Course content

• Secure software development lifecycle
• Low level and application related vulnerability analysis
• Security requirement and secure design
• Secure coding practices
• Basic Security testing

Learning outcome

Knowledge

• The students have basic knowledge on how software can be created and maintained with security in mind, i.e. deviation from expected functionality owing to interaction with an adversary.
• They understand attack patterns, e.g. format string problems, command injection.
• The students have an overview of existing techniques, classes of tools and the methods used in software development today.

Skills

• Students can apply their knowledge to problem cases in an industrial or research setting.
• They are able to identify potential threats and vulnerabilities early in a program's lifecycle and apply measures that prevent or reduce vulnerabilities in software.

General competence

• The students succeed in presenting their analyses and approaches to other developers, superiors and customers.

Learning methods and activities

• Lectures on campus
• Laboratory work
• Compulsory assignments
• Home reading
• Group work (encouraged, not mandatory)
• Sustainability Lab
• Quiz

Coursework requirements: All obligatory exercises must be approved.

Compulsory assignments

• Compulsory assignments

Specific conditions

Recommended previous knowledge

• PROG1003
• IDATG2102
• IDATG2202

Course materials

Paul, M. (2013). Official (ISC) 2 Guide to the CSSLP. CRC Press.