course-details-portlet

IIKG2001

Software Security

Choose study year
Credits 7.5
Level Third-year courses, level III
Course start Autumn 2024
Duration 1 semester
Language of instruction English
Location Gjøvik
Examination arrangement School exam

About

About the course

Course content

  • Secure software development lifecycle
  • Low level and application related vulnerability analysis
  • Security requirement and secure design
  • Secure coding practices
  • Basic Security testing

Learning outcome

Knowledge

  • The students have basic knowledge on how software can be created and maintained with security in mind, i.e. deviation from expected functionality owing to interaction with an adversary.
  • They understand attack patterns, e.g. format string problems, command injection.
  • The students have an overview of existing techniques, classes of tools and the methods used in software development today.

Skills

  • Students can apply their knowledge to problem cases in an industrial or research setting.
  • They are able to identify potential threats and vulnerabilities early in a program's lifecycle and apply measures that prevent or reduce vulnerabilities in software.

General competence

  • The students succeed in presenting their analyses and approaches to other developers, superiors and customers.

Learning methods and activities

  • Lectures on campus
  • Laboratory work
  • Compulsory assignments
  • Home reading
  • Group work (encouraged, not mandatory)
  • Sustainability Lab
  • Quiz

Coursework requirements: All obligatory exercises must be approved.

Compulsory assignments

  • Compulsory assignments

Further on evaluation

Re-sit examination in August concerns only the written exam.

Obligatory assignments have to be passed, to allow sitting in the final written exam.

Course materials

Paul, M. (2013). Official (ISC) 2 Guide to the CSSLP. CRC Press.

Subject areas

  • Computer Science

Contact information

Course coordinator

Lecturers

Department with academic responsibility

Department of Information Security and Communication Technology