Course 95-750:  Security Architecture and Analysis, Fall 2001 

Course Abstract:  

Growing societal dependence on large-scale, highly-distributed, network systems amplifies the consequences of intrusion and compromise.  Such systems face security threats that continue to grow in sophistication and scope.  System architectures must incorporate security capabilities to deal with these threats.  These capabilities include techniques such as boundary control, security protocols, encryption, authentication, intrusion detection, multi-level security, and network partitioning. 

 This course covers architecture fundamentals, security and survivability methods, and development of secure and survivable systems.   Architecture analysis and trade-offs can assess the relative merits of security strategies for particular environments of system use.  In addition, systems must be analyzed and designed for survivability of critical mission functions.  The Survivable Network Analysis method is used to evaluate and improve survivability.  Development of secure and survivable architectures requires effective management and engineering methods to ensure reliable implementation of security strategies.  Course topics include fundamentals of system architecture representation, definition, and analysis, system survivability analysis, security threats and architecture strategies, and security architecture implementation and lifecycle management.  A team project that requires analysis of a system for survivability comprises a substantial portion of the course.  This course provides you with analytical methods to assess and improve system security and survivability.       


Architecture Fundamentals














1a  Aug 29






Course introduction

Concepts of system architectures

HW: Bass Ch 1,2, 5; Anderson Ch 1; handouts

1b  Aug 29


Architecture Reasoning

Reasoning about system architectures Component and network behavior

2a  Sept 5


Architecture Development

Architecture life cycle, processes, and work


Student presentation: “Blueprint for Solving Problems in Your IT Architecture”

HW: Rechtin Ch 1, 2; handouts

2b  Sept 5


Architecture Analysis

Architecture trade-off analysis

Student presentation: “E-Business Architecture Design Issues”

3a  Sept 12


Survivability Analysis

Survivable Network Analysis (SNA) method

Student presentation: “Information Survivability Control Systems”

3b  Sept 12  Project Requirement

Project Overview

Project Signup

Case Study

Project 1

Project 2

Project 3 

SNA Report


Team project Introduction

Introduction to student projects

Team definitions, deliverables discussion

Student presentation: “Developing a Distributed System for Infrastructure Protection”

Security Architectures





































4a  Sept 19


Firewalls (1)


Introduction to firewalls – network architectures, types of firewalls, proxies versus filtering routers

Student presentation

HW: Anderson Ch 18

4b  Sept 19


Firewalls (2)

Security properties and firewalls -complexity and vulnerability, configuration control, changing services, executable content

Student presentation

5a  Sept 26


Project Presentations

SNA Step 1 Team Presentations

5b  Sept 26




Analysis Method for Operational Systems

6a  Oct 3


Intrusion Detection (1)


Types of intrusion detection, architecture support for intrusion detection, IDS research

Student presentation

HW: Anderson Ch 10, Review Ch 18.5

6b  Oct 3


Intrusion Detection (2)

Anomaly Detection

Student presentation

7a  Oct 10


System Security Architectures (1)


Security architectures of operating systems, Distributed application security, system vulnerabilities

Student presentation

HW: Anderson Ch 7

7b  Oct 10


System Security Architectures (2)


Security architectures of operating systems, Distributed application security

Student presentation

Mid-term distributed (Take home)

HW: Anderson Ch 8

8a  Oct 17





8b  Oct 17





9a  Oct 24


Vulnerability Analysis for Architectures (1) 

System vulnerabilities

Student presentation

HW: Anderson Ch 3

9b  Oct 24 Longstaff


Vulnerability Analysis for Architectures (2)

System vulnerabilities

Student presentation

HW: Anderson Ch 4

10a Oct 31


Project Presentations

SNA Step 2 Team Presentations

Mid-term due (turned in)

10b Oct 31

Moore         (Guest)

Intrusion Scenarios

Attack trees

Structured intrusion scenario analysis

11a Nov 7


Secure protocols


Introduction to encryption protocols, public key infrastructures, introduction to Kerberos

Student presentation

HW: Anderson Ch 2

11b Nov 7




Kerberos architecture

Student presentation

HW: Anderson Ch 5

12a Nov 14


Project Presentations

SNA Step 3 Team Presentations

12b Nov 14



Survivability Simulation

Survivability as an emergent property

The EASEL simulation environment and language

       Nov 21

No meeting


13a Nov 28


Managing Architecture Development

COTS-based architectures

Evaluating COTS components

Student presentation

13b Nov 28


Managing System Development

Development planning

Incremental development and testing

Student presentation

14a Dec 5 Mead

Project Presentations

SNA Step 4 Team Presentations

14b Dec 5

Linger, Longstaff, Mead



Review of all course content

       Dec 12

Reading Day


15   Dec 19

Final Exam



Course textbook: 

Anderson, Ross, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley, 2001, ISBN 0-471-38922-6. 

Other reference books: 

Bass, Clements, and Kazman, Software Architecture in Practice, Addison-Wesley, 1998. 

Shaw and Garlan, Software Architecture: Perspectives on an Emerging Discipline, Prentice-Hall, 1996. 

Hoffman, Daniel and Weiss David, Software Fundamentals: Collected Papers of David L. Parnas,Addison-Wesley, 2001.  

Maier and Rechtin, The Art of Systems Architecting, Second Edition, CRC Press, 2000. 

Grading percentages: 

Midterm (take home)                                                              35% of grade

Final Exam (in class)                                                              35% of grade

Team project                                                                           30% of grade


Grading Scale:


A                      90-100%

B                      80-89.99%

C                     70-79.99%

D                     60-69.99%

Not passing            Below 60%


Office hours:  

After class or by appointment 

Instructor Information: 

Tom Longstaff, SEI Room 4500, 412-268-7074 

Rick Linger, 301-926-4858  

Nancy Mead, 412-268-5756  

Teaching Assistant: 

Yi Hu