| TDDC90 |
Software Security, 6 ECTS credits.
/Software Security/
For:
CS
D
DAV
I
Ii
IT
|
| |
Prel. scheduled
hours: 34
Rec. self-study hours: 126
|
| |
Area of Education: Technology
Main field of studies: Computer Science, Computer Engineering, Information Technology
|
| |
Advancement level
(G1, G2, A): A
|
|
Aim:
Students taking this course will learn about the issues underlying software security, and develop the skills needed to build secure software. The course covers methods, tools, and best practices for building secure software. Students completing this course should be able to:
- identify and analyze security problems in software;
- formulate security requirements for software;
- devise, evaluate, and explain solutions to software security;
- critically evaluate the effectiveness of methods, state-of-art tools, and best practices, for detecting and preventing vulnerabilities; and
- design and write secure software.
|
|
Prerequisites: (valid for students admitted to programmes within which the course is offered)
Basic course in security. Students are expected to have knowledge of operating systems, programming languages, and software engineering. Students should be able to develop, test and debug software in a Unix or Linux environments. Some experience with C-programming as well as basic knowledge of web application development are recommended.
Note: Admission requirements for non-programme students usually also include admission requirements for the programme and threshhold requirements for progression within the programme, or corresponding.
|
|
Organisation:
The course consists of lectures and laboratory work.
|
|
Course contents:
The course covers:
- vulnerability discovery and analysis, and supporting tools;
- analysis of infamous vulnerabilities and their exploits;
- attack and vulnerability modeling;
- security requirements analysis and design for security;
- principles for secure programming;
- static and dynamic intrusion prevention mechanisms;
- security testing and evaluation; and
- systematic approaches to building secure software.
Vulnerabilities, attacks, and principles for secure programming are studied with an emphasis on programs written in C/C++ and web applications.
|
|
Course literature:
Articles (see the course home page).
|
|
Examination: |
|
Written examination
Laboratory work and written assignments
|
3 ECTS
3 ECTS
|
| |
|
|
Course language is English.
Department offering the course: IDA.
Director of Studies: Patrick Lambrix
Examiner: Nahid Shahmehri
Link to the course homepage at the department
Course Syllabus in Swedish
|