Advanced Software Security

2023/2024

Content, progress and pedagogy of the module

OBJECTIVES

  • To familiarise the student with state-of-the-art research within select areas of software security, e.g., language-based security, secure information flow, secure programming languages, verified programming.
  • To enable the student to assess and evaluate proposed or novel tools and techniques for software security.
  • To familiarise the student with the theoretical foundations underlying key areas of software security, e.g., access control models, fuzzing, static analysis, symbolic execution, model checking etc.

Learning objectives

Knowledge

Must have knowledge about:

  • the theoretical foundations for one or more of the studied tools and techniques, in particular static analysis, model checking, and fuzzing.
  • and be able to explain the limitations of the studied theories, tools, and techniques.
  • and be able to explain key points about the studied foundational theories, e.g., access control models or secure information flow.

Skills

Must be able to:

  • deploy and use one or more software security tools or techniques for security analysis of a small software project.
  • evaluate potential (security related) benefits or drawbacks of using the studied tools and theories on a small software project.
  • identify the best tool or technique to solve specific software security problems.

Competences

Must have the competences to:

  • assess and evaluate security relevance of different tools, methods, and processes used for developing small software projects.
  • evaluate and propose or adapt existing techniques to perform specific security related analyses of software, e.g., extending an analysis method to cover new progamming languages or new language features.
  • identify and research novel theories, tools, and techniques for software security.
  • communicate/teach core insights about novel and state-of-the-art research in software security.

Type of instruction

Types of instruction are listed at the start of ยง17; Structure and contents of the programme.

Exam

Exams

Name of examAdvanced Software Security
Type of exam
Written or oral exam
ECTS5
Assessment7-point grading scale
Type of gradingInternal examination
Criteria of assessmentThe criteria of assessment are stated in the Examination Policies and Procedures

Facts about the module

Danish titleAvanceret software-sikkerhed
Module codeESNCYSK3K8
Module typeCourse
Duration1 semester
SemesterAutumn
ECTS5
Language of instructionEnglish
Empty-place SchemeYes
Location of the lectureCampus Copenhagen
Responsible for the module

Organisation

Study BoardStudy Board of Computer Science
DepartmentDepartment of Computer Science
FacultyThe Technical Faculty of IT and Design