University aims to attract the finest Cyber minds to its GCHQ certified MSc


News image

The School of Computing is aiming to attract the finest minds from around the World in Cyber security as part of its extensive Cyber educational infastructure.

The approved programme has three modes of study:

The School of Computing at Edinburgh Napier have innovated a wide range of education systems within Cyber education, and have an extensive range of research projects, linking with collaborators across the UK and EU.


The MSc in Advanced Security and Digital Forensics (full-time/part-time) is run within the School of Computing at Edinburgh Napier University. The programme has core modules of:

  • e-Security. 20 credits. CSN11102. Provides fundamental security principles, including for encryption, digital certificates, authentication, and so on. This module provides some core fundamentals within computer security and includes a foundation in IDS (Intrusion Detection Systems) and Software/Network Security.
  • Network Security. 20 credits. CSN11111. Provides a focus on network level architecture and security, with a focus on the key principles used in secure infrastructures, and in the implementation within networked devices.
  • Advanced Cloud and Network Forensics. CSN11123. 20 credits. Provides a focus on cloud security with a key focus on virtualised infrastructures and in deeply understanding the network-based threats and the traces of network traffic created. A key feature is the analysis of trails of evidence that are left across hosts and network devices for attacks. It includes an extensive analysis of SIEM (Security Incident and Event Manage) in order to aggregate logs across multiple systems.
  • Computer Penetration Testing. 20 credits. CSN11127. Provides a solid foundation for the network security testing, with a focus on understanding adversarial roles in computer security.
  • Security, Audit and Compliance. 20 credits. Focuses on the GRC drivers of information security, and relationship between risks, controls and the audit process.
  • Host-based Forensics.  CSN11125. 20 credits. This focuses on understanding the trails of evidence on hosts. The module focuses on current industry practice, and has been developed in co-operation with Police Scotland.

The exit awards are:

  • Post graduate certificate: 60 credits (three taught modules).
  • Post-graduate Diploma: 120 credits (normally either six taught modules).
  • MSc: 180 credits (120 credits, and a 60 credit dissertation). The dissertation is original research which includes a literature review, design/methodology, implementation and evaluation.
For each module that addresses a Security Discipline, please provide a module description to include the syllabus/topics covered and the expected learning outcomes.


The programme includes an extensive underpinning from research, industry, and public sector.  At present the research centre has a number of projects with industry and law enforcement partners. This includes the integration of the EU 2Center Centre of Excellence, and an existing EU Project which focuses on creating an Advanced Cloud-based Training infrastructure for computer security and digital forensics.

The EU project includes academic departments across Europe, including Jožef Stefan Institute (JSI), Police Scotland and Stockholm University (SU). The DFET project has been co-funded by the Prevention of Fight Against Crime Programme of the European Union. This project has a lead over Europe, and innovates in terms of teaching advanced computer security and digital forensics within a dynamic cloud-based infrastructure.


The facilities include:

  • Two dedicated labs. This has two state-of-the-art labs with the capacity for 80 students, with workstations, and security and digital forensics software.
  • Advanced Cloud Training (DFET). This has involved extensive development over the years to create a 10 node cluster infrastructure with 40TB for disk storage, supporting more than 200 students at a time providing a wide range of computer security and digital forensics infrastructures. Each student can have their own environment which can be isolated from others, or can be used in group work to build large-scale networked infrastructures. Over the past year, students have been undertaking advanced penetration testing and malware analysis within sandboxed and isolated environments, and which would not be possible within normal networked equipment. This infrastructure now support face-to-face and distance students, while also being used for industry training, allow students to learn within a safe environment.
  • LinuxZoo. This is an advanced virtualized infrastructure which guides users through computer security and digital forensics tutorials, providing formative and summative feedback, while carrying out monitoring and analysis of student’s performance and progress. Most recently exercises involving the penetration testing of servers and web applications based around the Kali Linux security distribution have been developed, for both practical lab work and module assessments.
  • Latest cyber software. The School have invested in the latest software, each of which is available in the Cloud (for remote access) and group work, and on desktops in the labs. This includes different instances for both Linux and Windows (with the latest attack and defence tools). The DFET Cloud includes advanced sandboxed areas, which are used for advanced penetration testing, and malware analysis. Advanced security instances include Kali Linux, and digital forensics tools are installed in instances for open source (inc. SleuthKit) and closed source tools (inc. EnCase), along with software licence arrangements with a range of companies including Sas, X-Ways, VMware and Cisco Systems.
  • On-line journals. The university has subscription to all the important journals including for IEEE, ACM and Elsevier.
  • Library. The library has invested in a range of printed books and a large amount of online e-Books related to computer security and digital forensics.
  • On-line lectures. Most of the modules have on-line lectures, which have been recorded to support both campus based, and remote learners. This includes a dedicated Youtube channel, with more than 400 on-line lectures, in a dedicated campus based video server.
  • Simulators. The School have developed a range of novel software for training, including for Cisco Simulators for both Windows and Web.
  • This has been created to support a range of modules, and is one of the most advanced Web sites for computer security and digital forensics, in the World. It includes all the major cryptography methods, using demonstrations of the key principles.

More details

Those interested in the programme should contact Prof Bill Buchanan (, Dr Gordon Russell ( or Richard Macfarlane (

[Read More]

Associated people

William Buchanan
Director of CDCS
+44 131 455 2759
Elias Ekonomou
+44 131 455 2789
Jamie Graves
Affiliate Research Fellow
+44 131 455
Robert Ludwiniak
+44 131 455 2780
Bruce Ramsay
Senior Research Fellow
+44 131 455 2746
Adrian Smales
Research Fellow
+44 131 455
Peter Cruickshank
+44 131 455 2309
Lu Fan
Senior Research Fellow
+44 131 455 2438
John Howie
Visiting Professor
+44 131 455
Richard Macfarlane
+44 131 455 2335
Gordon Russell
Senior Lecturer
+44 131 455 2754
Alison Varey
Senior Lecturer
+44 131 455 2725
Dynamic Forensics Evaluation and Training (DFET)
Dynamic Forensics Evaluation and Training (DFET) will create new training methods/techniques to support judicial authorities, law enforcement agencies and associated stakeholders in the fight against cybercrime through the development of a virtual (cloud-based) cybercrime training environment to...
Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.