Software Security, 6 credits

Software Security, 6 hp

TDDC90

Main field of study

Information Technology Computer Science and Engineering Computer Science

Course level

Second cycle

Course type

Programme course

Examiner

Nahid Shahmehri

Director of studies or equivalent

Patrick Lambrix

Education components

Preliminary scheduled hours: 40 h
Recommended self-study hours: 120 h

Available for exchange students

Yes
ECV = Elective / Compulsory / Voluntary
Course offered for Semester Period Timetable module Language Campus ECV
6CDDD Computer Science and Engineering, M Sc in Engineering 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CDDD Computer Science and Engineering, M Sc in Engineering (Computer Systems Architecture) 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CDDD Computer Science and Engineering, M Sc in Engineering (International Software Engineering) 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CDDD Computer Science and Engineering, M Sc in Engineering (Programming and Algorithms) 7 (Autumn 2019) 2 1 English Linköping, Valla E
6CDDD Computer Science and Engineering, M Sc in Engineering (Secure Systems) 7 (Autumn 2019) 2 1 English Linköping, Valla C
6CDDD Computer Science and Engineering, M Sc in Engineering (Secure Systems) 9 (Autumn 2019) 2 1 English Linköping, Valla C
6CMJU Computer Science and Software Engineering, M Sc in Engineering 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CMJU Computer Science and Software Engineering, M Sc in Engineering (International Software Engineering) 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CMJU Computer Science and Software Engineering, M Sc in Engineering (Programming and Algorithms Specialization) 7 (Autumn 2019) 2 1 English Linköping, Valla E
6CMJU Computer Science and Software Engineering, M Sc in Engineering (Secure Systems) 7 (Autumn 2019) 2 1 English Linköping, Valla C
6CMJU Computer Science and Software Engineering, M Sc in Engineering (Secure Systems) 9 (Autumn 2019) 2 1 English Linköping, Valla C
6MDAV Computer Science, Master's Programme 3 (Autumn 2019) 2 1 English Linköping, Valla E
6MICS Computer Science, Master's Programme 3 (Autumn 2019) 2 1 English Linköping, Valla E
6MICS Computer Science, Master's Programme (Computer Networks, Distributed Systems and Security) 3 (Autumn 2019) 2 1 English Linköping, Valla E
6MICS Computer Science, Master's Programme (Programming and Software Methods) 3 (Autumn 2019) 2 1 English Linköping, Valla E
6CIEI Industrial Engineering and Management - International, M Sc in Engineering - Chinese 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CIEI Industrial Engineering and Management - International, M Sc in Engineering - French 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CIEI Industrial Engineering and Management - International, M Sc in Engineering - German 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CIEI Industrial Engineering and Management - International, M Sc in Engineering - Japanese 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CIEI Industrial Engineering and Management - International, M Sc in Engineering - Spanish 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CIII Industrial Engineering and Management, M Sc in Engineering 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CITE Information Technology, M Sc in Engineering 7 (Autumn 2019) 2 1 English Linköping, Valla E
6CITE Information Technology, M Sc in Engineering (Computer Systems Architecture) 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CITE Information Technology, M Sc in Engineering (International Software Engineering) 9 (Autumn 2019) 2 1 English Linköping, Valla E
6CITE Information Technology, M Sc in Engineering (Programming and Algorithms Specialization) 7 (Autumn 2019) 2 1 English Linköping, Valla E
6CITE Information Technology, M Sc in Engineering (Secure Systems) 7 (Autumn 2019) 2 1 English Linköping, Valla C
6CITE Information Technology, M Sc in Engineering (Secure Systems) 9 (Autumn 2019) 2 1 English Linköping, Valla C

Main field of study

Information Technology, Computer Science and Engineering, Computer Science

Course level

Second cycle

Advancement level

A1X

Course offered for

  • Master's Programme in Computer Science
  • Computer Science and Engineering, M Sc in Engineering
  • Information Technology, M Sc in Engineering
  • Computer Science and Software Engineering, M Sc in Engineering
  • Industrial Engineering and Management - International, M Sc in Engineering
  • Industrial Engineering and Management, M Sc in Engineering

Entry requirements

Note: Admission requirements for non-programme students usually also include admission requirements for the programme and threshold requirements for progression within the programme, or corresponding.

Prerequisites

Basic course in security. Students are expected to have knowledge of operating systems, programming languages, and software engineering. Students should be able to develop, test and debug software in Unix or Linux environments. Some experience with C-programming as well as basic knowledge of web application development are recommended.

Intended learning outcomes

Students taking this course will learn about the issues underlying software security, and develop the skills needed to build secure software. The course covers methods, tools, and best practices for building secure software. Students completing this course should be able to:

  • identify and analyze security problems in software;
  • formulate security requirements for software;
  • devise, evaluate, and explain solutions to software security;
  • critically evaluate the effectiveness of methods, state-of-art tools, and best practices, for detecting and preventing vulnerabilities; and
  • design and write secure software.

Course content

The course covers:

  • vulnerability discovery and analysis, and supporting tools;
  • analysis of infamous vulnerabilities and their exploits;
  • attack and vulnerability modeling;
  • security requirements analysis and design for security;
  • principles for secure programming;
  • static and dynamic intrusion prevention mechanisms;
  • security testing and evaluation; and
  • systematic approaches to building secure software.
Vulnerabilities, attacks, and principles for secure programming are studied with an emphasis on programs written in C/C++ and web applications.

Teaching and working methods

The course consists of lectures and laboratory work.

Examination

UPG1Laboratory work and assignments3 creditsU, G
TEN1Written examination3 creditsU, 3, 4, 5

Grades

Four-grade scale, LiU, U, 3, 4, 5

Department

Institutionen för datavetenskap

Director of Studies or equivalent

Patrick Lambrix

Examiner

Nahid Shahmehri

Course website and other links

http://www.ida.liu.se/~TDDC90/index.en.shtml

Education components

Preliminary scheduled hours: 40 h
Recommended self-study hours: 120 h

Course literature

Other

  • Articles (see the course home page).

Code Name Scope Grading scale
UPG1 Laboratory work and assignments 3 credits U, G
TEN1 Written examination 3 credits U, 3, 4, 5

Regulations (apply to LiU in its entirety)

The university is a government agency whose operations are regulated by legislation and ordinances, which include the Higher Education Act and the Higher Education Ordinance. In addition to legislation and ordinances, operations are subject to several policy documents. The Linköping University rule book collects currently valid decisions of a regulatory nature taken by the university board, the vice-chancellor and faculty/department boards.

LiU’s rule book for education at first-cycle and second-cycle levels is available at http://styrdokument.liu.se/Regelsamling/Innehall/Utbildning_pa_grund-_och_avancerad_niva. 

Other

Articles (see the course home page).

Note: The course matrix might contain more information in Swedish.

I = Introduce, U = Teach, A = Utilize
I U A Modules Comment
1. DISCIPLINARY KNOWLEDGE AND REASONING
1.1 Knowledge of underlying mathematics and science (G1X level)

                            
1.2 Fundamental engineering knowledge (G1X level)
X

                            
1.3 Further knowledge, methods, and tools in one or several subjects in engineering or natural science (G2X level)
X
X
X

                            
1.4 Advanced knowledge, methods, and tools in one or several subjects in engineering or natural sciences (A1X level)

                            
1.5 Insight into current research and development work

                            
2. PERSONAL AND PROFESSIONAL SKILLS AND ATTRIBUTES
2.1 Analytical reasoning and problem solving
X
X

                            
2.2 Experimentation, investigation, and knowledge discovery
X

                            
2.3 System thinking

                            
2.4 Attitudes, thought, and learning
X

                            
2.5 Ethics, equity, and other responsibilities

                            
3. INTERPERSONAL SKILLS: TEAMWORK AND COMMUNICATION
3.1 Teamwork
X
UPG1

                            
3.2 Communications
X
UPG1

                            
3.3 Communication in foreign languages
X
UPG1
English
4. CONCEIVING, DESIGNING, IMPLEMENTING AND OPERATING SYSTEMS IN THE ENTERPRISE, SOCIETAL AND ENVIRONMENTAL CONTEXT
4.1 External, societal, and environmental context

                            
4.2 Enterprise and business context

                            
4.3 Conceiving, system engineering and management
X

                            
4.4 Designing
X
X

                            
4.5 Implementing
X
X

                            
4.6 Operating

                            
5. PLANNING, EXECUTION AND PRESENTATION OF RESEARCH DEVELOPMENT PROJECTS WITH RESPECT TO SCIENTIFIC AND SOCIETAL NEEDS AND REQUIREMENTS
5.1 Societal conditions, including economic, social, and ecological aspects of sustainable development for knowledge development

                            
5.2 Economic conditions for knowledge development

                            
5.3 Identification of needs, structuring and planning of research or development projects

                            
5.4 Execution of research or development projects

                            
5.5 Presentation and evaluation of research or development projects

                            

This tab contains public material from the course room in Lisam. The information published here is not legally binding, such material can be found under the other tabs on this page.

There are no files available for this course.