Teaching Responsibility

LJMU Schools involved in Delivery:

LJMU Partner Taught

Learning Methods

Lecture
Practical

Module Offerings

5518CSQR-JAN-PAR

Aims

To familiarise students with common software security problems and vulnerabilities, and the methods, tools and techniques that can be used during software development to prevent them, including formal techniques. To provide students with an understanding of techniques that should be applied throughout the software development lifecycle in order to improve software security.

Learning Outcomes

1.
Analyse software security vulnerabilities and apply best-practice practical techniques to prevent them.
2.
Apply wide-ranging technical and conceptual security skills to the software development lifecycle.
3.
Use mitigation techniques to fix vulnerabilities that exist in complex software.
4.
Apply group-based development and testing principles to address a broad range of security issues.

Module Content

Outline Syllabus:Characteristics of large-scale software systems projects, team membership and activities. Common software vulnerabilities. Programming languages and security characteristics, decompilation and obfuscation. Integrating security into the software development lifecycle. Threat modelling. Formal techniques for vulnerability analysis. Testing, including practical experience of unit testing and fuzz testing. Networking vulnerabilities. Random number generation and cryptography. Secure deployment. General rules and guidelines; secure coding policies. Recent examples from computing are used throughout and practical exercises used to illustrate the applications of these concepts.
Additional Information:Students will undertake a group software engineering task involving the application of secure software development lifecycles to a software development task. As part of this task, students will be expected to undertake a variety of roles as seen in a secure software development teams (i.e., developer, software tester, vulnerability researcher, report & documentation author, etc). Students will be expected to complete a report that demonstrates an understanding of how software should be designed, implemented, and tested to reduce the risk of security vulnerabilities. Students will also be expected to discover and mitigate vulnerabilities in software provided to them as part of this activity.

Assessments

Presentation
Artefacts