Identifying the Cybersecurity Body of Knowledge for a Postgraduate Module in Systems Engineering

  • Sune von SolmsEmail author
  • Lynn Futcher
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 531)


In the light of Industry 4.0, there exists a drive in engineering to include cybersecurity in the design, development and maintenance of smart cyber-physical systems. The high interconnectivity of these systems make these systems more susceptible to cyberattacks. In South Africa, the engineering education space does not traditionally cater for cybersecurity training in undergraduate or post-graduate studies. The lack of cybersecurity education in engineering and the need for cybersecurity knowledge in the industry highlights a knowledge gap in the field of cybersecurity engineering. This paper describes the process followed to determine the body of knowledge which should be considered for a postgraduate module in cybersecurity in engineering in South Africa. Findings show that topics related to Software Security, Systems Security and Organizational Security are deemed most important for inclusion in the cybersecurity body of knowledge for a postgraduate module in Systems Engineering.


Cybersecurity Curriculum design Systems Engineering Education Postgraduate Education 


  1. 1.
    Kiel, A.: What do we know about “Industry 4.0” so far? In: Proceedings of the International Association for Management of Technology (IAMOT 2017) (2017)Google Scholar
  2. 2.
    Morgan, S.: IBM’s CEO On Hackers: “Cyber Crime Is The Greatest Threat To Every Company In The World” (2005). Accessed 9 Jan 2017
  3. 3.
    Tamura, E.: Hewlett Packard Enterprise Leads Transformation of Cyber Defense with “Build it In” and “Stop it Now” (2006). Accessed 9 Jan 2017
  4. 4.
    Burley, D.L., et al.: Cybersecurity curricula (2017)Google Scholar
  5. 5.
    Morgan, S.: Cybersecurity job market to suffer severe workforce shortage. CSO (2005). Accessed 30 Apr 2018
  6. 6.
    Suby, M., Dickson, F.: The 2015 (ISC)2 Global Information Security Workforce Study. Frost and Sullivan White Paper (2015)Google Scholar
  7. 7.
    Cisco Advisory Services. Mitigating the cybersecurity skills shortage (2015)Google Scholar
  8. 8.
    Fripp, C.: South Africa simply doesn’t have enough cybersecurity experts (2017). Accessed 9 Mar 2018
  9. 9.
    McGettrick, A.: Toward curricular guidelines for cybersecurity. In: Report of a Workshop on Cybersecurity Education and Training (2013).
  10. 10.
    von Solms, S., Futcher, L.: Towards the design of a cybersecurity module for postgraduate engineering studies. In: Proceedings of the International Symposium on Human Aspects of Information Security & Assurance (HAISA 2017), Adelaide, Australia (2017)Google Scholar
  11. 11.
    Newhouse, W., Keith, S., Scribner, B., Witte, G.: National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. Special Publication 800–181, NIST2017 (2017)Google Scholar
  12. 12.
    Dove, R., Bayuk, J., Wilson, B., Kepchar, K.: INCOSE System Security Engineering Working Group Charter (2016). Accessed 9 Mar 2018
  13. 13.
    Shreyas, D.: Software Engineering for Security: Towards Architecting Secure Software (2001). Accessed 5 May 2018
  14. 14.
    Haridas, N.: Software Engineering – Security as a Process in the SDLC. SANS Institute InfoSec Reading Room (2007)Google Scholar
  15. 15.
    Tong, A., Sainsbury, P., Craig, J.: Consolidated criteria for reporting qualitative research (COREQ): a 32-item checklist for interviews and focus groups. Int. J. Qual. Health Care 19(6), 349–357 (2007)CrossRefGoogle Scholar
  16. 16.
    Liamputtong, P., Ezzy, D.: Qualitative Research Methods, 2nd edn. Victoria Oxford University Press, Melbourne (2005)Google Scholar
  17. 17.
    Davies, P.H.J.: Spies as informants: triangulation and the interpretation of elite interview data in the study of the intelligence and security services. Politics 21(1), 73–80 (2001)CrossRefGoogle Scholar
  18. 18.
    Aberbach, J.D., Rockman, B.A.: In the Web of Politics: Three Decades of the U.S. Federal Executive. The Brookings Press, Washington, D.C. (2000)Google Scholar
  19. 19.
    Tansey, O.: Process Tracing and Elite Interviewing: A Case for Non-Probability Sampling. PS Polit. Sci. Politics 40(4), 765–772 (2007)CrossRefGoogle Scholar
  20. 20.
    Thomas, D.R.: A general inductive approach for analyzing qualitative evaluation data. Am. J. Eval. 27(2), 237–246 (2006)CrossRefGoogle Scholar
  21. 21.
    ECSA, Qualification Standard for Bachelor of Science in Engineering (BSc (Eng))/Bachelors of Engineering (BEng): NQF Level 8 4, 1–10 (2014)Google Scholar
  22. 22.
    The Higher Education Qualifications Sub-Framework. Government Gazette No. 36003 of 14 December 2012 (2013)Google Scholar
  23. 23.
    Harvey, W.S.: Strategies for conducting elite interviews. Qual. Res. 11(4), 431–441 (2011)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.Department of Electrical Engineering ScienceUniversity of JohannesburgJohannesburgSouth Africa
  2. 2.School of Information and Communication TechnologyNelson Mandela UniversityPort ElizabethSouth Africa

Personalised recommendations