Engineering Secure Software

Slides:



Advertisements
Similar presentations
CMPT 275 Software Engineering
Advertisements

Slide 01-1COMP 7370, Auburn University COMP 7370 Advanced Computer and Network Security Dr. Xiao Qin Auburn University
Learning and Teaching Conference 2012 Skill integration for students through in-class feedback and continuous assessment. Konstantinos Dimopoulos City.
Using SAM 2007 & Aplia In Online Courses. Don Danner San Francisco State University
Engineering Secure Software. The Power of Source Code  White box testing Testers have intimate knowledge of the specifications, design, Often done by.
Designing an Effective Course Curriculum Ponnurangam K (“PK”) Indo-US Workshop on Effective Teaching at College / University Level Feb 10, 2011.
Course Orientation Tests & Quizzes Tool. If the instructor has added “Tests & Quizzes” to the course as a form of assessment, click on the link in the.
CSCE 312 Computer Organization Lecture 0: Course Administration EJ Kim Department of Computer Science and Engineering 338B Bright
Using MyMathLab Features You must already be registered or enrolled in a current MyMathLab class in order to use MyMathLab. If you are not registered or.
 Dr. Natheer Khasawneh. Visual Programming CPE 411 Dr. Natheer Khasawneh Jordan University of Science and Technology.
Course Introduction CS 2302 SPRING Course Introduction In this part we'll discuss course mechanics. Most of this will apply to all sections of the.
Advanced Computer Networks by Behzad Akbari Spring 2011 In the Name of the Most High.
Software Evaluation Criteria Automated Assignment Applications RSCoyner 10/8/04.
CSS 404 Internet Concepts. XP Objectives Developing a Web page and a Website Working with CSS (Cascading Style Sheets) Web Tables Web Forms Multimedia.
CMSC 345, Spring CMSC 345 Software Design and Development Spring 2003 Section 0101 Ms. Susan Mitchell “Welcome to the School of Hard Knocks”
Course Introduction Software Engineering
Wiley eGrade. What is eGrade? Web-based software that enables instructors to automate the process of assigning and grading homework and quiz assignments.
ICS 102 Computer Programming University of Hail College of Computer Science & Engineering Computer Science and Software Engineering Department.
Welcome Course name Faculty name. YOUR COURSE MATERIALS Warren/Reeve/Duchac, Accounting: 22E You will… — be tested — receive homework assignments — have.
EEL4712 Digital Design. Instructor Dr. Greg Stitt Office Hours: TBD (Benton 323) Also, by appointment.
Software Specification and Design Sirisin Kongsilp & James Brucker.
Course Guide IS325 Systems Analysis & Design II Ms Fatima Khan Prince Sultan University, College for Women.
Aug. 9, 2007Gehringer: Improving Course Materials … Through Peer Review … Expertiza: Improving Course Materials and Learning Outcomes through.
Engineering Secure Software. Vulnerability of the Day  Each day, we will cover a different type of code-level vulnerability Usually a demo How to avoid,
1 [CMP001 Computer Orientation I] Course Guide Ms. Wesal Abdalfattah office#: 357 Ext#: 8612 Prince Sultan University,
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Review for the Final Exam December 8, 2008.
CMSC 345, Fall CMSC 345 Software Design and Development Fall 2003 Section 0101 Ms. Susan Mitchell Leave Your Ego at the Door!
BIT 115: Introduction To Programming Instructor: Jon Peck
EEL4712 Digital Design. Instructor Dr. Greg Stitt Office Hours: M Period 3, W Period 4 Subject to change.
SCHILLER INTERNATIONAL UNIVERSITY
CEN First Lecture CEN 4010 Introduction to Software Engineering Instructor: Masoud Sadjadi
1 Sacramento City College- Jo-Ann Foley D2L Orientation.
+ Summer Institute for Online Course Development Institute – Assessment Techniques Presentation by Nancy Harris Dept of Computer Science.
Psychology 120 Course Syllabus Mr. Hudson Course Syllabus Mr. Hudson.
HOW I SURVIVED AIST3620 AND LEARNED TO LOVE INTERFACES Fall 2015 Edition.
CPE433: Performance Evaluation and Modeling Introduction Dr. Gheith Abandah د. غيث علي عبندة.
Gra 6820 Strategic Choice Syllabus Fall Objective To provide a comprehensive perspective –the theory and art of strategic decision-making Perspective.
History 271 Spring A new approach to the large class...
CENG 213 Data Structures1 Nihan Kesim Çiçekli Department of Computer Engineering Middle East Technical University.
Designing Civil Engineering 240 – Geomatics Course objective Introduce engineering applications of surveying and geographical information systems, or GIS,
CET4884 Dr. Nabeel Yousef.  Dr. Nabeel Yousef  Located at the ATC campus room 107Q  Phone number 
Computer Network Fundamentals CNT4007C
Course Overview CS 4501 / 6501 Software Testing
IST256 : Applications Programming for Information Systems
Computer Networks CNT5106C
Linda Stewart, Karen King, Mark O’Reilly, Michael Stewart
ASSESSMENT OF STUDENT LEARNING
Using MyMathLab Features
Hybrid Course Overview & Requirements
Information Systems Security Winter
Beyond Canvas Technologies to Enhance the Learning Experience
7 Day Study Plan Begin studying 7 days prior to exam.
EECE 310 Software Engineering
ENC 3254: Professional communication for Engineers
Hybrid Course Overview & Requirements
Introduction to Programming Using C++
MBA 5670 MANAGEMENT OF INFORMATION TECHNOLOGIES
Introducing ISTQB Agile Foundation Extending the ISTQB Program’s Support Further Presented by Rex Black, CTAL Copyright © 2014 ASTQB 1.
Using MyMathLab Features
Do I really make a difference?
CNT 3004 Computer Network Concept
CSS-304: Computer Systems Interface
MBA 5670 MANAGEMENT OF INFORMATION TECHNOLOGIES
OLAC Course Development Review in Canvas
Engineering Secure Software
Course policy.
White Box testing & Inspections
Lecture 1a- Introduction
CMSC 345 Software Design and Development Spring 2004 Sections 0101 & 0201 Ms. Susan Mitchell Leave Your Ego at the Door! CMSC 345, Spring 2004.
Am I Ready for the Final Exam?
Presentation transcript:

Engineering Secure Software Course overview

Vulnerability of the Day Each day, we will cover a different type of code-level vulnerability Usually a demo How to avoid, detect, and mitigate the issue Most will link to the Common Weakness Enumeration http://cwe.mitre.org

In-Class Activities Most days, we will cover a tool or technique Many activities are interactive and collaborative in nature …so attendance is necessary Activities are for learning Formative feedback, not summative No submissions (usually) – instructor checks in class Exams will have questions about those activities

Exams Exam 1, Exam 2, & Final exam Closed book Closed computer Covers lecture material, VotD, textbook, and activities

Fuzz Testing Project We will have one larger programming project Goal: Build a tool for automated security testing Web applications Continuous Integration Individuals, not teams Goal: How do we automate exploratory testing? What can be automated easily, what can’t?

Vulnerability History Project What are the origins of past vulnerabilities? What are the mistakes that led to a vulnerability being introduced and missed? What can we learn from history? Some writing, lots of investigation Peer review process as well

Case Study Choose a large software project to study Source code must be available (>10k SLOC) Domain must have security risks History of vulnerabilities must be available Instructor approved Paper with chapters on: Security risks of the domain Design risks Code inspection results Iterative paper writing Multiple submissions You are graded on the content and how you react to my feedback

Reading Quizzes McGraw has a different approach and perspective worth seeing Quizzes will be: Done through myCourses On your own time (i.e. open book) Multiple choice Multiple attempts

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.