COMP6236 Software Engineering and Cyber Security
Module Overview
This module focuses on both theoretical and practical perspectives in the development of software systems, exploring secure software design and development methods, and software analysis and reverse engineering. It therefore explores aspects of software engineering that are directly applicable to cyber security. The aims of the module at a high level are to: - Explore common threats to the secure operation of software systems - Give students knowledge of secure software development best practices - Understand the importance of formal methods and software testing - Give students exposure to software system analysis and reverse engineering
Aims and Objectives
Module Aims
To explore aspects of software engineering that are directly applicable to cyber security
Learning Outcomes
Knowledge and Understanding
Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:
- Common issues affecting the security of software systems
- Best practices for secure software development
- Applying formal methods and software testing
- Software analysis and reverse engineering
- Issues of privacy and trust for software design
- Implications of passive monitoring for communication software systems
Transferable and Generic Skills
Having successfully completed this module you will be able to:
- Apply secure software development principles to a range of application domains
Subject Specific Practical Skills
Having successfully completed this module you will be able to:
- Build more secure software systems and applications
- Undertake basic reverse engineering of software
Subject Specific Intellectual and Research Skills
Having successfully completed this module you will be able to:
- Describe specific methods for exploiting software systems
Syllabus
The syllabus includes the following topics: - Understanding software threats and hazards - Privacy and trust issues in software system design - Implications of pervasive passive monitoring for communicating systems - Security by design - Trusted systems and the Trusted Computing initiative - Security models, and principles of secure computing - Managing secure software design and development - Software development lifecycle - Formal methods approaches - Software testing - Static/dynamic analysis of software systems - Reverse engineering
Learning and Teaching
Teaching and learning methods
The module will be delivered through up to 36 lectures, which will include at least two regular lectures each week, in addition to tutorial and practical sessions. The tutorial and practical sessions are designed to support students and prepare them to take the assignment.
| Type | Hours |
|---|---|
| Teaching | 36 |
| Independent Study | 114 |
| Total study time | 150 |
Resources & Reading list
Gary McGraw (2006). Software Security: Building Security In.
Robert C. Seacord (2014). CERT® C Coding Standard:98 Rules for Developing Safe, Reliable, and Secure Systems.
Robert C. Seacord (2013). Secure Coding in C and C++.
Fred Long and Dhruv Mohindra (2013). Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs.
Assessment
Summative
| Method | Percentage contribution |
|---|---|
| Coursework | 30% |
| Exam (2 hours) | 70% |
Referral
| Method | Percentage contribution |
|---|---|
| Exam (2 hours) | 100% |
Repeat Information
Repeat type: Internal & External