Faculty of Technical Sciences

University of Novi Sad

Subject: Secure Software Development (19.IB11)

 
Type of studies Title
Master Academic Studies Information Security (Year: 1, Semester: Winter)
General information:
 
Category Professional-applicative
Scientific or art field Applied Computer Science and Informatics
ECTS 6

Students learn about the techniques for designing, implementing, and testing the security aspects of software systems.

After successfully completing the course, students gain theoretical and practical knowledge of secure software engineering, including an understanding of security threats, attacks that realize threats, and methods for preventing these attacks. Students are able to design secure software architectures, implement secure code, and test the software to verify its security, resulting in the construction of secure software.

Introduction to secure software engineering: definition, basic concepts, security requirements. Data flow analysis: trust boundary analysis, data flow minimization, attack surface analysis and reduction. Threat modeling: asset-centric, attacker-centric, software-centric. Secure design: secure design principles, secure design patterns, defense-in-depth. Web security: threats, attacks, vulnerabilities, mitigations. Managed code security: threats, attacks, vulnerabilities, mitigations. Enterprise system security: threats, attacks, vulnerabilities, mitigations. Security testing: security requirements testing, threat mitigation testing, security testing tools, penetration testing. Secure software solution: secure software deployment, peripheral security tools, secure software operations.

Lectures. Other forms of teaching. Consultations. The examination is oral. The final grade is formed on the basis of achievement in the project and oral examination.

Authors Title Year Publisher Language
Brook Schoenfield Securing Systems: Applied Security Architecture and Threat Models 2015 CRC Press English
James Ransome, Anmol Misra Core Software Security: Security at the Source 2013 CRC Press English
Ross J. Anderson Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition 2008 Wiley English
Adam Shostack Threat modeling: Designing for security 2014 Wiley English
Course activity Pre-examination Obligations Number of points
Project Yes Yes 70.00
Oral part of the exam No Yes 30.00
API Image

Prof. Sladić Goran

Full Professor

Lectures

Asst. Prof. Luburić Nikola

Assistant Professor

DON - drugi oblici nastave

Faculty of Technical Sciences

University of Novi Sad
Facebook Instagram Tiktok X-twitter Youtube Linkedin

© 2024. Faculty of Technical Sciences.

Contact:

Address: Trg Dositeja Obradovića 6, 21102 Novi Sad

Phone:  (+381) 21 450 810
(+381) 21 6350 413

Fax : (+381) 21 458 133
Emejl: ftndean@uns.ac.rs

© 2024. Faculty of Technical Sciences.