Design and Development of Secure Software
1
2017-2018
02033275
Informatics Security
Portuguese
English
Face-to-face
SEMESTRIAL
6.0
Compulsory
2nd Cycle Studies - Mestrado
Recommended Prerequisites
BSc in Informatics Engineering or equivalent
Teaching Methods
Lecture classes (T): presentation and discussion around the topics of the course.
Lab classes (PL): application of theoretical concepts in projects.
The MSI theoretical classes will take place, preferably, Friday afternoon and Saturday morning. Theoretical classes will also be broadcast by teleconference and will be recorded to allow the students to follow the classes remotely.
The practical classes will be preferably booked Friday morning. The practical assignments may also be developed by the students in remote and asynchronous mode with remote support of teachers.
Work Placement(s)
NoSyllabus
- Security Concepts: Vulnerabilities, Threats, and Attacks
- Software Security Foundations
- Requirements Engineering for Secure Software
- Secure Software Architecture and Design
- Secure Programming
- Vulnerability Detection and Security Testing
- Software Security from an Organization Perspective
- Security evaluation fundaments: Metrics, Measurements, Benchmarking, and Risk Analysis
Head Lecturer(s)
Marco Paulo Amorim Vieira
Assessment Methods
Assessment
Project: 50.0%
Exam: 50.0%
Bibliography
- C. J. Berg, C. Berg, and P. G. Neumann, High-Assurance Design: Architecting Secure and Reliable Enterprise Applications, Addison-Wesley Professional, 2005.
- M. Schumacher et al , Security Patterns: Integrating Security and Systems Engineering, Wiley, 2006.
- G. McGraw, Software Security: Building Security In. Addison-Wesley Professional, 2006.
- J. H. Allen et al, Software Security Engineering: A Guide for Project Managers, Addison-Wesley Professional, 2008.
- M. Howard and S. Lipner, The security development lifecycle. O’Reilly Media, Incorporated, 2009.
- K. R. van Wyk et al, Enterprise Software Security: A Confluence of Disciplines, Addison-Wesley Professional, 2014.
- J. Viega and G. McGraw, Building secure software: how to avoid security problems the right way. Addison-Wesley, 2001.
- M. Howard and D. E. Leblanc, Writing Secure Code, 2nd ed., Microsoft Press, 2002.
- G. Hoglund and G. McGraw, Exploiting Software: How To Break Code. Pearson Education, 2004.
- M. Howard, D. LeBlanc, and J. Viega, 19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them, McGraw-Hill Osborne Media, 2005.