Find out why crypto works and how it’s applied to protect your digital identity, how to develop secure systems (and maybe even prove that the implementation is correct), and how attackers try to break all of these.
We teach Information Security in the CS&BME Master’s degree programmes Computer Science (CS), Information and Computer Engineering (ICE) and Software Engineering and Management (SEM). To study Information Security at TU Graz, you choose it as a Major or Minor in one of these degree programmes. We welcome students from Graz and from abroad – there are attractive scholarships for incoming students. Find out more!
This page covers what you can learn in this degree programme and what’s new compared to the discontinued Wahlpflichtkatalog “IT Security”. New courses are marked as follows:
- This course is completely new
- This new course replaces a previous course (see Transition and Equivalences below)
Each of the degree programmes covers 120 ECTS, which includes courses in the Major, Minor, some optional subjects, and a master’s thesis (30 ECTS). For CS and SEM, the Major includes 10–15 ECTS in Seminars/Projects and 0–4 ECTS in “Science, Technology, and Society”. For SEM, Information Security can only be chosen as a Major and is combined with a Minor in Management. For ICE, the Seminar/Project of 10 ECTS can be added to either Major or Minor, and Information Security is combined with a Major or Minor that focuses on partly on Electrical Engineering. For full details, check the original curricula in TUGRAZonline (currently only in German).
|Curriculum||Major Information Security||Minor Information Security|
|Computer Science (CS)||60 ECTS||24 ECTS|
|Information and Computer Engineering (ICE)||40+ ECTS (plus 10 SP)||20+ ECTS (plus 10 SP)|
|Software Engineering and Management (SEM)||50+ ECTS|
The courses are grouped into 4 modules which reflect our core areas of research and will lead you from the foundations to cutting-edge research and impactful applications. One course per area is part of a compulsory module, while you can freely select the rest of your ECTS from all areas. About two thirds of the courses are offered by the Institute of Applied Information Processing and Communications (IAIK), marked below in full color, the other courses are contributed by other departments.
Security is not a simple property — it needs to be understood from a whole system’s perspective! Want to hack insecure software? Want to exploit the latest side channels, or Meltdown and Spectre? Are you ready for digging deep into the architecture and developing your own secure System-on-Chip?
This module offers a holistic view on system security, giving a deep insight into both software and hardware aspects. In the individual courses you will learn about vulnerability exploitation and secure software development, investigate modern cloud operating systems and compilers, tackle microarchitectural and physical side channels, and design secure hardware components and whole System-on-Chips.
** The course “Secure Software Development” is part of the module “Information Security – Compulsory 1”, which is compulsory in both Major and Minor.
Cryptology & Privacy
Cryptography is the mathematical backbone of information security and provides the foundation of everything secure. This module covers the building blocks and design principles of modern cryptographic protocols. You’ll learn how ciphers protect data authenticity and confidentiality, how cryptanalytic attacks work, and how to ensure privacy by computing with encrypted data. You will acquire an in-depth understanding of modern cryptology and its mathematical foundations.
Also check out the course “Seminar Cryptology and Privacy – Mathematical Foundations of Cryptography” below. For those interested in the security perils of quantum computing, we recommend the lecture “Introduction to quantum computing“.
** The course “Cryptography” is part of the module “Information Security – Compulsory 1”, which is compulsory in both Major and Minor. We recommend that you complete this course before the other courses in this module.
Formal Methods for Security
Formal methods are mathematical techniques and tools used to ensure that hardware and software systems work correctly and enable modeling, verifying, and synthesizing computer systems.
Since secure system design is urgently needed, rigorous formal methods gain more and more importance in the security setting. To gain substantial security improvements, a rigorous analysis of detailed models of secure systems is needed as provided by formal methods.
Indeed, formal methods are the only currently-known approaches able to provide strong end-to-end security guarantees: security guarantees throughout the execution of a system and across abstraction layers.
BSc The course “Logic and Computability” is recommended if not already completed as part of the bachelor’s degree programme.
* The course “Verification and Testing” is part of the module “Information Security – Compulsory 2”, which is compulsory in Major.
To harden software against possible attacks, it is vital to design and implement them in a secure way. This module focuses on threats and security risks you commonly encounter during the lifecycle of desktop and mobile applications. You will learn how encryption and other measures can be integrated into real-world products in order to protect sensitive information. You will obtain a detailed view on practical aspects to deploy secure software.
EN The curriculum lists the discontinued German course “Einführung in das IT-Recht”; check with the dean’s office to ensure that the new English course is recognized.
* The course “Secure Application Design” is part of the module “Information Security – Compulsory 2”, which is compulsory in Major.
Projects and Seminars
In this module, you work on an individual research topic as part of a Seminar/Project to help you acquire research skills in a scientific environment. Moreover, advanced seminars will help you obtain an in-depth background knowledge in your favourite area and deepen your presentation skills. Both will prepare you for your master’s thesis.
In CS and SEM, you choose 10–15 ECTS from this module for the Major. In ICE, you may choose the Seminar/Project for either Major or Minor.
To complete the “Seminar/Project Information Security”, find and contact a supervisor at IAIK whose topics you find most interesting — there is no regular schedule for this course, you can start any time.
Invisible color box for currently unused courses
For your master’s thesis (30 ECTS), you’ll work with our research teams to solve challenges arising in our security research – maybe your results will even lead to a new scientific publication! Contact a supervisor at IAIK to find a suitable topic and start your thesis – maybe browse a selection of our current topics or chat with us first to find out more and help you decide.
CURRICULUM TRANSITION AND EQUIVALENCES
You can study the new CS, ICE, and SEM degree programmes with Major/Minor Information Security starting from Winter Term 2020/21. If you previously studied the discontinued ICE master’s programme, you will be converted to the new one automatically. If you previously studied the discontinued CS or SEM master’s programme, you can either transition any time or continue completing your programme until 30 September 2023.
Many of the courses in the new curriculum are considered ✧ equivalent to old courses, which are no longer offered under their previous names. This equivalence list works both ways: if you previously completed some old courses on the righthand side and switched to the new curriculum, they will be converted to the new courses on the lefthand side. If you did not switch and need some old courses on the righthand side which are no longer offered, complete the corresponding course on the lefthand side.
|Cryptography VO||Applied Cryptography VO|
|Cryptography KU||Applied Cryptography KU|
|Cryptanalysis VO||Applied Cryptography 2 VO|
|Cryptanalysis KU||Applied Cryptography 2 KU|
|Privacy Enhancing Technologies VO||IT Security VO|
|Privacy Enhancing Technologies KU||IT Security KU|
|Seminar Cryptology and Privacy SE||Selected Topics IT Security 2 SE|
|Secure Software Development VO||Security Aspects in Software Development VO|
|Secure Software Development KU||Security Aspects in Software Development KU|
|Digital System Integration and Programming VU||System-on-Chip Architectures and Modelling VU|
|Side-Channel Security VU||Embedded Security VU|
|Mobile Security VO||Advanced Computer Networks VO|
|Mobile Security KU||Advanced Computer Networks KU|
|Secure Application Design VO||Selected Topics IT Security 1 VO|
|Secure Application Design KU||Selected Topics IT Security 1 KU|
|Seminar/Project Information Security SP||Seminar/Project Information Processing SP|
|Seminar/Project Information Security SP||IT Security Project PT|
Additionally, all courses of the previous Wahlfachkatalog “IT Security” in the discontinued CS curriculum as well as “Secure and Correct Systems” in the discontinued ICE and SEM curricula can also be counted towards the new CS module group “Information Security”.
|–||Mathematical Foundations of Cryptography VO|
|–||Mathematical Foundations of Cryptography UE|
|–||Mobile and Nomadic Computing SE|
|–||Wireless Communication Networks and Protocols VO|
|–||Selected Topics Design and Verification VO|
|–||Selected Topics Design and Verification UE|
|–||IT Security, Seminar SE|