Ongoing courses Autumn 2024
Responsible: Nurul Momen – Blekinge Institute of Technology
Every sector of the global economy relies on software. This makes software one of the principal targets for state-sponsored groups, military, criminals and other type of adversaries. Such attacks try to exploit insecure code, that is seemingly innocent bugs, which allow the adversaries to obtain unauthorized access to information or to take full control of compromised systems. The purpose of this course is to train software professionals in understanding in depth how insecure code can be exploited. In addition, it will equip them with knowledge in how to defend against this type attacks.
The course begins by analyzing technical, psychological, and real-world factors that lead to production of vulnerable code. This is important knowledge for both developers and managers as it allows them to take actions that mitigate the impact of these factors, both when programming is performed but also during project management.
Software exploits use specially crafted input data to applications and services to leverage logic flaws in the code that processes the input. Typically, the exploits overwrite specific structures in the program memory space, which allows them to bypass access control mechanisms and/or execute code provided as part of the input data. Therefore, a large part of the course is dedicated to understanding how exploits are constructed, essentially learning attackers’ “modus operandi”.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Programvarusäkerhet
- Course Code: DV2620
- Admission requirements: Admission to the course requires 90 credits, of which at least 40 credits are in a technical area where one completed course shall be in programming in C or C++ with a minimum of 6 credits or at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
- The course runs at 50% study pace, on distance.
- All education and examination are held on distance
- Download syllabus here
Responsible: Victor Kebande, Jianguo Ding – Blekinge Institute of Technology
The course addresses fundamental questions related to how to build trusted systems. The focus will be on specific characteristics and approaches that allow to build trust into systems. In addition, methods to ensure that computers and services behave faithfully to the implementation specifications will be presented as well as approaches for detecting malicious deviations from the specifications. This course also introduces Blockchain concepts, security perspective of blockchain, consensus in blockchain, the decentralized philosophy behind Blockchain, as well as the main discussions in Blockchain environment and its potential applications.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Betrodda system
- Course Code: DV2632
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance.
- Download syllabus here
Responsible: Anders Carlsson – Blekinge Institute of Technology
Web application security encompasses that the student should learn to understand and discover weaknesses and vulnerabilities in web applications both on the server side and on the client side as well as be able to develop solutions for protection and conduct tests.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Säkerhet i webbsystem
- Course Code: DV2621
- Admission requirements: Admission to the course require 90 credits, of which at least 40 credits are in a technical area with one completed course with a minimum of 6 credits in programming in C or C++, PHP or Python and one completed course with a minimum of 4 credits in Network Security, Data Communication, Network Technologies and one completed course with a minimum of 4 credits in Web Technologies or Databases or at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
- The course runs at 50% study pace, on distance.
- All education and examination are held on distance.
- Download syllabus here
Responsible: Oleksii Baranovskyi – Blekinge Institute of Technology
Knowing how well security measures work, or how protected an organisation or systems is, can be difficult to quantify. The course aims to answer questions such as: – How to measure security? – What can be measured? The course presents several security metrics and how they can be implemented and used as KPIs.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Sårbarhetsanalys och riskhantering
- Course Code: DV2625
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
- Download syllabus here
Responsible: Franz Zieris – Blekinge Institute of Technology
This course explains how a secure development process is expected by industry regulators, and how to implement it in an agile and DevOps lifecycle.
This course will cover secure agile and DevOps software development with a focus on the following components:
- People: Enablement of agile teams for security through awareness, training and coaching.
- Processes: Implementation of security activities into well-known agile development processes such as SCRUM or SAFe. Security activities are analyzed based on relevant industry security standards.
- Technology: Description of security tools and technologies that can automate security activities in the agile & DevOps way of working.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Utveckling, säkerhet och drift (DevSecOps)
- Course Code: PA2588
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance.
- Download syllabus here
Responsible: Dragos Ilie – Blekinge Institute of Technology
The course aims to provide students with the skills of real-world threats analysis including phishing attacks, targeted attacks (APTs), cyber weapon, ransomware (cryptolockers) The analysis of such threats requires a special type of education focused on the analysis of modern threats and protection technologies.
The course gives knowledge and practical skills in malware analysis for Windows and Android platforms (x86 and ARM). The students will obtain practical skills in reverse engineering, static and dynamic analysis of malware used in the real-life cyber attacks.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Analys av Skadlig Programvara
- Course Code: DV2613
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance.
- Download syllabus here
Responsible: Dragos Ilie – Blekinge Institute of Technology
Cryptography is a collective for different methods that are used to modify data with the aim of prevent unauthorized access or modifications to it. As a result, cryptography is an important part of modern cyber security. During this course you will study the basics for different cryptographic methods. In addition, you will also learn how to use them in a practical way in order to increase the security for IT-systems.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Tillämpad kryptografi
- Course Code: DV2616
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance.
- Download syllabus here
Responsible: Anders Carlsson, Oleksii Baranovskyi – Blekinge Institute of Technology
Companies and their IT systems are affected by advanced intrusions, various ransomware attacks and or thefts of both sensitive and secret information. In case of being compromised companies need to understand their weak points, ways of intrusion and attackers attributes. The course focuses on developing the student’s skills to investigate and analyze complex cyber attacks (Cyber Kill Chain) and to track the threat actor, discover exploited vulnerabilities so that companies can restore data and system integrity.
Digital forensic is the process of detecting and investigating hacking attacks via properly extracted and analyzed evidence and artifacts to report the crime and prevent similar attacks in the future. The crime with computers and digital technologies in today’s cyber world is on the rise. Digital forensic techniques are being used by law enforcement agencies, police, government, and corporate entities around the world. The tools and techniques covered in the course will prepare the attendees to conduct digital forensic investigations using ground-breaking technologies.
More info:
- Course webpage at Blekinge Institute of Technology
- Course title in Swedish: Avancerad Digital Undersökningsteknik
- Course Code: DV2637
- Admission requirements: Admission to the course requires 120 credits of which 90 credits must be in a technical area
of which 6 credits must be a completed course in Opearating Systems and 6 credits a
completed course in Data Communication and Network Technologies or at least 120
credits, of which at least 90 credits are in a technical area, and a minimum of 2 years
professional experience within an area related to software-intensive product and/or service
development (shown by, for example, a work certificate from an employer). - The course runs at 50% study pace, on distance
- All education and examination are held on distance.
- Download syllabus here
Upcoming courses Spring 2025
Responsible: Oleksii Baranovskyi, Alexander Adamov – Blekinge Institute of Technology
This course introduces the concept of secure architecture which implies mitigation of potential confidentiality, integrity, and availability (CIA triad) threats by incorporating security elements such as demilitarized zone (DMZ), Anti-DDoS, load balancing, logging-monitoring-alerting (LMA), and incident response domain as well as by using corresponding security practices at the design stage that include but not limited to analysis of attack surface, threat modeling (STRIDE), and risk assessment (CVSS and OWASP Risk Rating Methodology). The design of secure cloud-based architectures is the primary focus of the course in light of premise-to-cloud migration.
More info:
- APPLY via course webpage at Blekinge Institute of Technology
- Course title in Swedish: Säker mjukvaruarkitektur
- Course Code: PA2594
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
- Download syllabus here
Responsible: Oleksii Baranvoskyi, Patrik Arlos – Blekinge Institute of Technology
The course covers different aspects of securing OS and system services to provide the safe environment for running cloud-based services. The following guidelines will be considered during the course as well as pracTical implementation of Windows and Linux platforms hardening using scripts (e.g. PowerShell and Ansible) to provide automation.
More info:
- APPLY via course webpage at Blekinge Institute of Technology
- Course title in Swedish: Säkerhetshärdning för operativsystem
- Course Code: DV2634
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
- Download syllabus here
Responsible: Oleksandr Kosenkov – Blekinge Institute of Technology
There is an increasing concern from users regarding the use and leakage of their personal data. Moreover, compliance with privacy regulations is required by the government and privacy should be incorporated by design and by default when developing software-intensive products and services. Hence, privacy has become a top challenge in software development and good privacy measures can improve data security and promote quality.
More info:
- APPLY via course webpage at Blekinge Institute of Technology
- Course title in Swedish: Säkerhet, integritet och efterlevnad
- Course Code: PA2593
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
- Download syllabus here
Course responsible: Alexander Adamov – Blekinge Institute of Technology
The purpose of this course is to introduce security practices within the Software Development Lifecycle (SDLC) at the requirements, design, implementation, verification, and after release stages of software development.
This course is the guide to the cybersecurity issues arising throughout the entire development process. We consider the development from the security perspective from the beginning stage until the final release and beyond. The course is adapted to give a solid introduction to non-security-experts mainly and addresses both how professionals (developers, managers, decision-makers) can utilize security to improve (software-based) products/services, and how they are affected by security issues and challenges.
Whether you are a software developer in a bank or telecom company, or you are a product manager in a gaming company, this course will be relevant for you.
More info:
- APPLY via course webpage via Blekinge Institute of Technology
- Course title in Swedish: Introduktion till säkerhet för mjukvaruutveckling
- Course code: PA2585
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- Download syllabus here
Upcoming courses Autumn 2025
More information to follow
More information to follow
Entry Requirements
PROMIS courses requires at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
Even if you don’t have the formal academic merits, you might be qualified for the course through validation. See more info below.
How to Apply and How to complete and Employer’s certificate
Apply via antagning.se or universityadmission.se
Download a template below and add your personal details and your employer’s signature. You should then upload the certificate togheter with your course application on antagning.se
- Arbetsgivarintyg: PDF (Swedish)
- Employers Certificate: PDF (English)
How to apply for PROMIS courses
Visit antagning.se / universityadmission.se and perform the following steps:
- Create a user account
- Search for the PROMIS courses by the name of the course or use the link in the course description on this site.
- Fill out and send in your application.
- Upload your required documents (including your Employer’s certificate for eligibility).
- Check your e-mail for any messages regarding your application. If you for example need to make up missing requirements you will receive an e-mail and you must check your application on antagning.se
- Reply to any offers of admission.
How to apply without having the academics merits needed to meet the entry requirements?
Even if you don’t have the formal academics merits needed for a specific PROMIS course, your background may make it possible for you to be qualified for the course through validation.
Validation is “a process of a structured assessment, valuing, documentation and recognition of knowledge and competences that an individual has gained, irrespective of how they have been acquired”. (Government definition DS 2003:23)
This means an assessment of an individual’s knowledge and competence, regardless how, where or when they were acquired – in the formal education system or in some other way in Sweden or abroad, just recently or a long time ago.
If you think your knowledge and competences will qualify you for a PROMIS course, you must fill in the form Ansökan om bedömning av reell kompetens/att undantag görs (antagning.se)
For the corresponding form in English, visit http://www.promptedu.se/promptwp/wp-content/uploads/2015/11/reell_kompetens_blankett_en-GB.pdf and upload your CV, with description of your professional background. Your CV must describe your knowledge and competences in relation to the entry requirements. If we need more information from you, we will contact you.
For more information, please contact Anna Eriksson, aes@bth.se or Monique Johansson, mow@bth.se
I want to apply to a PROMIS course, but the deadline at antagning.se has passed?
When the last day to apply has passed, it is still possible to submit a late application to courses, but please note that this only applies for courses that are open for a late application.
Once I get accepted for a course within PROMIS, what do I need to do next?
You will receive a letter of admission with information regarding how to participate in a PROMIS course. It is important that you follow the instructions given in the letter of admission.
What is a ‘Credit’ (‘hp’)
Credits (‘Högskolepoäng’ in Swedish) are a way to measure the length and scope of academic studies. 1.5 credits correspond to one week of full-time studies (40 hours). A course of 7.5 credits corresponds to 200 hours of studies. PROMIS courses are normally run at a pace of 25%, which means that a course of 7.5 credits or 200 hours is run over a full semester.
PROMIS courses
Responsible: Anders Carlsson, Oleksii Baranovskyi – Blekinge Institute of Technology
Companies and their IT systems are affected by advanced intrusions, various ransomware attacks and or thefts of both sensitive and secret information. In case of being compromised companies need to understand their weak points, ways of intrusion and attackers attributes. The course focuses on developing the student’s skills to investigate and analyze complex cyber attacks (Cyber Kill Chain) and to track the threat actor, discover exploited vulnerabilities so that companies can restore data and system integrity.
Digital forensic is the process of detecting and investigating hacking attacks via properly extracted and analyzed evidence and artifacts to report the crime and prevent similar attacks in the future. The crime with computers and digital technologies in today’s cyber world is on the rise. Digital forensic techniques are being used by law enforcement agencies, police, government, and corporate entities around the world. The tools and techniques covered in the course will prepare the attendees to conduct digital forensic investigations using ground-breaking technologies.
More info:
- Course title in Swedish: Avancerad Digital Undersökningsteknik
- Course Code: DV2611
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Responsible: Dragos Ilie – Blekinge Institute of Technology
Cryptography is a collective for different methods that are used to modify data with the aim of prevent unauthorized access or modifications to it. As a result, cryptography is an important part of modern cyber security. During this course you will study the basics for different cryptographic methods. In addition, you will also learn how to use them in a practical way in order to increase the security for IT-systems.
More info:
- Course title in Swedish: Tillämpad kryptografi
- Course Code: DV2616
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Responsible: Alexander Adamov – Blekinge Institute of Technology
The course aims to provide students with the skills of real-world threats analysis including phishing attacks, targeted attacks (APTs), cyber weapon, ransomware (cryptolockers) The analysis of such threats requires a special type of education focused on the analysis of modern threats and protection technologies.
The course gives knowledge and practical skills in malware analysis for Windows and Android platforms (x86 and ARM). The students will obtain practical skills in reverse engineering, static and dynamic analysis of malware used in the real-life cyber attacks.
More info:
- Course title in Swedish: Analys av Skadlig Programvara
- Course Code: DV2613
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Course responsible: Volodymyr Tkach, Victor Kebande – Blekinge Institute of Technology
Organisations today produce a large amount of data. This course covers how to utilize that data for cybersecurity purposes. It covers topics such as how to acquire (e.g., through SIEM) and prepare security data, from collection and storage to management and analysis as well as visualization and presentation, predicting rouge behaviors, and correlate security events. How to use data science to understand and communicate security problems.
More info:
- Course title in Swedish: Datastyrd Säkerhet
- Course code: DV2610
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Course responsible: Volodomyr Tkach, Victor Kebande – Blekinge Institute of Technology
The main objective of this course is to acquaint students with existing approaches, methods, and tools of machine Learning (ML) for security as well as unveil security issues in ML itself.
This course is divided into the following two parts. First, it covers security problems in Machine Learning (ML) systems, e.g., showing various types of attacks on ML systems in an applied fashion – adversarial ML. Secondly, available methods, tools and other safeguards that could be used against the different types of attacks are covered. The course includes both theoretical introductions to the different attack types and security-enhancing methods and tools, as well as more practical hands-on assignments in Python. After the course the student will have obtained basic knowledge about security-enhancing approaches, and how to use them in order to protect against various risks in ML systems and how to use ML to detect cyber attacks.
More info:
- Course title in Swedish: Maskininlärning och Säkerhet
- Course code: DV2612
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Course responsible: Jianguo Ding, Alexander Adamov – Blekinge Institute of Technology
This course provides you with advanced and current topics in cyber security relevant to critical infrastructure. You will learn the concepts of critical infrastructure and information infrastructure, their threat actors and agents, their modeling, and their resilience. You will learn threat analysis skills for industrial control systems (ICS), including advanced persistent threats (APTs), exploits, supply chain attacks, wipers, and ransomware, which are often used in cyber attacks against critical infrastructure.
More info:
- Course title in Swedish: Säkerhet för kritisk infrastruktur (operativ teknologi)
- Course code: DV2617
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Course responsible: Davide Fucci – Blekinge Institute of Technology
The purpose of the course is to show how security practices can be integrated into different software development processes (traditional, agile, continuous) and how to assess the maturity of the integration. The student will learn about different models, with a focus on a specific one touching upon security practices during software design, implementation, verification, and operation. In order to take different backgrounds and previous knowledge of the students into account, the course also covers the necessary background information on classical and security-oriented software development process models. The course enables students to assess the maturity of secure software development processes based on a model.
More info:
- Course title in Swedish: Säkerhetsinventering för mjukvaruutveckling
- Course code: PA2587
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance
Course responsible: Emil Alegroth, Davide Fucci – Blekinge Institute of Technology
The purpose of this course is to show how fundamental testing practices are applied in the context of secure software development. The student will learn to integrate automated software testing with different approaches to verify software security, leveraging theories from continuous quality assurance in software development, as well as security best practices.
The course is adapted to give a solid introduction to non testing experts with an interest in software security, and addresses how professionals (developers, managers, decision-makers) can incorporate security into the quality assurance process of their products/services.
More info:
- Course title in Swedish: Kvalitetssäkring av säkerhetskritiska applikationer
- Course code: PA2586
- Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer). - The course runs at 25% study pace, on distance
- All education and examination are held on distance