MASTER INFORMATION SECURITY

Find out why crypto works and how it’s applied to protect your digital identity, how to develop secure systems (and maybe even prove that the implementation is correct), and how attackers try to break all of these. We teach Information Security in the CSBME Master’s degree programmes Computer Science (CS), Information and Computer Engineering (ICE) and Software Engineering and Management (SEM). To study Information Security at TU Graz, you choose it as a Major or Minor in one of these degree programmes. We welcome students from Graz and from abroad – there are attractive scholarships for incoming students. Find out more!

Courses

Each of the degree programmes covers 120 ECTS, which includes courses in the Major, Minor, some optional subjects, and a master’s thesis. You can choose Information Security (ISEC) either as a Major (in CS, ICE, SEM) or as a Minor (in CS, ICE) and also choose the courses as part of other elective courses. The Master’s thesis and Seminar/Project will typically focus on topics from your Major. Overall, you can choose to do up to 100 ECTS in Information Security!

Modules	ECTS	Comments
Major	40 ECTS	includes 20 ECTS of compulsory courses for ISEC
Minor	20 ECTS	includes 10 ECTS of compulsory courses for ISEC
Other courses	20 ECTS	includes 14 ECTS chosen from the elective catalogues and 6 ECTS freely chosen
Seminar/Project	10 ECTS	see curricula for details
Master’s thesis	30 ECTS

For full details, check the original curricula in TUGRAZonline (in German) of Computer Science (CS), Software Engineering and Mangement (SEM), and Information and Computer Engineering (ICE).

The courses in Information Security are grouped into 4 modules which reflect our core areas of research and will lead you from the foundations to cutting-edge research and impactful applications. One course per area is part of a compulsory module, while you can freely select the rest of your ECTS from all areas. In addition to the courses below, courses with the title “Selected Topics of Information Security (Subtitle)” and courses listed in the same catalogue of the previous curriculum version also count towards an Information Security Major or Minor module.

System Security

Security is not a simple property — it needs to be understood from a whole system’s perspective! Want to hack insecure software? Want to exploit the latest side channels, or Meltdown and Spectre? Are you ready for digging deep into the architecture and developing your own secure System-on-Chip?

This module offers a holistic view on system security, giving a deep insight into both software and hardware aspects. In the individual courses you will learn about vulnerability exploitation and secure software development, investigate modern cloud operating systems, tackle microarchitectural and physical side channels, and design secure hardware components and whole System-on-Chips.

Secure Software Development**

Software attacks/defenses and principles of secure programming

Winter, ECTS: 5VU

Pentesting Lab

From user to domain admin. Learn the fundamentals of penetration testing in real-world environments

Summer, ECTS: 5VU

Side-Channel Security

Understand, exploit, and mitigate side channels in software & hardware

Summer, ECTS: 5VU

Hardware Design for Security

Design of ASIC and FPGA hardware extensions to enhance system security

Summer, ECTS: 5VU

Secure System Architectures

Securing systems with dedicated hardware mechanisms

Winter, ECTS: 5VU

Cloud Operating Systems

Build cloud operating systems and hypervisors as in modern clouds

Summer, ECTS: 5VU

Algorithms to Hardware using High-Level Synthesis

Transform SW algorithms into HW architectures using HLS, modelling data flow and control flow

Summer, ECTS: 3VU

Cryptography on Hardware Platforms

Implement cryptographic algorithms on hardware platforms like FPGAs, securely and efficiently

Winter, ECTS: 5VU

Cryptography on Software Platforms

Implement cryptographic algorithms on high-end CPUs and constrained microcontrollers with high assurance

Summer, ECTS: 5VU

** The course “Secure Software Development” is compulsory in both Major and Minor.

Cryptology & Privacy

Cryptography is the mathematical backbone of information security and provides the foundation of everything secure. This module covers the building blocks and design principles of modern cryptographic protocols. You’ll learn how ciphers protect data authenticity and confidentiality, how cryptanalytic attacks work, and how to ensure privacy by computing with encrypted data. You will acquire an in-depth understanding of modern cryptology and its mathematical foundations.

Cryptography**

Understand the building blocks of modern cryptographic protocols

Winter, ECTS: 3VO+2KU

Cryptanalysis

Cryptanalytic attacks and how they guide cryptographic design

Summer, ECTS: 5VU

Privacy Enhancing Technologies

Real-world protocols and privacy-enhancing technologies

Winter, ECTS: 3VO+2KU

Modern Public Key Cryptography

Investigating provable security of cryptographic protocols

Summer, ECTS: 3VU

Mathematical Foundations of Cryptography

Winter, ECTS: 5VU

Coding and Cryptography

Offered alternatingly by TU Graz and Uni Graz – Foundations of coding theory

Summer, ECTS: 4.5VO+1.5UE

** The course “Cryptography” is compulsory in both Major and Minor. We recommend that you complete this course before the other courses in this module.

Formal Methods for Security

Formal methods are mathematical techniques and tools used to ensure that hardware and software systems work correctly and enable modeling, verifying, and synthesizing computer systems.

Since secure system design is urgently needed, rigorous formal methods gain more and more importance in the security setting. To gain substantial security improvements, a rigorous analysis of detailed models of secure systems is needed as provided by formal methods.

Indeed, formal methods are the only currently-known approaches able to provide strong end-to-end security guarantees: security guarantees throughout the execution of a system and across abstraction layers.

Verification and Model Checking*

How do you prove that your implementation is correct?

Summer, ECTS: 5VU

Trustworthy Artificial Intelligence

How to build AI systems that are correct, robust, and without bias

Summer, ECTS: 5VU

Logic and Computability ^BSc

Learn to reason and to solve problems with logics

Summer, ECTS: 3VO+1.5KU

Model-based Testing

Offered by IST every 2 years – Model specification and automated testing strategies

Winter, ECTS: 5VU

Formal Specification and Design of Software

Offered by IST every 2 years

Winter, ECTS: 5VU

* The course “Verification and Testing” is compulsory in the Major.

^BSc The course “Logic and Computability” is recommended if not already completed as part of the bachelor’s degree programme.

Secure Applications

To harden software against possible attacks, it is vital to design and implement them in a secure way. This module focuses on threats and security risks you commonly encounter during the lifecycle of desktop and mobile applications. You will learn how encryption and other measures can be integrated into real-world products in order to protect sensitive information. You will obtain a detailed view on practical aspects to deploy secure software.

Secure Application Design*

Protect application assets by correctly using crypto functions

Summer, ECTS: 3VO+2KU

Mobile Security

Security of mobile platforms and common vulnerabilities in mobile apps

Summer, ECTS: 3VO+2KU

Secure Product Lifecycle

Offered by external lecturers with an industry perspective

Winter, ECTS: 3VO+2KU

* The course “Secure Application Design” is compulsory in the Major.

Projects and Seminars

In this module, you work on an individual research topic as part of a Seminar/Project to help you acquire research skills in a scientific environment. The project will help you obtain an in-depth background knowledge in your favourite area, deepen your presentation skills, and prepare you for your master’s thesis.

To complete the “Seminar/Project Information Security”, find and contact a supervisor at ISEC whose topics you find most interesting — there is no regular schedule for this course, you can start any time.

Seminar/Project Information Security

Choose a topic and work on your own research project

Any time, ECTS: 10SP

Master’s Thesis

For your master’s thesis (30 ECTS), you’ll work with our research teams to solve challenges arising in our security research – maybe your results will even lead to a new scientific publication! Contact a supervisor at ISEC to find a suitable topic and start your thesis – maybe browse a selection of our current topics or chat with us first to find out more and help you decide.

CURRICULUM TRANSITION AND EQUIVALENCES

You can study the CS, ICE, and SEM degree programmes with Major/Minor Information Security in the current curriculum version from Winter Term 2025/26. If you previously studied the now-discontinued master’s programme of 2020, you can either transition any time or continue completing your programme until 30 September 2028.

Many of the courses in the new curriculum are considered equivalent to old courses, which are no longer offered under their previous names. This equivalence list works both ways: if you previously completed some old courses on the righthand side and switched to the new curriculum, they will be converted to the new courses on the lefthand side. If you did not switch and need some old courses on the righthand side which are no longer offered, complete the corresponding course on the lefthand side.
Additionally, any courses listed in the 2020 Information Security catalogue can be counted towards the 2025 Information Security catalogue.

Current	Discontinued
Secure Software Development VU	Secure Software Development VO plus
	Secure Software Development KU
Hardware Design for Security VU	Digital System Design VO plus
	Digital System Design KU
Cryptanalysis VU	Cryptanalysis VO plus
	Cryptanalysis KU
Mathematical Foundations of Cryptography SE	Seminar Cryptology and Privacy SE
Verification and Model-Checking VU	Verification and Testing VO plus
	Verification and Testing KU

If you have questions on the curriculum transition process, contact the course’s lecturer, the ISEC office, your student representative, or your Dean of Studies.