Faculty of Technical Sciences

University of Novi Sad

Subject: Secure Software Engineering (17.SE4001)

 
Type of studies Title
Undergraduate Academic Studies Software Engineering and Information Technologies (Year: 4, Semester: Summer)
General information:
 
Category Theoretical-methodological
Scientific or art field Applied Computer Science and Informatics
ECTS 5

Students learn about the techniques for designing, implementing, and testing the security aspects of software systems.

After successfully completing the course, students gain theoretical and practical knowledge of secure software engineering, including an understanding of security threats, attacks that realize threats, and methods for preventing these attacks. Students are able to design secure software architectures, implement secure code, and test the software to verify its security, resulting in the construction of secure software.

Introduction to secure software engineering: definition, basic concepts, security requirements. Data flow analysis: trust boundary analysis, data flow minimization, attack surface analysis and reduction. Threat modeling: asset-centric, attacker-centric, software-centric. Secure design: secure design principles, secure design patterns, defense-in-depth. Web security: threats, attacks, vulnerabilities, mitigations. Managed code security: threats, attacks, vulnerabilities, mitigations. Enterprise system security: threats, attacks, vulnerabilities, mitigations. Security testing: security requirements testing, threat mitigation testing, security testing tools, penetration testing. Secure software solution: secure software deployment, peripheral security tools, secure software operations.

Lectures. Computer practice. Consultations. The examination is oral. The final grade is formed on the basis of achievement in the laboratory practice classes and oral examination.

Authors Title Year Publisher Language
Adam Shostack Threat Modeling: Designing for Security 2014 Wiley English
Adam D. Scott Building Web Apps that Respect a User’s Privacy and Security 2017 O Reilly English
James Ransome, Anmol Misra Core Software Security: Security at the Source 2013 CRC Press English
Ross J. Anderson Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition 2008 Wiley English
Stuart Jacobs Computer Software Security, in Engineering Information Security: The Application Of Systems Engineering Concepts To Achieve Information Assurance Second Edition 2016 John Wiley & Sons, Inc. English
Peterson, A. Cracking Security Misconceptions 2016 O Reilly English
Cole, E. Advanced Persistent Threat 2013 Elsevier English
Brook Schoenfield Securing Systems: Applied Security Architecture and Threat Models 2015 CRC Press English
Winkler, I., Gomes, A. T. Advanced Persistent Security 2017 Elsevier English
Course activity Pre-examination Obligations Number of points
Project defence Yes Yes 50.00
Oral part of the exam No Yes 50.00
API Image

Prof. Sladić Goran

Full Professor

Lectures

Asst. Prof. Luburić Nikola

Assistant Professor

Lectures

Assistant - Master Todorović Nenad

Assistant - Master

Computational classes

Assistant - Master Mijatov Vanja

Assistant - Master

Computational classes

Faculty of Technical Sciences

University of Novi Sad
Facebook Instagram Tiktok X-twitter Youtube Linkedin

© 2024. Faculty of Technical Sciences.

Contact:

Address: Trg Dositeja Obradovića 6, 21102 Novi Sad

Phone:  (+381) 21 450 810
(+381) 21 6350 413

Fax : (+381) 21 458 133
Emejl: ftndean@uns.ac.rs

© 2024. Faculty of Technical Sciences.