Course - Software Security - TDT4237
Software Security
About
About the course
Course content
The course will go through all the phases in the secure software development lifecycle (requirements, design, implementation and testing) focusing on how to incorporate security in each phase and what techniques to use. The main focus is on web-based applications.
Learning outcome
The course focuses on software security and how to develop more secure software systems.
Learning methods and activities
Lectures, exercise lectures and mandatory exercises.
The exercises are obligatory. To pass the class, the students have to pass both the exercises and the final exam. The exercise grade in one semester will be valid for later exams.
Compulsory assignments
- Exercises
Further on evaluation
The portfolio includes a final written exam (70%) and exercises (30%). The results for the parts are given in %-scores, while the entire portfolio is assigned a letter grade. The text for the written final exam will be in English. The candidates may choose to write their answers in either English or Norwegian.
If there is a re-sit examination, the examination form may change from written to oral.
In the case that the student receives an F/Fail as a final grade after both ordinary and re-sit exam, then the student must retake the course in its entirety. Submitted work that counts towards the final grade will also have to be retaken.
Recommended previous knowledge
The students should be familiar with programming, software development, and software engineering, web development (e.g. through TDT4100 Object-Oriented Programming, TDT4140 Software Engineering and IT2810 Web Development). For the exercises we will use the Java and/or PHP as programming language.
Knowledge about information security (equal to the topic TTM4135 Information Security) is an advantage but not required.
Course materials
To be announced at the beginning of the semester.
Subject areas
- Computer and Information Science
- Communication and Information Science