• Coursework (team project and individual test report) and formal examination

• Blackboard
• Unconfirmed practical marks when available
• Exam Papers, past 2 years (where applicable)

This unit aims to:

• Develop customer-oriented interaction, and software analysis and design skills to create robust software systems for target customers;
• Promote an awareness of common cyber threats and the security policies and design strategies that reduce risk;
• Develop group-working skills and technical software development skills in building a software system with a layered architecture.

By the end of the module the student will be able to:

• Justify the application of suitable customer interaction, risk management and development strategies for different kinds of software system.
• Create structured designs capturing the data, process and time views of a software system that accurately model the semantics of the requirements.
• Apply design patterns to maximise cohesion and minimise coupling within an object-oriented software system.
• Mitigate privilege escalation and injection attacks through suitable methods for authorisation, authentication, data integrity, and confidentiality.
• Understand relational algebra and apply the Boyce-Codd-Fagin normal forms, and the entity-relationship approach for normalising databases.
• Work cooperatively in a team to analyse realistic business requirements of a target customer and deliver a software system.
• Design, build and test a secure information system with a three-layer architecture, integrating a user interface, business logic and a SQL database.

• Software Engineering – problems, solutions, lifecycles; how to pick an approach
• Information Security – vulnerabilities, threats, countermeasures, policies, legal obligations
• Project Management – people, product, process; developer-client psychology, conceptual bias
• Requirements Modelling – UML Use Case Diagram; requirements gathering techniques
• Requirements Case Study – interactive role-playing adventure-game exercise for customer/developer pairs
• Information Modelling – building a data dictionary, UML Class Diagram; atomicity/dependency, semantic relation
• Database Design – entity relationship modelling, data normalisation to 3NF/4NF, traditional vs ERM approach
• Query Processing – from Relational Algebra to SQL; query optimisation
• Java and Databases – Java Database Connectivity API, MySQL server, SQL injection, data validation
• Security and Robustness – authentication, authorisation, confidentiality, integrity, non-repudiation; distribution, penetration, concurrency
• Encryption – digital fingerprints and certificates, symmetric key, public/private key, Java security API
• Control/Data Flow Modelling – UML Activity Diagram; sequence, selection, iteration, composition; swim lanes, object flow
• State-Based Modelling – UML State Machine Diagram; reactive systems, behaviour vs protocol models
• Design Patterns – Command, State, Mediator, Template Method, Chain of Responsibility, Composite, Abstract Factory, Bridge
• User Interface Design – State machines applied to screen modes and transitions, Java Swing composite design patterns
• Architectural Design – UML deployment and package diagrams; layered, pipelined and transform-centre architectures
• Formal Systems Design – UML Object Constraint Language, adding first-order logic to UML diagrams
• Verification and Testing – formal and informal methods to ensure correctness, test coverage
• Agile Methods – DSDM, Scrum, eXtreme Programming; putting agile principles to work
  

• Lecture classes convey basic concepts (Objectives 1-4).
• Interactive sessions develop interviewing, analysis and design skills (Objectives 1-4).
• Team project develops group working and systems development skills (Objectives 5-6)