04-801-R3 Special Topics in ICT: Secure Coding Practice

Location: Africa

Units: 6

Semester Offered: Spring

Course description

Software systems are ubiquitous in the modern environment, and it is important that the systems are safe, reliable, and secure. The course recognizes that many security problems are indeed software bugs and will seek to develop the practical skills to minimize such bugs.

To this end, the course will cover fundamentals, principles, and the practice of secure coding. The course covers both theory and practice but puts more weight on practice. Carefully selected practical examples, practical exercises, mini-projects, and case studies will be used to reinforce the learning and to present students with an opportunity to acquire secure coding knowledge and high-level practical skills.

Outcomes

Describe the challenges and threats to building secure software systems.

Analyze and select appropriate strategies that can be applied to develop secure software systems.

Apply their knowledge of secure coding to create software systems that are safe, reliable, and secure as measured by objective criteria.

Apply static and dynamic code analysis tools to discover coding flaws and vulnerabilities.

Content details

Common software security vulnerabilities, threats, and attack surfaces

Anti-patterns in software security

Secure coding principles and practice

Secure coding standards and conventions

Strategies for secure coding:

use of patterns and frameworks in software design and architecture
defensive programming
input validation
data sanitization
exception handling
security by design

Software lifecycle secure coding approach: secure coding practice in

design and architecture
implementation
testing
operations

04-801-R3 Special Topics in ICT: Secure Coding Practice

Course discipline

Course type

Course concentration

Course description

Learning objectives

Outcomes

Content details

Faculty