Presentation is loading. Please wait.

Presentation is loading. Please wait.

Engineering Secure Software. Vulnerability of the Day  Each day, we will cover a different type of code-level vulnerability Usually a demo How to avoid,

Published byJosephine Warner Modified over 9 years ago

Similar presentations

Presentation on theme: "Engineering Secure Software. Vulnerability of the Day  Each day, we will cover a different type of code-level vulnerability Usually a demo How to avoid,"— Presentation transcript:

1 Engineering Secure Software

2 Vulnerability of the Day  Each day, we will cover a different type of code-level vulnerability Usually a demo How to avoid, detect, and mitigate the issue  Most will link to the Common Weakness Enumeration http://cwe.mitre.org

3 In-Class Activities  Most days, we will cover a tool or technique  Many activities are interactive and collaborative in nature …so attendance is necessary  Activities are for learning Formative feedback, not summative No submissions (usually) – instructor checks in class Exams will have questions about those activities

4 Exams  Exam 1, Exam 2, & Final exam  Closed book  Closed computer  Covers lecture material, VotD, textbook, and activities

5 Fuzz Testing Project  We will have one larger programming project Building a tool for automated security testing More info next week

6 Case Study  Choose a large software project to study Source code must be available (>10k SLOC) Domain must have security risks History of vulnerabilities must be available Instructor approved  Paper with chapters on: Security risks of the domain Design risks Code inspection results  Iterative paper writing Multiple submissions You are graded on the content and how you react to my feedback

Download ppt "Engineering Secure Software. Vulnerability of the Day  Each day, we will cover a different type of code-level vulnerability Usually a demo How to avoid,"

Similar presentations

Teaching Freshman Calculus-Based Physics Using the LOGIC Model Amin Jazaeri, Ph.D. COS Science Accelerator & School of Physics, Astronomy and Computational.

Teaching Freshman Calculus-Based Physics Using the LOGIC Model Amin Jazaeri, Ph.D. COS Science Accelerator & School of Physics, Astronomy and Computational.
D2L Orientation The Sociology of Aging GERON 300 or FCS 330 or SOC 335 1 Sacramento City College- Jo-Ann Foley.

D2L Orientation The Sociology of Aging GERON 300 or FCS 330 or SOC Sacramento City College- Jo-Ann Foley.
ITC242 – Introduction to Data Communications ITC431 – Computer Networks Week 13 Exam Preparation.

ITC242 – Introduction to Data Communications ITC431 – Computer Networks Week 13 Exam Preparation.
CSC 171 – FALL 2004 COMPUTER PROGRAMMING LECTURE 0 ADMINISTRATION.

CSC 171 – FALL 2004 COMPUTER PROGRAMMING LECTURE 0 ADMINISTRATION.
Csc111 :Programming with Java First semester 1432-1433 H.

Csc111 :Programming with Java First semester H.
Course Introduction (Lecture #1) ENGR 107 – Intro to Engineering The slides included herein were taken from the materials accompanying Engineering Fundamentals.

Course Introduction (Lecture #1) ENGR 107 – Intro to Engineering The slides included herein were taken from the materials accompanying Engineering Fundamentals.
Jan. 25, 2001CSci 250 - Clark University1 CSci 250 Software Design & Development Lecture #4 Thursday, Jan. 25, 2001.

Jan. 25, 2001CSci Clark University1 CSci 250 Software Design & Development Lecture #4 Thursday, Jan. 25, 2001.
NCA&T Geomatics and Distance Learning Since 2006.

NCA&T Geomatics and Distance Learning Since 2006.
 Dr. Natheer Khasawneh. Visual Programming CPE 411 Dr. Natheer Khasawneh Jordan University of Science and Technology.

 Dr. Natheer Khasawneh. Visual Programming CPE 411 Dr. Natheer Khasawneh Jordan University of Science and Technology.
CS 150 PERSONAL PRODUCTIVITY USING TECHNOLOGY Instructor: Xenia Mountrouidou.

CS 150 PERSONAL PRODUCTIVITY USING TECHNOLOGY Instructor: Xenia Mountrouidou.
ISO 90003 Tor Stålhane IDI / NTNU. What is ISO 90003 ISO 9001 was developed for the production industry but has a rather general structure ISO 90003 describes.

ISO Tor Stålhane IDI / NTNU. What is ISO ISO 9001 was developed for the production industry but has a rather general structure ISO describes.
Discovering Computers 2009 Introduction to the course.

Discovering Computers 2009 Introduction to the course.
CAP6135: Malware and Software Vulnerability Analysis Cliff Zou Spring 2015.

CAP6135: Malware and Software Vulnerability Analysis Cliff Zou Spring 2015.
EECE 310 Software Engineering Lecture 0: Course Orientation.

EECE 310 Software Engineering Lecture 0: Course Orientation.
Software Evaluation Criteria Automated Assignment Applications RSCoyner 10/8/04.

Software Evaluation Criteria Automated Assignment Applications RSCoyner 10/8/04.
Business Discipline Breakout Session Summer 2000 ION Conference Facilitated By: Marcy Satterwhite.

Business Discipline Breakout Session Summer 2000 ION Conference Facilitated By: Marcy Satterwhite.
CMSC 345, Spring 20031 CMSC 345 Software Design and Development Spring 2003 Section 0101 Ms. Susan Mitchell “Welcome to the School of Hard Knocks”

CMSC 345, Spring CMSC 345 Software Design and Development Spring 2003 Section 0101 Ms. Susan Mitchell “Welcome to the School of Hard Knocks”
ICS 102 Computer Programming University of Hail College of Computer Science & Engineering Computer Science and Software Engineering Department.

ICS 102 Computer Programming University of Hail College of Computer Science & Engineering Computer Science and Software Engineering Department.
Welcome Course name Faculty name. YOUR COURSE MATERIALS Warren/Reeve/Duchac, Accounting: 22E You will… — be tested — receive homework assignments — have.

Welcome Course name Faculty name. YOUR COURSE MATERIALS Warren/Reeve/Duchac, Accounting: 22E You will… — be tested — receive homework assignments — have.
Course Guide IS325 Systems Analysis & Design II Ms Fatima Khan Prince Sultan University, College for Women.

Course Guide IS325 Systems Analysis & Design II Ms Fatima Khan Prince Sultan University, College for Women.

Similar presentations

Ads by Google