Secure Software Development

2022/2023

Content, progress and pedagogy of the module

Objectives

  • To familiarise the student with current best-practices and state-of-the-art in tools, techniques, and processes for secure software development
  • To enable the student to perform a wide spectrum of security activities required for secure software development.

Learning objectives

Knowledge

Must have knowledge about:

  • Relevant security goals for secure software development, including the "CIA triad": confidentiality, integrity, and availability
  • Typical and commonly occurring software security bugs and vulnerabilities
  • Theories, techniques, and tools for secure software development, including static analysis tools
  • Evaluation and assessment of potential security vulnerabilities

Skills

Must have the skills to:

  • Conduct basic threat -assessment for a small software project and based on this, propose relevant security goals
  • Plan and conduct an assessment of security aspects for a small software project, including review of architecture and codem evaluate the implementation process and tools used
  • Evaluate and implement security mechanisms against commonly known attack forms
  • Use commonly known security information sources to learn about new threats, types of threats, and concomitant countermeasures

Competences

Must have the competences to:

  • Assess and evaluate security relevance of different tools, methods, and processes used for developing small software project; in particular, be able to assess the security consequences of a given software development process as well as integrating relevant security best-practices in an existing process
  • Understand new types of threats against software security and assess potential consequences and proposed countermeasures for existing projects.
  • Understand and assess the effectiveness of new tools and techniques for secure software development

Type of instruction

Types of instruction are listed at the start of ยง17; Structure and contents of the programme

Exam

Exams

Name of examSecure Software Development
Type of exam
Written or oral exam
ECTS5
Assessment7-point grading scale
Type of gradingInternal examination
Criteria of assessmentThe criteria of assessment are stated in the Examination Policies and Procedures

Facts about the module

Danish titleSikker softwareudvikling
Module codeESNCYSK1K3
Module typeCourse
Duration1 semester
SemesterAutumn
ECTS5
Language of instructionEnglish
Empty-place SchemeYes
Location of the lectureCampus Copenhagen
Responsible for the module

Organisation

Study BoardStudy Board of Electronics and IT
DepartmentDepartment of Electronic Systems
FacultyTechnical Faculty of IT and Design