course-details-portlet

IIKG2001

Software Security

Choose study year

New from the academic year 2021/2022

Credits 7.5
Level Third-year courses, level III
Course start Autumn 2021
Duration 1 semester
Language of instruction English
Location Gjøvik
Examination arrangement Aggregate score

About

About the course

Course content

  • Secure software development lifecycle
  • Low level and application related vulnerability analysis
  • Security requirement and secure design
  • Secure coding practices
  • Basic Security testing

Learning outcome

Knowledge

  • The students have basic knowledge on how software can be created and maintained with security in mind, i.e. deviation from expected functionality owing to interaction with an adversary. 
  • They understand attack patterns, e.g. format string  problems, command injection.
  • The students have an overview of existing techniques, classes of tools and the methods used in software development today.

Skills

  • Students can apply their knowledge to problem cases in an industrial or research setting. 
  • They are able to identify potential threats and vulnerabilities early in a program's lifecycle and apply measures that prevent or reduce vulnerabilities in software.

General competence

  • The students succeed in presenting their analyses and approaches to other developers, superiors and customers.

Learning methods and activities

  • Lectures
  • Laboratory exercises
  • Compulsory assignments -
  • Home reading
  • Group work (encouraged, not mandatory)
  • Quiz

Coursework requirements: All obligatory exercises must be approved.

Compulsory assignments

  • Obligatory Excersises

Further on evaluation

Re-sit examination in August concerns only the written exam.

A final written exam will count 40% of the mark.

A portfolio of smaller marked tasks will count 60% of the final mark. The precise tasks are defined during the course. These will be related to the lab work.

Obligatory assignments have to be passed, to allow sitting in the final written exam.

Specific conditions

Admission to a programme of study is required:
Computer Science (BIDATA)
Digital Infrastructure and Cyber Security (BDIGSEC)
Programming (BPROG)

Course materials

Paul, M. (2013). Official (ISC) 2 Guide to the CSSLP. CRC Press.

Subject areas

  • Computer Science

Contact information

Course coordinator

Department with academic responsibility

Department of Information Security and Communication Technology

Examination

Examination

Examination arrangement: Aggregate score
Grade: Letter grades

Ordinary examination - Autumn 2021

School exam
Weighting 40/100 Examination aids Code E Date 2021-12-09 Time 09:00 Duration 3 hours Exam system Inspera Assessment
Place and room for school exam

The specified room can be changed and the final location will be ready no later than 3 days before the exam. You can find your room location on Studentweb.

Mustad, Inngang D
Room M438 Eksamensrom 4.etg, Inngang D
75 candidates
Portfolio
Weighting 60/100 Date Submission 2021-12-15 Time Submission 08:00

All about examinations at NTNU