course-details-portlet

IIKG2001 - Software Security

About

Examination arrangement

Examination arrangement: School exam
Grade: Letter grades

Evaluation Weighting Duration Examination aids
School exam 100/100 2 hours E

Course content

  • Secure software development lifecycle
  • Low level and application related vulnerability analysis
  • Security requirement and secure design
  • Secure coding practices
  • Basic Security testing

Learning outcome

Knowledge

  • The students have basic knowledge on how software can be created and maintained with security in mind, i.e. deviation from expected functionality owing to interaction with an adversary.
  • They understand attack patterns, e.g. format string problems, command injection.
  • The students have an overview of existing techniques, classes of tools and the methods used in software development today.

Skills

  • Students can apply their knowledge to problem cases in an industrial or research setting.
  • They are able to identify potential threats and vulnerabilities early in a program's lifecycle and apply measures that prevent or reduce vulnerabilities in software.

General competence

  • The students succeed in presenting their analyses and approaches to other developers, superiors and customers.

Learning methods and activities

  • Lectures on campus
  • Laboratory work
  • Compulsory assignments
  • Home reading
  • Group work (encouraged, not mandatory)
  • Sustainability Lab
  • Quiz

Coursework requirements: All obligatory exercises must be approved.

Compulsory assignments

  • Compulsory assignments

Further on evaluation

Re-sit examination in August concerns only the written exam.

Obligatory assignments have to be passed, to allow sitting in the final written exam.

Course materials

Paul, M. (2013). Official (ISC) 2 Guide to the CSSLP. CRC Press.

More on the course

No

Facts

Version: 1
Credits:  7.5 SP
Study level: Third-year courses, level III

Coursework

Term no.: 1
Teaching semester:  AUTUMN 2024

Language of instruction: English

Location: Gjøvik

Subject area(s)
  • Computer Science
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of Information Security and Communication Technology