Description

3 credit/unit hours – Three hours of lecture weekly; one term

This course covers security vulnerabilities of programming in weakly typed languages like C and in more modern languages like Java. Common weaknesses exploited by attackers are discussed, as well as mitigation strategies to prevent those weaknesses. Students practice programming and analysis of software systems through testing and static analysis.

Updated: March 23, 2024

Learning Objectives

Upon completion of this course the student will be able to:

  • Differentiate between types of security vulnerabilities;
  • Describe various exploits and risks in software;
  • Use security assurance techniques in code to mitigate vulnerabilities;
  • Test and analyze software to provide security assurance; and
  • Demonstrate appropriate and ethical behavior and good work habits.

Main Topics

1.0 Overview of security vulnerabilities and risks in software
2.0 Data Protection
3.0 Input validation and user authentication
4.0 Memory Management
5.0 Integer overflow and misuse of strings and pointers
6.0 Communication Vulnerabilities
7.0 Unit Testing for Security Vulnerabilities
8.0 Code Review
9.0 Vulnerabilities in Modern Languages
10.0 Standard Risk Mitigation Strategies and Resources