels, and code injection as well as mastering the principles behind such language-based protection techniques as static analysis, program transformation, and reference monitoring. The dual perspective of attack vs. protection is threaded through the lectures, laboratory assignments, and projects.

Runs in study period 4.

Network Security

Why is it possible to break into networked applications and computer systems? What weaknesses are used? And what makes one protocol more secure than another? This course answers these questions and many more. We look at weaknesses that have plagued wired and wireless networked systems for years and investigate the security of countermeasures like firewalls and security protocols such as SSL, SSH and IPsec. Knowledge about possible threats and countermeasures is important for understanding what level of security a system and an application can offer.

Runs in study period 4

Security is becoming increasingly important for system design and development. System architects and designers must have security expertise, so that the systems they design do not fall victims to attacks. Software developers and engineers must have security expertise, so that the code they produce cannot be exploited. Security and network specialists must have critical knowledge of security principles and practice, in order to ensure the security of the systems they are responsible for.

Strong ties with industry

OWASP We have tight relations with the Open Web Application Security Project (OWASP). We are actively involved in both the Stockholm and Gothenburg OWASP chapters.

Security Arena Our major connection with industrial stake holders in Sweden is the Security Arena at the Lindholmen Science Park.

URBSEC (Urban Safety and Societal Security Research Center) offers a research interface between practice and academia where needs and problems as experienced by various social actors can be addressed.


Cutting edge research

RICS is a Swedish national research Centre on Resilient Information and Control Systems. The project aims to promote long term research and competence in securing systems on which societal functions depend

WebSec sets out to develop a principled security platform for the web. WebSec is a unique opportunity to break away from temporary patches and short-term mitigations and tackle the challenge of web security at scale.

SysSec is an EU Network of Excellence on Managing Threats and Vulnerabilities in the Future Internet in collaboration with seven high-profile partners.

For questions about master programs, please see the following links:

Responsible for page: Andrei Sabelfeld