course-details-portlet

TDT4237 - Software Security and Data Privacy

About

Examination arrangement

Examination arrangement: School exam
Grade: Letter grades

Evaluation Weighting Duration Grade deviation Examination aids
School exam 100/100 4 hours E

Course content

The course will go through all the phases in the secure software development lifecycle (requirements, design, implementation, and testing) focusing on how to incorporate security in each phase and what techniques to use. The main focus is on web-based applications and mobile apps. The course will also cover basic knowledge related to data privacy, such as GDPR.

Learning outcome

After having taken this course, students should be able to: 1) Identify and fix typical security vulnerabilities of web applications. 2) Explain typical cryptography concepts and algorithms that are related to web application; 3) Apply the threat modeling methods to analyze web application; 4) Describe and compare software engineering practices and standards related to software security; 5) Apply risk-based testing for development; 6) Explain key authentication and access control concepts and methods; 7) Explain and apply principles of GDPR and data privacy.

Learning methods and activities

Lectures and mandatory exercises.

Compulsory assignments

  • Exercises

Further on evaluation

The final written exam counts 100% of the grade. The text for the written final exam will be in English. The candidates may choose to write their answers in either English or Norwegian. If there is a re-sit examination, the examination form may change from written to oral.

Specific conditions

Compulsory activities from previous semester may be approved by the department.

Required previous knowledge

Knowledge in Web applications and Python and JavaScript

Course materials

To be announced at the beginning of the semester.

Credit reductions

Course code Reduction From To
IIKG3000 2.5 AUTUMN 2021
Facts

Version: 1
Credits:  7.5 SP
Study level: Second degree level

Coursework

Term no.: 1
Teaching semester:  SPRING 2023

Language of instruction: English

Location: Trondheim

Subject area(s)
  • Computer and Information Science
  • Communication and Information Science
Contact information
Course coordinator: Lecturer(s):

Department with academic responsibility
Department of Computer Science

Examination

Examination arrangement: School exam

Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
Spring ORD School exam 100/100 E INSPERA
Room Building Number of candidates
Summer UTS School exam 100/100 E INSPERA
Room Building Number of candidates
  • * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
Examination

For more information regarding registration for examination and examination procedures, see "Innsida - Exams"

More on examinations at NTNU