ENGENSEC framework


The goal of ENGENSEC is to develop, implement and validate a Joint MSc Frame Program in Cyber Security. The Frame program can be bilaterally implemented with Double Degree Diploma to enable cooperation and exchange of students and staff between involved institutions.

The first step was to identify challenges and needs of a joint MSc Frame program in the different Information societies. The second step was to identify suitable contents and processes to develop and implement selected courses. The third, on going, step is to develop and evaluate he study program with related resources and education environments. The next step is to implement, train teachers, and evaluate selected pilot projects.

The results of the initial survey to 52 companies are related to security threat models and existing tools as well as expected education skills developed in the MSc programs.

The following set of seven courses where identified to be part of the ENGENSEC Frame program:

  • Advanced Network & Cloud Security
  • Wireless & Mobile Security
  • Secure Software Development
  • Malware Analysis
  • Web Security
  • Penetration tests and Ethical Hacking
  • Digital Forensic

Furthermore a configurable training environment Remote Security Lab (ReSeLa) was identified to be the training backbone of the program. ReSeLa is further described in this paper.

Development and integration of the eight work packages is done in groups of peers from different organisations. The selection criteria of people were:

Advanced skills in the specific topic

  • Practical skills in the specific topic
  • Teaching experiences on master level
  • Interest and administrative skills in development of master courses

Collaboration within and between teams is facilitated by AdobeConnect meetings and Owncloud.

The educational framework of ENGENSEC adopts the ideas behind the CDIO[1] –  Conceive, Design, Implement, and Operate Framework. The CDIO project started in 2000 with a first set of standards adopted 2004.  The CDIO book version 2 came out 2014. The Lab environments at BTH (Section I) were also heavily influenced by the CDIO ideas.

The suggested courses of ENGENCEC, above, are also a context dependent selection of courses recommended by, for instance, NICE National Initiative for Cybersecurity Education[2]. Specifically NICE Framework[3] .

To foster a common view of the goals and means of the ENGENSEC project a workshop Train the Trainer was organized October 20th – 24th in Schloss Waldhausen in Budeshem, Germany. The workshop was organized by BKA – Bundeskriminalamt, Germany.

A follow up of this workshop is planned as a Summer School during 2015-16.

A key component of the CDIO framework is development of suitable training and education material bringing together students and teachers in learning situations. The ReSeLa will be a key component to that end.