Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Programming

CSCE 548 Building Secure Software

advertisement 
University of South Carolina
Department of Computer Science and Engineering
CSCE 548 Building Secure Software
Spring 2012
Monday, Wednesday 5:30 – 6:45 pm
Swearingen 1A20
Instructor:
Office:
Office Hours:
Csilla Farkas
Swearingen 3A43
Mondays, Wednesdays 3:30 – 5:00 pm or electronically any time or by
appointment
Telephone:
576-5762
E-mail:
farkas@cec.sc.edu
Class homepage: http://www.cse.sc.edu/~farkas/csce548-2012/csce548.htm
Prerequisites: senior standing
Course Description: The objectives of this course are to expose students to techniques and
practices related to secure software development and integration. The focus is practical with
discussions on why and how mechanisms ensure security, what level of security is provided, and
how hostile adversaries might violate the mechanisms. Programming flaws, methods to avoid and
correct flaws, and economic cost of software bugs are also addressed.
Text Books
1. Software Security: Building Security In by Gary McGraw, Publisher: Addison-Wesley
Professional, February 2, 2006, ISBN-10: 0321356705 ISBN-13: 978-0321356703
2. 24 Deadly Sins of Software Security by Michael Howard, David LeBlanc, John Viega,
Publisher: McGraw-Hill Osborne Media
3.
Assignments
 Research project: There will be one research project related to software security. Final
project reports must be submitted at the end of the semester. Further project
requirements will be distributed at a later time.
 Homework: There will be 4-5 homework assignments during the semester. There will be
a late submission penalty of 4%/day after the due date. (You can always turn it in early.)
 Class Presentation: Each group will cover a particular code-level security vulnerability
(topics to be distributed later)
 Exams: two closed book exams will cover the course material.
Grading
Students enrolled for graduate credit will be given additional assignments.
Test 1: 15%, Test 2: 30%, Homework: 15%, Presentation: 10%, Research project: 30%
Total score that can be achieved: 100
Final grade: 90 < A ; 87<B+<= 90 ; 80<B<=87 ; 76<C+<=80 ; 66<C<=76 ; 61<D+<=66
; 50 <D<= 61
COURSE POLICIES
All students are responsible for reading and following the official Academic Responsibility of the
University of South Carolina, as well as the policies of the university and department
regarding usage of the computing resources
TENTATIVE SCHEDULE:
Week
Week
Week
Week
1
2
3
4
Software Engineering and Security
Risk Management
Use Cases and Misuse Cases
Software Reliability
Week 5
Seven Touchpoints for Software Security
Week 6
Code Review; Architectural Risk Analysis
TEST 1
Week 7
Penetration Testing, Risk-Based Security Testing
Week 8
Abuse Cases; Security Requirements
Week 9
Security Analysis; Taxonomy of Coding Errors
Week 10
Programming Flaws; Malicious Code
Week 11 Week 13
Programming Flaws; Language-Based Vulnerabilities
Week 14 Week 15
Student Presentations
FINAL EXAM: APRIL 25 – 5:30 – 7:30 P.M.
Related documents
Academic Lab - Expectations for Teachers
Academic Lab - Expectations for Teachers
Love, essay
Love, essay
Textbook Readability Checklist
Textbook Readability Checklist
Collaboration Assignments French I
Collaboration Assignments French I
University of North Carolina Wilmington Department of Music Honors Recital Adjudication Form
University of North Carolina Wilmington Department of Music Honors Recital Adjudication Form
Oedipus the King
Oedipus the King
Orientation: Computer lab protocol as per the LCJVS guidelines
Orientation: Computer lab protocol as per the LCJVS guidelines
Individual Pronunciation Assignments
Individual Pronunciation Assignments
classroom rules & regulations - Bellwood Antis School District
classroom rules & regulations - Bellwood Antis School District
Book Review Careers In Action
Book Review Careers In Action
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz
backtoschoolPresentation2
backtoschoolPresentation2
7th Grade Health Syllabus
7th Grade Health Syllabus
1651142690553
1651142690553
EXHIBIT W
EXHIBIT W
Introduction to the Practice of Statistics
Introduction to the Practice of Statistics
STAT 496, Spring 2015
STAT 496, Spring 2015
STAT 496, Spring 2013
STAT 496, Spring 2013
Lecture 7
Lecture 7
chapter2
chapter2
Summary of TCP/IP layers security
Summary of TCP/IP layers security
review
review
Download
advertisement