This module covers the security analysis as well as the secure development of software-based systems both on an architectural as well as a system level. The main goal of this module is to teach the foundations of secure software design, secure programming, and security testing.

The module requires a solid understanding of software development in general and, in particular, of at least one programming language (e.g., Java, JavaScript, Ruby, C#, F#, or C) and basic software development tools such as an IDE (e.g., Eclipse, VS Code), a revision system (e.g., git), or build systems (e.g., Maven, Gradle, npm, FAKE). Moreover, an understanding of database and Web applications is required. The labs require a basic command of Linux in general and the command line (shell) in particular.

• Assessment will be Exam and Coursework

• Blackboard
• Unconfirmed practical marks when available
• Exam Papers, past 2 years (where applicable)

This unit aims to:

• Provide students with the fundamental understanding of how secure software-based systems are developed and to provide first hand experience in the security analysis and the secure development of sotware-based systems.
• Provide the student with the fundamental understanding of the threat landscape of software-based systems;
• Provide the student with experience in detecting and assessing vulnerabilities and threats in the context of software-based systems;
• Provide the student with fundamental understanding of how secure software is developed;
• Provide experience in analysis and development approaches for secure system software.

By the end of the unit, a candidate will be able to:

• Understand and explain a Secure Software Development Lifecycle;
• Understand threat modelling and apply it to assess the security risk of software architectures;
• Understand the principles of secure software architectures and be able to compare weaknesses and strength wrt security and privacy of different architectures;
• Understand software vulnerabilities, and be able to explain their causes and to assess their impact for a specific system, their causes, and impact;
• Understand to develop secure software using defensive programming techniques and apply them to own development projects;
• Understand the principles of static and dynamic security testing and verification techniques and be able to assess which method to use for a given system, e.g., based on the threat assessment and development technologies.

Lectures will cover:

• (Web) Application Security
• Software Software Security
• Threat Modelling
• Secure Programming
• Security Testing
• Static code analysis

The lecture includes lab sessions that require an understanding of Linux systems and programming skills.

• The on-site parts of the module will be delivered as a combination of traditional lectures flipped classroom sessions, practical work. The lectures will be supported by exercise sheets and reference material to be studied by the students independently;
• The on-line part of the module will replace the traditional lectures by short video lessons and the flipped classroom style sessions by discussions in an online forum. Practical parts (labs) will be provided in such a form that students can either execute them on their own computers or they will be made easily accessible over the internet;
• The flipped classroom sessions will engage the students in discussing software security aspects both bases on the exercise sheets, taught materials, as well as reference material. This deepens the understanding of material discussed in the lecture and contributes to the business and management aspects.