Software Security, 6 credits

Software Security, 6 hp

TDDC90

Main field of study

Information Technology Computer Science and Engineering Computer Science

Course level

Second cycle

Course type

Programme course

Examiner

Ulf Kargén

Director of studies or equivalent

Patrick Lambrix

Education components

Preliminary scheduled hours: 42 h
Recommended self-study hours: 118 h

Available for exchange students

Yes
Course offered for Semester Period Timetable module Language Campus ECV
6CDDD Computer Science and Engineering, Master of Science in Engineering 9 (Autumn 2022) 2 1 English Linköping E
6CDDD Computer Science and Engineering, Master of Science in Engineering (Computer Systems Architecture) 9 (Autumn 2022) 2 1 English Linköping E
6CDDD Computer Science and Engineering, Master of Science in Engineering (International Software Engineering) 9 (Autumn 2022) 2 1 English Linköping E
6CDDD Computer Science and Engineering, Master of Science in Engineering (Secure Systems) 7 (Autumn 2022) 2 1 English Linköping C
6CDDD Computer Science and Engineering, Master of Science in Engineering (Secure Systems) 9 (Autumn 2022) 2 1 English Linköping C
6CMJU Computer Science and Software Engineering, Master of Science in Engineering 9 (Autumn 2022) 2 1 English Linköping E
6CMJU Computer Science and Software Engineering, Master of Science in Engineering (International Software Engineering) 9 (Autumn 2022) 2 1 English Linköping E
6CMJU Computer Science and Software Engineering, Master of Science in Engineering (Secure Systems) 7 (Autumn 2022) 2 1 English Linköping C
6CMJU Computer Science and Software Engineering, Master of Science in Engineering (Secure Systems) 9 (Autumn 2022) 2 1 English Linköping C
6MICS Computer Science, Master's Programme 3 (Autumn 2022) 2 1 English Linköping E
6MICS Computer Science, Master's Programme (Computer Networks, Distributed Systemas and Security) 3 (Autumn 2022) 2 1 English Linköping E
6MICS Computer Science, Master's Programme (Programming and Software Methods) 3 (Autumn 2022) 2 1 English Linköping E
6CIEI Industrial Engineering and Management - International, Master of Science in Engineering, Chinese 9 (Autumn 2022) 2 1 English Linköping E
6CIEI Industrial Engineering and Management - International, Master of Science in Engineering, French 9 (Autumn 2022) 2 1 English Linköping E
6CIEI Industrial Engineering and Management - International, Master of Science in Engineering, German 9 (Autumn 2022) 2 1 English Linköping E
6CIEI Industrial Engineering and Management - International, Master of Science in Engineering, Japanese 9 (Autumn 2022) 2 1 English Linköping E
6CIEI Industrial Engineering and Management - International, Master of Science in Engineering, Spanish 9 (Autumn 2022) 2 1 English Linköping E
6CIII Industrial Engineering and Management, Master of Science in Engineering 9 (Autumn 2022) 2 1 English Linköping E
6CITE Information Technology, Master of Science in Engineering 7 (Autumn 2022) 2 1 English Linköping E
6CITE Information Technology, Master of Science in Engineering (Computer Systems Architecture) 9 (Autumn 2022) 2 1 English Linköping E
6CITE Information Technology, Master of Science in Engineering (International Software Engineering) 9 (Autumn 2022) 2 1 English Linköping E
6CITE Information Technology, Master of Science in Engineering (Secure Systems) 7 (Autumn 2022) 2 1 English Linköping C
6CITE Information Technology, Master of Science in Engineering (Secure Systems) 9 (Autumn 2022) 2 1 English Linköping C
ECV = Elective / Compulsory / Voluntary

Main field of study

Information Technology, Computer Science and Engineering, Computer Science

Course level

Second cycle

Advancement level

A1X

Course offered for

  • Master of Science in Computer Science and Engineering
  • Master of Science in Industrial Engineering and Management
  • Master of Science in Information Technology
  • Master of Science in Computer Science and Software Engineering
  • Master of Science in Industrial Engineering and Management - International
  • Master's Programme in Computer Science

Prerequisites

Basic course in security. Students are expected to have knowledge of operating systems, programming languages, and software engineering. Students should be able to develop, test and debug software in Unix or Linux environments. Some experience with C-programming as well as basic knowledge of web application development are recommended.

Intended learning outcomes

Students taking this course will learn about the issues underlying software security, and develop the skills needed to build secure software. The course covers methods, tools, and best practices for building secure software. Students completing this course should be able to:

  • identify and analyze security problems in software;
  • formulate security requirements for software;
  • devise, evaluate, and explain solutions to software security;
  • critically evaluate the effectiveness of methods, state-of-art tools, and best practices, for detecting and preventing vulnerabilities; and
  • design and write secure software.

Course content

The course covers:

  • vulnerability discovery and analysis, and supporting tools;
  • analysis of infamous vulnerabilities and their exploits;
  • attack and vulnerability modeling;
  • security requirements analysis and design for security;
  • principles for secure programming;
  • static and dynamic intrusion prevention mechanisms;
  • security testing and evaluation; and
  • systematic approaches to building secure software.
Vulnerabilities, attacks, and principles for secure programming are studied with an emphasis on programs written in C/C++ and web applications.

Teaching and working methods

The course consists of lectures and laboratory work.

Examination

TEN1Written examination3 creditsU, 3, 4, 5
UPG1Laboratory work and assignments3 creditsU, G

Grades

Four-grade scale, LiU, U, 3, 4, 5

Other information

About teaching and examination language

The teaching language is presented in the Overview tab for each course. The examination language relates to the teaching language as follows: 

  • If teaching language is “Swedish”, the course as a whole could be given in Swedish, or partly in English. Examination language is Swedish, but parts of the examination can be in English.
  • If teaching language is “English”, the course as a whole is taught in English. Examination language is English.
  • If teaching language is “Swedish/English”, the course as a whole will be taught in English if students without prior knowledge of the Swedish language participate. Examination language is Swedish or English depending on teaching language.

Other

The course is conducted in a manner where both men's and women's experience and knowledge are made visible and developed. 

The planning and implementation of a course should correspond to the course syllabus. The course evaluation should therefore be conducted with the course syllabus as a starting point.  

If special circumstances prevail, the vice-chancellor may in a special decision specify the preconditions for temporary deviations from this course syllabus, and delegate the right to take such decisions.

Department

Institutionen för datavetenskap

Course literature

Other

  • Articles (see the course home page).

Code Name Scope Grading scale
TEN1 Written examination 3 credits U, 3, 4, 5
UPG1 Laboratory work and assignments 3 credits U, G

Regulations (apply to LiU in its entirety)

The university is a government agency whose operations are regulated by legislation and ordinances, which include the Higher Education Act and the Higher Education Ordinance. In addition to legislation and ordinances, operations are subject to several policy documents. The Linköping University rule book collects currently valid decisions of a regulatory nature taken by the university board, the vice-chancellor and faculty/department boards.

LiU’s rule book for education at first-cycle and second-cycle levels is available at http://styrdokument.liu.se/Regelsamling/Innehall/Utbildning_pa_grund-_och_avancerad_niva

Other

Articles (see the course home page).

Note: The course matrix is not fully translated to English.

I U A Modules Comment
1. ÄMNESKUNSKAPER
1.1 Kunskaper i grundläggande matematiska och naturvetenskapliga ämnen
1.2 Kunskaper i grundläggande (motsvarande G1X) teknikvetenskapliga ämnen
X
Programutveckling och felsökning
Software development and debugging
1.3 Fördjupade kunskaper (motsvarande G2X), metoder och verktyg inom något/några teknik- och naturvetenskapliga ämnen
X
X
X
TEN1
UPG1
1.4 Väsentligt fördjupade kunskaper (motsvarande A1X), metoder och verktyg inom något/några teknik- och naturvetenskapliga ämnen
X
TEN1
UPG1
1.5 Insikt i aktuellt forsknings- och utvecklingsarbete
X
Nya metoder för automatisk säkerhetstestning
Novel methods for automated security testing
2. INDIVIDUELLA OCH YRKESMÄSSIGA FÄRDIGHETER OCH FÖRHÅLLNINGSSÄTT
2.1 Analytiskt tänkande och problemlösning
X
X
TEN1
UPG1
2.2 Experimenterande och undersökande arbetssätt samt kunskapsbildning
X
UPG1
2.3 Systemtänkande
X
X
TEN1
UPG1
2.4 Förhållningssätt, tänkande och lärande
X
2.5 Etik, likabehandling och ansvarstagande
3. FÖRMÅGA ATT ARBETA I GRUPP OCH ATT KOMMUNICERA
3.1 Arbete i grupp
X
UPG1
3.2 Kommunikation
X
UPG1
3.3 Kommunikation på främmande språk
X
UPG1
Engelska
English
4. PLANERING, UTVECKLING, REALISERING OCH DRIFT AV TEKNISKA PRODUKTER OCH SYSTEM MED HÄNSYN TILL AFFÄRSMÄSSIGA OCH SAMHÄLLELIGA BEHOV OCH KRAV
4.1 Samhälleliga villkor, inklusive ekonomiskt, socialt och ekologiskt hållbar utveckling för kunskapsutveckling
X
Påverkan på samhället av cybersäkerhetshot
Societal impact of cybersecurity threats
4.2 Företags- och affärsmässiga villkor
4.3 Att identifiera behov samt strukturera och planera utveckling av produkter och system
X
TEN1
UPG1
4.4 Att konstruera produkter och system
X
X
TEN1
UPG1
4.5 Att realisera produkter och system
X
X
TEN1
UPG1
4.6 Att ta i drift och använda produkter och system
5. PLANERING, GENOMFÖRANDE OCH PRESENTATION AV FORSKNINGS- ELLER UTVECKLINGSPROJEKT MED HÄNSYN TILL VETENSKAPLIGA OCH SAMHÄLLELIGA BEHOV OCH KRAV
5.1 Samhälleliga villkor, inklusive ekonomiskt, socialt och ekologiskt hållbar utveckling
5.2 Ekonomiska villkor för kunskapsutveckling
5.3 Att identifiera behov samt strukturera och planera forsknings- eller utvecklingsprojekt
5.4 Att genomföra forsknings- eller utvecklingsprojekt
5.5 Att redovisa och utvärdera forsknings- eller utvecklingsprojekt

This tab contains public material from the course room in Lisam. The information published here is not legally binding, such material can be found under the other tabs on this page.

There are no files available for this course.