Skip to main navigationSkip to main content
The University of Southampton

COMP6242 Secure Software Development

Module Overview

This module focuses on perspectives in the development of software systems by exploring secure software design and development methods. It therefore explores aspects of software engineering that are directly applicable to cyber security.
The aims of the module at a high level are to:
 - Give students knowledge of secure software development best practices 
- Understand the importance of formal methods and software testing - Gain practical coding skills in secure software development for web-based applications

Aims and Objectives

Module Aims

To explore aspects of software engineering that are directly applicable to cyber security and to teach the basic principles of secure programming particularly in the setting of web applications.

Learning Outcomes

Knowledge and Understanding

Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:

  • Best practices for secure software development
  • Applying formal methods and software testing
  • Issues of privacy and trust for software design
  • Assessment of risk as part of software design
  • A range of prevention techniques for web-based attacks
Subject Specific Intellectual and Research Skills

Having successfully completed this module you will be able to:

  • Describe life cycle for developing secure software systems
  • Design secure software architechtures
  • Identify the code points where security measures are required
  • Select the most appropriate prevention techniques for given scenarios
Transferable and Generic Skills

Having successfully completed this module you will be able to:

  • Apply secure software development principles to a range of application domains
Subject Specific Practical Skills

Having successfully completed this module you will be able to:

  • Implement security measures in server-side and client-side code
  • Evaluate the outcome of these measures
  • Elicit security requirements and uncover security flaws in designs


Software Engineering methodology for secure systems
 - Privacy and trust issues in software system design 
- Security by design
 - Security models, and principles of secure computing
 - Managing secure software design and development 
- Software development lifecycle 
- Formal methods approaches
 - Risk Based Software testing General techniques for secure programming are covered using an example web development framework using e.g PHP, JavaScript or ASP.Net - client-side and server-side protection - protecting against injection attacks - implementing authentication and access control - techniques for ensuring data privacy - cross-site scripting - guarding against third-party component vulnerabilities - building a secure API

Learning and Teaching

Teaching and learning methods

The module will be delivered through up to 36 sessions, which will include an balanaced mix of lectures and tutorial and practical sessions. 

The tutorial and practical sessions are designed to support students and prepare them to take the assignment.

Follow-up work18
Preparation for scheduled sessions18
Completion of assessment task46
Wider reading or practice22
Total study time150



MethodPercentage contribution
Coursework 15%
Coursework 35%
Examination  (1.5 hours) 50%


MethodPercentage contribution
Examination 100%


MethodPercentage contribution
Examination  (1.5 hours) 100%

Repeat Information

Repeat type: Internal & External

Share this module Share this on Facebook Share this on Twitter Share this on Weibo

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.