Software Security
2023/2024
Content, progress and pedagogy of the module
OBJECTIVES
- To familiarise the student with current best-practices and state-of-the-art in tools, techniques, and processes for secure software development.
- To enable the student to perform a wide spectrum of security activities required for secure software development.
Learning objectives
Knowledge
Must have knowledge about:
- Relevant security goals for secure software development, including the “CIA triad”: confidentiality, integrity, and availability
- Terminology and general concepts concerning software security
- To know and be able to explain common use cases and pitfalls for key software security tools, techniques, and theories, as well as discuss inherent advantages vs. disadvantages in such use cases.
- Typical and commonly occurring software security bugs and vulnerabilities
- Common classes of programming language features that are difficult to use securely
- Evaluation and assessment of potential security vulnerabilities
Skills
Must have the skills to:
- conduct basic threat assessment for a small software project and based on this, propose relevant security goals
- evaluate and select relevant countermeasures against identified threats for a small software project
- plan and conduct an assessment of security aspects for a small software project, including review of architecture and code
- evaluate and select relevant security mechanisms against commonly known attack forms
- use commonly known security information sources to learn about new threats, types of threats, and concomitant countermeasures
Competences
Must have the competences to:
- assess, evaluate, and propose new tools, methods, and processes for developing small software projects securely
- understand new types of threats against software security and assess potential consequences and proposed countermeasures for existing projects.
- understand and assess the effectiveness of new tools and techniques for secure software development.
Type of instruction
Types of instruction are listed at the start of §17; Structure and contents of the programme.
Exam
Exams
| Name of exam | Software Security |
| Type of exam | Written or oral exam |
| ECTS | 5 |
| Assessment | 7-point grading scale |
| Type of grading | Internal examination |
| Criteria of assessment | The criteria of assessment are stated in the Examination Policies and Procedures |
Facts about the module
| Danish title | Software-sikkerhed |
| Module code | ESNCYSK2K6 |
| Module type | Course |
| Duration | 1 semester |
| Semester | Spring
|
| ECTS | 5 |
| Language of instruction | English |
| Empty-place Scheme | Yes |
| Location of the lecture | Campus Copenhagen |
| Responsible for the module |
Organisation
| Education owner | Master of Science (MSc) in Engineering (Cyber Security) |
| Study Board | Study Board of Computer Science |
| Department | Department of Computer Science |
| Faculty | The Technical Faculty of IT and Design |
