Engineering Secure Software

Tentative Syllabus

SE549-02, Spring 20123

aka SE331

Useful links:

• Course Schedule
• Lecture slides
• Vulnerability of the Day
• Case Study description
• Fuzzer project

Course Overview

This course provides a foundation for building secure software by applying security principles to the software development lifecycle. Topics covered include: security in requirements engineering, secure designs, risk analysis, threat modeling, deploying cryptographic algorithms, defensive coding, penetration testing, fuzzing, static analysis, and security assessment. Students will learn the practical skills for developing and testing for secure software while also learning sound security fundamentals from real-world case studies.

Prerequisite: SE362

At the completion of this course, students will be able to:

• Apply contemporary formal mathematical modeling techniques to model and analyze the security of a software system
• Identify project security risks & selecting risk management strategies.
• Use statistical methods to collect and analyze metrics for assessing and improving the security of a product, process, and project objectives.
• Describe and discuss security concerns designs at multiple levels of abstraction
• Comply with data privacy and security requirements when designing a software system.
• Design a software solution for secure access and protection of data.
• Use quality assurance activities and strategies that support early vulnerability detection and contribute to improving the development process.

Textbooks

• Software Security: Building Security In by Gary McGraw. Addison-Wesley, ISBN 978-321-35670-3
• Software Security Engineering: A Guide for Project Managers by Julia H. Allen, Sean Barnum, Robert J. Ellison, Gary McGraw, and Nancy Mead. Addison-Wesley, ISBN 978-0-32-150917-8

Course Info

Meeting Mondays & Wednesdays, 10am-12pm, GOL-1650.

Instructor: Prof. Meneely. My office hours are 10am-12pm every Tuesday and Thursday. You are also always welcome to stop by my office (GOL-1547), or set up an appointment.

Course Format

• Lectures. You know what these are.
• Vulnerability of the Day. Each day, we will cover a common programming mistake that results in the system being vulnerable. These are live demonstrations with links to descriptions in outside other resources.
• Class Activities. Each day, we will cover a different practice or tool. Most of these require teams (i.e. people at your table), some are more individual. Some activities have a graded deliverable, but all will require in-class attendance.
• Case Study Project. See Case Study.
• Web Application Fuzzer project. We will be building a web application fuzz testing tool for automating the discovery of common vulnerabilities in web applications.
• Readings. These are designed to supplement the lectures and in-class activities. Exams will be based on both readings and lectures, and the instructor reserves the right to ask exam questions that were only covered in the assigned readings.

Grading

• 25%: Case Study Project
• 15%: Programming project
• 15%: Class Activities
• 20%: Midterm Exam
• 25%: Final exam (cumulative)
• Attendance (no component, but it only hurts you - see below)

Attendance

Attendance is required for this class, as much of the learning takes place during in-class activities and demonstrations that cannot be replicated outside of class.

• For the first week there will be no formal attendance checks because this is the add/drop period.
• There are 18 class meetings starting in the second week. You may miss up to two of these without an excuse and suffer no penalty. The third and later unexcused absences each drop 10% from the maximum grade you can receive. For example, if you have 5 unexcused absences, then the 3 beyond the grace amount mean your maximum grade in the course will be 100% - 3 x 10% = 70%. Thus, 7 unexcused absences results in failing the course.
• Note that valid absences approved and excused in advance by your instructor do not count against you. The instructor has final say as to whether or not an absence is valid.
• The instructor reserves the right to refuse admission to any student arriving more than 5 minutes into the class period. If you believe you have a valid reason for consistently arriving late, talk to your instructor. The instructor's decision in such cases is final.

Late Work

10% off the maximum grade for each day missed.