Course syllabus Cyber Operations in Theory and Practice
Swedish name: Cyberoperationer i teori och praktik
Course code:
2FS043
Valid from semester:
Autumn Term 2025
Education cycle:
Second cycle
Scope:
7.5 credits
Progression:
A1F
Grading scale:
Three-grade scale
Main field of study:
Systems Science for Defence and Security
Department:
Department of Systems Science for Defence and Security
Subject:
Systems Science for Defence and Security
Language of instruction:
The teaching is conducted in English.
Decided by:
Forsknings och utbildningsnämndens kursplaneutskott
Decision date:
2025-02-18
Entry requirements
Passed courses of at least 180 credits that include
and knowledge corresponding to English 6 (English B).
- at least 7.5 second-cycle credits in the field of defence, crisis management and security,
- written thesis project of at least 15 credits,
and knowledge corresponding to English 6 (English B).
Course content and structure
Based on the student’s previous knowledge and experience, the course aims to develop the student’s ability to problematize cyber operations with the purpose of enabling him or her to describe, discuss, and analyse threats, risks, and events.
The first module starts with an introduction to vulnerabilities in information systems, aiming to give the student a concrete understanding of the specific risks that are characteristic of modern information systems. Lectures introduce the foundations of vulnerabilities in modern hardware and software and how they can be exploited to affect confidentiality, integrity, and availability in information systems. Principles for ethical and legal handling of discovered vulnerabilities are introduced. The student’s knowledge is consolidated through a laboratory session.
The second module discusses actors in the cyber environment and their methods, theories on cyber operations, including perspectives on international law and critical theory, and methods for defence against cyber threats from a total defence perspective. This module is mainly based on studies of research articles. Lectures put the articles in context with each other and the course’s central concepts. Through seminars the student is given the opportunity to develop his or her ability to analyse current research in the area.
The course consists of two modules: Introduction to Vulnerabilities in Information Systems (1.5 credits) and Cyber Operations (6 credits).
Module 1 – Introduction to Vulnerabilities in Information Systems, 1.5 credits
The module introduces vulnerabilities in hardware and software, including how they arise and can be used by threat actors to affect confidentiality, integrity, and availability in information systems.
Module 2 – Cyber Operations, 6 credits
The module covers actors and methods in the cyber environment, theories on cyber operations, and methods for defence against cyber threats.
The first module starts with an introduction to vulnerabilities in information systems, aiming to give the student a concrete understanding of the specific risks that are characteristic of modern information systems. Lectures introduce the foundations of vulnerabilities in modern hardware and software and how they can be exploited to affect confidentiality, integrity, and availability in information systems. Principles for ethical and legal handling of discovered vulnerabilities are introduced. The student’s knowledge is consolidated through a laboratory session.
The second module discusses actors in the cyber environment and their methods, theories on cyber operations, including perspectives on international law and critical theory, and methods for defence against cyber threats from a total defence perspective. This module is mainly based on studies of research articles. Lectures put the articles in context with each other and the course’s central concepts. Through seminars the student is given the opportunity to develop his or her ability to analyse current research in the area.
The course consists of two modules: Introduction to Vulnerabilities in Information Systems (1.5 credits) and Cyber Operations (6 credits).
Module 1 – Introduction to Vulnerabilities in Information Systems, 1.5 credits
The module introduces vulnerabilities in hardware and software, including how they arise and can be used by threat actors to affect confidentiality, integrity, and availability in information systems.
Module 2 – Cyber Operations, 6 credits
The module covers actors and methods in the cyber environment, theories on cyber operations, and methods for defence against cyber threats.
Type of instruction
- Lectures
- Laboratory session
- Seminars
- Independent study
Objectives
Upon completion of the course the student should be able to:
Module 1 Introduction to Vulnerabilities in Information Systems
Knowledge and understanding
Competence and skills
Judgement and approach
Module 2 Cyber Operations
Knowledge and understanding
Competence and skills
Judgement and approach
Module 1 Introduction to Vulnerabilities in Information Systems
Knowledge and understanding
- describe the foundations of vulnerabilities in information systems, how they arise, and can be exploited
- describe the fundamental principles of ethical and legal handling of vulnerabilities in information systems
Competence and skills
- with supervision exploit a vulnerability to affect confidentiality, integrity, or availability in an information system
Judgement and approach
- show an ethical approach to discovered vulnerabilities in information systems
Module 2 Cyber Operations
Knowledge and understanding
- describe actors in the cyber environment and their means, theories on cyber operations, including aspects concerning international law and critical theory, and methods for defence against cyber threats
Competence and skills
- problematize theories on cyber operations from multiple relevant perspectives
- discuss different actors’ actions and methods in the cyber environment
Judgement and approach
- independently analyse and discuss the content in research articles relevant to the area.
Examination formats
Module 1 – Introduction to Vulnerabilities in Information Systems, 1,5 credits, two-point grading scale
Assessment is through an individual written lab report.
Module 2 - Cyber Operations, 6 credits, three-point grading scale
Assessment is through active and constructive participation in mandatory seminars and through an individual project that is presented in writing and orally.
Absence at no more than one mandatory seminar shall be approved by the course coordinator. The absence shall be supplemented in accordance with instructions from the examiner. If the teacher leading the seminar assesses that the participation is not sufficiently active, a supplementary task shall be assigned in accordance with instructions from the examiner.
The examiner may decide to request supplementary assignments in order to achieve a passing grade on the course.
Supplementary assignments shall be submitted no later than three working days after the result and supplementary assignment for the examination in question have been notified.
Examination papers submitted late will not be graded unless special circumstances exist that are acceptable to the examiner.
The student is graded on a three-point grading scale: Pass with distinction (VG), Pass (G), and Fail (U) for the individual project and a two-point grading scale: Pass (G) and Fail (U) for the written lab report and the mandatory seminars.
The overall grade of Pass (G) requires passing grade (G) on the written lab report and the
seminars.
The overall grade of Pass with distinction (VG) requires passing grade on the written lab
report and the seminars as well as Pass with distinction (VG) on the individual project.
Grading criteria are presented no later than at the start of the course.
There is no limit on the total number of examination opportunities.
Assessment is through an individual written lab report.
Module 2 - Cyber Operations, 6 credits, three-point grading scale
Assessment is through active and constructive participation in mandatory seminars and through an individual project that is presented in writing and orally.
Absence at no more than one mandatory seminar shall be approved by the course coordinator. The absence shall be supplemented in accordance with instructions from the examiner. If the teacher leading the seminar assesses that the participation is not sufficiently active, a supplementary task shall be assigned in accordance with instructions from the examiner.
The examiner may decide to request supplementary assignments in order to achieve a passing grade on the course.
Supplementary assignments shall be submitted no later than three working days after the result and supplementary assignment for the examination in question have been notified.
Examination papers submitted late will not be graded unless special circumstances exist that are acceptable to the examiner.
Grading
The student is graded on a three-point grading scale: Pass with distinction (VG), Pass (G), and Fail (U) for the individual project and a two-point grading scale: Pass (G) and Fail (U) for the written lab report and the mandatory seminars.
The overall grade of Pass (G) requires passing grade (G) on the written lab report and the
seminars.
The overall grade of Pass with distinction (VG) requires passing grade on the written lab
report and the seminars as well as Pass with distinction (VG) on the individual project.
Grading criteria are presented no later than at the start of the course.
Restrictions in Number of Examinations
There is no limit on the total number of examination opportunities.
Transitional provisions
When the course is no longer offered or when the course content has changed substantially, the student has the right to be examined once per semester during a three-term period in accordance with this syllabus.
Other regulations
- The course cannot be included in a degree with another course whose content fully or partially corresponds to the content of this course.
- If the Swedish Defence University has formally decided that the student is entitled to receive special educational support due to a disability, the examiner may decide on alternative forms of examination for the student.
- The course director will conduct an evaluation on the completion of the course, which will form the basis for any changes to the course.