Course Overview

This course provides a foundation for building secure software by applying security principles to the software development lifecycle. Topics covered include: security in requirements engineering, secure designs, risk analysis, threat modeling, deploying cryptographic algorithms, defensive coding, penetration testing, fuzzing, static analysis, and security assessment. Students will learn the practical skills for developing and testing for secure software while also learning sound security fundamentals from real-world case studies.

At the completion of this course, students will be able to:


Course Format


Regarding attendance, attendance is not required. But! The best way to succeed in this class is to come to class and take notes in the lectures. While we post the slides, the lectures will have key information that is not necessarily found in the slides. Also, some work is collaborative and your teammates need a time to see you in class to coordinate. We do adjust individual grades in a team project for non-participation, and not showing up to class consistently can contribute to evidence of that.

When assigning final grades, each instructor reserves the right to alter these division points as he or she deems necessary based on the overall evaluation of individual or class performance and effort.

Grading Letter Breakdown:

The following chart will be used to determine your letter grade at the conclusion of the term.

Grade Percentage Range
A 93 +
A- 90 <= x < 93
B+ 87 <= x < 90
B 83 <= x < 87
B- 80 <= x < 83
C+ 77 <= x < 80
C 73 <= x < 77
C- 70 <= x < 73
D 60 <= x < 70
F under 60

Rounding is at the discretion of the instructor.

Note: The individual project grades may be adjusted in either direction from the team grade based on the assessment of your contribution by the instructor and your colleagues on the team.

Late Work

Policy for late work will be handled by the instructor on a case-by-case basis. Do not assume that any accomodations will be made for late work.