Development of Secure Software (B-KUL-H04K5A)
Aims
- The students can define key security concepts
- The students can describe the most important types of software vulnerabilities
- The students can describe the most important types of software security techniques, and can reason about what techniques are useful in what circumstances
- The students can analyze the security of software systems, and can asses what security techniques would be applicable to the system
Previous knowledge
- Basic knowledge of system software and networks, including some knowledge of the programming language C
- Good knowledge of and practical experience with a modern programming language such as Java
Order of Enrolment
This course unit is a prerequisite for taking the following course units:
H05M8B : Capita Selecta Computer Science: Secure Software
Is included in these courses of study
- Master in de toegepaste informatica (Leuven) (Software-ontwikkeling en gedistribueerde systemen) 60 ects.
- Master in de ingenieurswetenschappen: computerwetenschappen (Leuven) (Hoofdoptie Software engineering) 120 ects.
- Master in de ingenieurswetenschappen: computerwetenschappen (Leuven) (Hoofdoptie Veilige software) 120 ects.
- Courses for Exchange Students Faculty of Engineering Science (Leuven)
- Master of Engineering: Computer Science (Leuven) (Option Secure Software) 120 ects.
- Master of Cybersecurity (Leuven) 60 ects.
Activities
3 ects. Development of Secure Software: Lecture (B-KUL-H04K5a)
Content
- Definition of key security concepts such as threat, countermeasure, risk, and illustration of these concepts in software systems.
- Study of threats and countermeasures for software systems in a number of important technological domains such as web application and low-level software in the programming language C.
- Techniques for authentication and access control, Lampson's system model for access control, classic access control models, and access control for untrusted code.
- An overview of security technologies built into infrastructural software systems.
- An overview of the role of security throughout the software development process.Where relevant, current research activities in the field are discussed.
*
See general course information
1 ects. Development of Secure Software: Laboratory Session (B-KUL-H04K6a)
Content
- Definition of key security concepts such as threat, countermeasure, risk, and illustration of these concepts in software systems.
- Study of threats and countermeasures for software systems in a number of important technological domains such as web application and low-level software in the programming language C.
- Techniques for authentication and access control, Lampson's system model for access control, classic access control models, and access control for untrusted code.
- An overview of security technologies built into infrastructural software systems.
- An overview of the role of security throughout the software development process.Where relevant, current research activities in the field are discussed.
Format: more information
A 30 hour project zooms in in more detail on one of the topics discussed in the lectures, and gives the students some hands-on experience. The topics zoomed in on vary over the years.
The project takes place in the same semester as the lectures. Timing depends on the topic but the 30 hours of load are spread over at least 3 to 4 weeks.
Evaluation
Evaluation: Development of Secure Software (B-KUL-H24K5a)
Explanation
The written examination consists of theory questions as well as exercises and covers all the contents of the course.
The project has a weight of 25% in the evaluation of this course, and is evaluated both continuously during the semester, as well as on the examination.