Kenneth Kung
Kenneth Kung, Instructor of ENG 204

ENG 204 Course Overview

Trusted Systems Engineering

Description of the Course
Lecture, four hours. Trust is placed in information systems to behave properly, but cyber threats and breaches have become routine, including penetration of financial, medical, government, and national security systems. To build systems that can protect confidentiality, integrity, and availability involves more than composing systems from network security, computer security, data security, cryptography, etc. One can use most secure components, and resulting system could still be vulnerable. Skills learned ensure that systems are architected, designed, implemented, tested, and operated for specific levels of trust. Aspects include assessing vulnerability and risk for systems, establishing protection principles, and using them as guide to formulate system architectures; translating architecture into system design and verifying correctness of design; and constructing and following trusted development and implementation process. Letter grading.

About the Instructor
Kenneth Kung: Dr. Kenneth Kung joined UCLA in 2013. He taught systems engineering courses in the School of Engineering and Applied Science.

Before joining UCLA, he was a Sr. Principal Engineering Fellow for Raytheon Company. He has over 30 years of system and software engineering experiences. Programs that he worked on varied from command and control system, air traffic management systems, secure communication protocols, satellite navigation system, computer based patient record system, shipboard communication network, multilevel secure system, information assurance, to architecting of these systems. He coordinated the information assurance activities and launched the information security technology interest group for Raytheon.

As the information assurance technology domain covers people, technology, and process across multiple disciplines in hardware, software, systems, training, accreditation, and risk management, it is a natural transition for Kenneth to apply this knowledge to the architecture realm. He led the systems engineering technology strategy and research directions for Raytheon. He applied various architecture frameworks in developing architecture products and led large complex systems development. He was a Certified Master IT Architect from the Open Group.

Kenneth enjoyed teaching and mentoring. He has taught college courses since 1974. He has worked with many innovative engineers and students. Unexpected solutions often came from the collision of minds.

Kenneth received PhD, MS, and Bachelor degrees from UCLA School of Engineering.

To protect our information systems, we must provide both mechanisms and the assurance that these mechanisms work properly. This course is to teach the theory and practice behind the security risk management, trusted systems architecture, trusted design, secure implementation, verification, and maintenance of trust throughout the life cycle of a system.


  • Applied System Engineering
  • Students should have a BS degree in engineering or science, and should have 1 – 2 years work
    experience in system design and implementation.

Course Outline

  • Trusted Systems Engineering Architecture and Methodology Overview (4 hours)
    • Security Planning and management (4 hours)
  • Security Policy (2 hours)
    • Access control policy
    • Identity management policy
    • Audit control policy
  • Security Risk Analysis (6 hours)
    • Threats
    • Impact analysis
    • Risk management
  • Security Policy Model (6 hours)
    • Reference Monitor
    • Formal Modeling
    • Informal Modeling
    • System specification verification
    • Comparison to Integrity Model
  • Information Security Architecture (7 hours)
    • Information Assurance Reference Architecture
      • Industry best practices
    • Principles of security architecture
      • Defense in depth
      • Defense in breadth
    • Architecture artifacts
    • Architecture validation
    • Security Testing
    • Penetration Testing
  • Security Design (6 hours)
    • Mapping to protection and enforcement mechanisms
    • System Assurance
  • Secure Operation and Maintenance (2 hours)
    • Security management
  • System Evaluation (2 hours)
    • International Standards – Common Criteria