CSC 415 - Software Security

Catalog Description:
Introduces students to the discipline of designing, developing, and testing secure and dependable software-based systems. Students will learn about risks and vulnerabilities, and effective software security techniques. Topics include common vulnerabilities, access control, information leakage, logging, usability, risk analysis, testing, design principles, security policies, and privacy. Project required.
Contact Hours: Prerequisites: None
Co-requisites: CSC 326
Restrictions: None
Coordinator: Dr. Jason King
Textbook: None

Course Outcomes:
Upon successful completion of this course, a student will be able to...

  1. Describe common vulnerabilities and software weaknesses that affect security and privacy in software.
  2. Assess the security risk of a system under development using a risk management framework.
  3. Describe secure coding practices and techniques that can be incorporated into the security development lifecycle.
  4. Document security requirements through functional requirements specifications and misuse/abuse cases.
  5. Apply design principles (such as defense in depth, least privilege, and separation of privilege) when developing secure software.
  6. Construct attack and defense trees to help analyze and address risks that exist in software.
  7. Perform threat modeling when designing software to identify threats, document mitigation strategies, and validate that threats have been addressed.
  8. Perform security testing, including fuzz testing and penetration testing.


Topics:

See Course Listings

See Course Coordinators