Upcoming courses Autumn 2022

Responsible: Dragos Ilie, Victor Kebande – Blekinge Institute of Technology

This course is targeting software professionals who aim to improve the security of the applications and services they develop through the use ofcryptographic algorithms . The main focusof the course will be on how to address the main goals of information security, confidentiality, integrity, availability, authenticity and accountability (CIA++) from a practical perspective. The course will introduce specific frameworks that can be used to implement these features using different programming languages, such as C/C++, Python and Java. In addition, the course will highlight typical pitfalls related to the implementation of these security functions.

More info:
Course webpage at Blekinge Institute of Technology
Course title in Swedish: Tillämpad kryptografi
Course Code: DV2616
Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
Next instance: August 29 2022 until January 15 2023
The course runs at 25% study pace, on distance
All education and examination are held on distance.
Download syllabus here

Responsible: Fabiola Moyon – Blekinge Institute of Technology

This course explains how a secure development process is expected by industry regulators, and how to implement it in an agile and DevOps lifecycle.

This course will cover secure agile and DevOps software development with a focus on the following components:

  • People: Enablement of agile teams for security through awareness, training and coaching.
  • Processes: Implementation of security activities into well-known agile development processes such as SCRUM or SAFe. Security activities are analyzed based on relevant industry security standards.
  • Technology: Description of security tools and technologies that can automate security activities in the agile & DevOps way of working.

More info:
Course webpage at Blekinge Institute of Technology
Course title in Swedish: Utveckling, säkerhet och drift (DevSecOps)
Course Code: PA2588
Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
Next instance: August 29 2022 until January 15 2023
The course runs at 25% study pace, on distance
All education and examination are held on distance.
Download syllabus here

Responsible: Alexander Adamov & Jianguo Ding – Blekinge Institute of Technology

The course provides knowledge and skills needed for defending critical infrastructure against cyber attacks. The example if such attack is Blackenergy cyberattack on the Ukrainian electrical grid in 2015 by Sandworm group (Russian GRU). This course covers security in SCADA and cyberphysical systems (CPS) as well as the regulations and standards that are applicable that helps to ensure an audit trail.

More info:
Course webpage at Blekinge Institute of Technology
Course title in Swedish: Säkerhet för kritisk infrastruktur (operativ teknologi)
Course Code: DV2617
Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
Next instance: August 29 2022 until January 15 2023
The course runs at 25% study pace, on distance
All education and examination are held on distance.
Download syllabus here

Responsible: Michael Felderer, Oleksii Baranovsky, Blekinge Institute of Technology

The purpose of the course is to show how security practices can be integrated into different software development processes (traditional, agile, continuous) and how to assess the maturity of the integration. The student will learn about different models, with a focus on a specific one touching upon security practices during software design, implementation, verification, and operation. In order to take different backgrounds and previous knowledge of the students into account, the course also covers the necessary background information on classical and security-oriented software development process models. The course enables students to assess the maturity of secure software development processes based on a model.

More info: 
Course webpage at Blekinge Institute of Technology
Course title in Swedish: Säkerhetsinventering för mjukvaruutveckling
Course Code: PA2587
Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
Next instance: August 29 2022 until January 15 2023
The course runs at 10% study pace, on distance
All education and examination are held on distance.
Download syllabus here

Responsible: Anders Carlsson – Blekinge Institute of Technology

Web application security encompasses that the student should learn to understand and discover weaknesses and vulnerabilities in web applications both on the server side and on the client side as well as be able to develop solutions for protection and conduct tests.

More info:
Course webpage at Blekinge Institute of Technology
Course title in Swedish: Säkerhet i webbsystem
Course Code: DV2621
Admission requirements: Admission to the course require 90 credits, of which at least 40 credits are in a technical area with one completed course with a minimum of 6 credits in programming in C or C++, PHP or Python and one completed course with a minimum of 4 credits in Network Security, Data Communication, Network Technologies and one completed course with a minimum of 4 credits in Web Technologies or Databases or at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).

Next instance: October 31 2022 until January 15 2023
The course runs at 50% study pace, on distance-
Download syllabus here

Upcoming courses Spring 2023

Next Course Instance Spring 2023

Responsible: Torbjörn Fridensköld, Blekinge Institute of Technology

The  project course is an adaptable course of between 15 – 30 credits – where the students work in groups – and bring their own topic to work on. The students work in groups on a joint problem/challenge, and are supervised/mentored by one or several experts (depending on the needs of the project and topic). With benefit this course is the perfect example of case-based didactics. For example, let us say that a group of students taking the project course work for a company(ies) that want to introduce DevSecOps as a way to work in product development. This course can be used to start such a change/improvement initiative at the company. The student group can then do real change/improvement work at the company(ies) as the core of this project course, and get mentoring as they do it. The company/organization gets improvement/change done – the students get mentoring and learn a topic – and the students get formal higher level educational credits while doing it. The course can be seen as related to doing a thesis project at an external company/organization, but the focus is on studying a topic (like e.g. DevSecOps) in detail and applying it in a real-world context as part of the learning.

The course is given Spring 2023. More info about the contents of the course will come during Autumn 2022. 

Course responsible: Anders Carlsson, Oleksii Baranovsky – Blekinge Institute of Technology

Companies and their IT systems are affected by advanced intrusions, various ransomware attacks and or thefts of both sensitive and secret information. In case of being compromised companies need to understand their weak points, ways of intrusion and attackers attributes. The course focuses on developing the student’s skills to investigate and analyze complex cyber attacks (Cyber Kill Chain) and to track the threat actor, discover exploited vulnerabilities so that companies can restore data and system integrity.

Digital forensic is the process of detecting and investigating hacking attacks via properly extracted and analyzed evidence and artifacts to report the crime and prevent similar attacks in the future. The crime with computers and digital technologies in today’s cyber world is on the rise. Digital forensic techniques are being used by law enforcement agencies, police, government, and corporate entities around the world. The tools and techniques covered in the course will prepare the attendees to conduct digital forensic investigations using ground-breaking technologies.

More info:

  • Course title in Swedish: Avancerad Digital Undersökningsteknik
  • Course Code: DV2611
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Spring 2023
  • The course runs at 25% study pace, on distance
  • All education and examination are held on distance
  • Click here to Download Course Syllabus

Course responsible: Volodymyr Tkach, Victor Kebande – Blekinge Institute of Technology

Organisations today produce a large amount of data. This course covers how to utilize that data for cybersecurity purposes. It covers topics such as how to acquire (e.g., through SIEM) and prepare security data, from collection and storage to management and analysis as well as visualization and presentation, predicting rouge behaviors, and correlate security events. How to use data science to understand and communicate security problems.

More info:

  • Course title in Swedish: Datastyrd Säkerhet
  • Course Code: DV2610
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Spring 2023
  • The course runs at 10 % study pace, on distance
  • All education and examination are held on distance
  • Click here to Download Course Syllabus

Course responsible: Tony Gorschek , Alexander Adamov, Volodymyr Tkach, Blekinge Institute of Technology

The purpose of this course is to introduce security practices within the Software Development Lifecycle (SDLC) at the requirements, design, implementation, verification, and after release stages of software development.

This course is the guide to the cybersecurity issues arising throughout the entire development process. We consider the development from the security perspective from the beginning stage until the final release and beyond. The course is adapted to give a solid introduction to non-security-experts mainly and addresses both how professionals (developers, managers, decision-makers) can utilize security to improve (software-based) products/services, and how they are affected by security issues and challenges.

Whether you are a software developer in a bank or telecom company, or you are a product manager in a gaming company, this course will be relevant for you.

More info:

  • Course title in Swedish: Introduktion till Säkerhet för Mjukvaruutveckling
  • Course code: PA2585
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next planned instance: Spring 2023
  • The course runs at 25% study pace, on distance
  • Click here to download Course syllabus

Course Responsible: Volodomyr Tkach, Victor Kebande – Blekinge Institute of Technology

The main objective of this course is to acquaint students with existing approaches, methods, and tools of machine Learning (ML) for security as well as unveil security issues in ML itself.

This course is divided into the following two parts. First, it covers security problems in Machine Learning (ML) systems, e.g., showing various types of attacks on ML systems in an applied fashion – adversarial ML. Secondly, available methods, tools and other safeguards that could be used against the different types of attacks are covered. The course includes both theoretical introductions to the different attack types and security-enhancing methods and tools, as well as more practical hands-on assignments in Python. After the course the student will have obtained basic knowledge about security-enhancing approaches, and how to use them in order to protect against various risks in ML systems and how to use ML to detect cyber attacks.

More info:

  • Course title in Swedish: Maskininlärning och Säkerhet
  • Course Code: DV2612
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next planned instance: Spring 2023
  • The course runs at 25% study pace, on distance
  • All education and examination are held on distance
  • Click here to Download Course Syllabus

Course responsible: Alexander Adamov, Blekinge Institute of Technology

The course aims to provide students with the skills of real-world threats analysis including phishing attacks, targeted attacks (APTs), cyber weapon, ransomware (cryptolockers) The analysis of such threats requires a special type of education focused on the analysis of modern threats and protection technologies.

The course gives knowledge and practical skills in malware analysis for Windows and Android platforms (x86 and ARM). The students will obtain practical skills in reverse engineering, static and dynamic analysis of malware used in the real-life cyber attacks.

More info:

  • Course title in Swedish: Analys av Skadlig Programvara
  • Course Code: DV2613
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Spring 2023
  • The course runs at 25% study pace, on distance
  • All education and examination are held on distance
  • Click here to Download Course Syllabus

Planned Course Instance is Spring 2023

Responsible: Oleksii Baranovsky

This course cover areas of legal and ethical implications of ethical hacking. It also introduces detection and exploitation of vulnerabilities in IT-infrastructure, including different reconnaissance techniques. 

The course is given Spring 2023, 25% study pace.  More info about the contents of the course will come during Autumn 2022. 

Course responsible: Emil Alegroth, Davide Fucci – Blekinge Institute of Technology

The purpose of this course is to show how fundamental testing practices are applied in the context of secure software development. The student will learn to integrate automated software testing with different approaches to verify software security, leveraging theories from continuous quality assurance in software development, as well as security best practices.

The course is adapted to give a solid introduction to non testing experts with an interest in software security, and addresses how professionals (developers, managers, decision-makers) can incorporate security into the quality assurance process of their products/services.

More info:

  • Course title in Swedish: Kvalitetssäkring av säkerhetskritiska applikationer
  • Course Code: PA2586
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next planned instance: Spring 2023
  • The course runs at 25% study pace, on distance
  • All education and examination are held on distance
  • Click here to Download Course Syllabus

Planned Course Instance Spring 2023

Responsible: Oleksii Baranovsky

Knowing how well security measures work, or how protected an organisation or systems is, can be difficult to quantify. The course aims to answer questions such as: – How to measure security? – What can be measured? The course presents several security metrics and how they can be implemented and used as KPIs.

The course is given Spring 2023, 25% study pace.  More info about the contents of the course will come during Autumn 2022.

Next Course Instance Spring 2023

Responsible: Mariana Peixoto – Blekinge Institute of Technology

There is an increasing concern from users regarding the use and leakage of their personal data. Moreover, compliance with privacy regulations is required by the government and privacy should be incorporated by design and by default when developing software-intensive products and services. Hence, privacy has become a top challenge in software development and good privacy measures can improve data security and promote quality.

The course is given Spring 2023, 25% study pace.  More info about the contents of the course will come during Autumn 2022.

Upcoming courses Autumn 2023

In PROMIS, many courses use a case-based learning approach which allows you, at different levels, to bring your own case/ problem to the course. Case-based learning approach lessens the participation cost; you can utilize your domain-specific challenges while maximizing your end value. For two courses, we have adopted an even larger case-based approach where you can work on cases and challenges that are directly reusable and relevant for your work/organization.

The aim of the course is that you, either individually or in a group, identify a challenge related to security and preferably linked to your company. In the course, you will study the topic in detail, apply knowledge and receive the opportunity to deepen your problem-solving.

You will be assigned one or several mentors within the relevant area during the course. They will supervise and help you plan, carry out, present, and guide you to find solutions for your real-world context challenge as part of the learning – in essence; they will be mentors.

The course is given Autumn 2023. More info about the contents of the course will come during Autumn 2022. 

Responsible: Dragos Ilie, Victor Kebande – Blekinge Institute of Technology

This course is targeting software professionals who aim to improve the security of the applications and services they develop through the use ofcryptographic algorithms . The main focusof the course will be on how to address the main goals of information security, confidentiality, integrity, availability, authenticity and accountability (CIA++) from a practical perspective. The course will introduce specific frameworks that can be used to implement these features using different programming languages, such as C/C++, Python and Java. In addition, the course will highlight typical pitfalls related to the implementation of these security functions.

More info:

  • Course title in Swedish: Tillämpad kryptografi
  • Course Code: DV2616
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Autumn 2023
    The course runs at 25% study pace, on distance
    All education and examination are held on distance.
    Download syllabus here

Responsible: Dragos Ilie – Blekinge Institute of Technology

The course presents advanced binary analysis topics such as binary instrumentation and dynamic taint analysis that can be useful for Software Engineers in performing security testing and vulnerability discovery, as well as for Malware Analysts to reverse engineer malicious binaries.

The course is divided into three modules and will also start with a review of popular programming languages and provide a toolsets overview. The following modules are devoted operations with binary code such as code injection and binary instrumentation and you will get an overview of dynamic taint analysis (DTA) including design factors, practical implementation, and limitations.

The course is given Autumn 2023, 25% study pace.  More info about the contents of the course will come during Spring 2022.

Responsible: Fabiola Moyon – Blekinge Institute of Technology

This course explains how a secure development process is expected by industry regulators, and how to implement it in an agile and DevOps lifecycle.

This course will cover secure agile and DevOps software development with a focus on the following components:

  • People: Enablement of agile teams for security through awareness, training and coaching.
  • Processes: Implementation of security activities into well-known agile development processes such as SCRUM or SAFe. Security activities are analyzed based on relevant industry security standards.
  • Technology: Description of security tools and technologies that can automate security activities in the agile & DevOps way of working.

More info:

  • Course title in Swedish: Utveckling, säkerhet och drift (DevSecOps)
  • Course Code: PA2588
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Autumn 2023
  • The course runs at 25% study pace, on distance
    All education and examination are held on distance.
  • Download syllabus here

Responsible: Alexander Adamov & Jianguo Ding – Blekinge Institute of Technology

The course provides knowledge and skills needed for defending critical infrastructure against cyber attacks. The example if such attack is Blackenergy cyberattack on the Ukrainian electrical grid in 2015 by Sandworm group (Russian GRU). This course covers security in SCADA and cyberphysical systems (CPS) as well as the regulations and standards that are applicable that helps to ensure an audit trail.

More info:

  • Course title in Swedish: Säkerhet för kritisk infrastruktur (operativ teknologi)
  • Course Code: DV2617
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Autumn 2023
  • The course runs at 25% study pace, on distance
  • All education and examination are held on distance.
  • Download syllabus here

Responsible: Michael Felderer, Oleksii Baranovsky, Blekinge Institute of Technology

The purpose of the course is to show how security practices can be integrated into different software development processes (traditional, agile, continuous) and how to assess the maturity of the integration. The student will learn about different models, with a focus on a specific one touching upon security practices during software design, implementation, verification, and operation. In order to take different backgrounds and previous knowledge of the students into account, the course also covers the necessary background information on classical and security-oriented software development process models. The course enables students to assess the maturity of secure software development processes based on a model.

More info:

  • Course title in Swedish: Säkerhetsinventering för mjukvaruutveckling
  • Course Code: PA2587
  • Admission requirements: Admission to the course require at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2
    years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Autumn 2023
    The course runs at 10% study pace, on distance
    All education and examination are held on distance.

Responsible: Dragos Ilie – Blekinge Institute of Technology

Every sector of the global economy relies on software. This makes software one of the principal targets for state-sponsored groups, military, criminals and other type of adversaries. Such attacks try to exploit insecure code, that is seemingly innocent bugs, which allow the adversaries to obtain unauthorized access to information or to take full control of compromised systems. The purpose of this course is to train software professionals in understanding in depth how insecure code can be exploited. In addition, it will equip them with knowledge in how to defend against this type attacks.

The course begins by analyzing technical, psychological, and real-world factors that lead to production of vulnerable code. This is important knowledge for both developers and managers as it allows them to take actions that mitigate the impact of these factors, both when programming is performed but also during project management.

Software exploits use specially crafted input data to applications and services to leverage logic flaws in the code that processes the input. Typically, the exploits overwrite specific structures in the program memory space, which allows them to bypass access control mechanisms and/or execute code provided as part of the input data. Therefore, a large part of the course is dedicated to understanding how exploits are constructed, essentially learning attackers’ “modus operandi”.

The course is given Autumn 2023, 50% study pace.  More info about the contents of the course will come during Spring 2023.

Planned Course Instance Autumn 2023

Responsible: Dragos Ilie

The course addresses the following question: assume you have to trust a computer that provides a service that is valuable to you. Should you trust the computer and the service it runs, and then for what reasons? Will the computer and the service behave faithfully to the implementation specifications or are they compromised for the purpose of deceiving the users? How can an external party detect this sort of malicious behaviour?

The course is given Autumn 2023, 25% study pace.  More info about the contents of the course will come during Autumn 2022.

Responsible: Anders Carlsson – Blekinge Institute of Technology

Web application security encompasses that the student should learn to understand and discover weaknesses and vulnerabilities in web applications both on the server side and on the client side as well as be able to develop solutions for protection and conduct tests.

More info:

  • Course title in Swedish: Säkerhet i webbsystem
  • Course Code: DV2621
  • Admission requirements: Admission to the course require 90 credits, of which at least 40 credits are in a technical area with one completed course with a minimum of 6 credits in programming in C or C++, PHP or Python and one completed course with a minimum of 4 credits in Network Security, Data Communication, Network Technologies and one completed course with a minimum of 4 credits in Web Technologies or Databases or at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).
  • Next instance: Autumn 2023
  • The course runs at 50% study pace, on distance.
  • Download syllabus here

Upcoming courses Spring 2024

Responsible: Oleksii Baranovsky – Blekinge Institute of Technology

The course provides the way that will help you to design secure architectures to meet security requirements through threat modeling, attack surface analysis, and risk assessment practices.

The course is planned for Spring 2024, 25% study pace.  More info about the contents of the course will come during Spring 2023.

Responsible: Oleksii Baranvosky – Blekinge Institute of Technology

The course covers different aspects of securing OS and system services to provide the safe environment for running cloud-based services. The following guidelines will be considered during the course as well as pracTical implementation of Windows and Linux platforms hardening using scripts (e.g. PowerShell and Ansible) to provide automation.

The course is planned for Spring 2024, 25% study pace.  More info about the contents of the course will come during Spring 2023.

Entry Requirements

PROMIS courses requires at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).

Even if you don’t have the formal academic merits, you might be qualified for the course through validation. See more info below.

How to Apply and How to complete and Employer’s certificate

Apply via antagning.se or universityadmission.se 

Download a template below and add your personal details and your employer’s signature. You should then upload the certificate togheter with your course application on antagning.se

More information about how to apply at the bottom of the page!

How to apply for PROMIS courses

Visit antagning.se / universityadmission.se and perform the following steps:

  1. Create a user account
  2. Search for the PROMIS courses by the name of the course or use the link in the course description on this site.
  3. Fill out and send in your application.
  4. Upload your required documents (including your Employer’s certificate for eligibility).
  5. Check your e-mail for any messages regarding your application. If you for example need to make up missing requirements you will receive an e-mail and you must check your application on antagning.se
  6. Reply to any offers of admission.

How to apply without having the academics merits needed to meet the entry requirements?

Even if you don’t have the formal academics merits needed for a specific PROMIS course, your background may make it possible for you to be qualified for the course through validation.

Validation is “a process of a structured assessment, valuing, documentation and recognition of knowledge and competences that an individual has gained, irrespective of how they have been acquired”. (Government definition DS 2003:23)

This means an assessment of an individual’s knowledge and competence, regardless how, where or when they were acquired – in the formal education system or in some other way in Sweden or abroad, just recently or a long time ago.

If you think your knowledge and competences will qualify you for a PROMIS course, you must fill in the form Ansökan om bedömning av reell kompetens/att undantag görs (antagning.se)

For the corresponding form in English, visit http://www.promptedu.se/promptwp/wp-content/uploads/2015/11/reell_kompetens_blankett_en-GB.pdf and upload your CV, with description of your professional background. Your CV must describe your knowledge and competences in relation to the entry requirements. If we need more information from you, we will contact you.

For more information, please contact Anna Eriksson, aes@bth.se or Nina Wennberg, niw@bth.se

I want to apply to a PROMIS course, but the deadline at antagning.se has passed?
When the last day to apply has passed, it is still possible to submit a late application to courses, but please note that this only applies for courses that are open for a late application.

Once I get accepted for a course within PROMIS, what do I need to do next?
You will receive a letter of admission with information regarding how to participate in a PROMIS course. It is important that you follow the instructions given in the letter of admission.

What is a ‘Credit’ (‘hp’)
Credits (‘Högskolepoäng’ in Swedish) are a way to measure the length and scope of academic studies. 1.5 credits correspond to one week of full-time studies (40 hours). A course of 7.5 credits corresponds to 200 hours of studies. PROMIS courses are normally run at a pace of 25%, which means that a course of 7.5 credits or 200 hours is run over a full semester.