LnRiLWZpZWxke21hcmdpbi1ib3R0b206MC43NmVtfS50Yi1maWVsZC0tbGVmdHt0ZXh0LWFsaWduOmxlZnR9LnRiLWZpZWxkLS1jZW50ZXJ7dGV4dC1hbGlnbjpjZW50ZXJ9LnRiLWZpZWxkLS1yaWdodHt0ZXh0LWFsaWduOnJpZ2h0fS50Yi1maWVsZF9fc2t5cGVfcHJldmlld3twYWRkaW5nOjEwcHggMjBweDtib3JkZXItcmFkaXVzOjNweDtjb2xvcjojZmZmO2JhY2tncm91bmQ6IzAwYWZlZTtkaXNwbGF5OmlubGluZS1ibG9ja311bC5nbGlkZV9fc2xpZGVze21hcmdpbjowfQ==
LnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWNvbnRhaW5lci50Yi1jb250YWluZXJbZGF0YS10b29sc2V0LWJsb2Nrcy1jb250YWluZXI9ImNlODg0MDE5NzQ3ZjQ2YzBmMTAwZWY5MWI0MDk1OGNjIl0geyBib3JkZXItcmFkaXVzOiA1cHg7cGFkZGluZzogMjVweDsgfSAudGItY29udGFpbmVyIC50Yi1jb250YWluZXItaW5uZXJ7d2lkdGg6MTAwJTttYXJnaW46MCBhdXRvfSAud3AtYmxvY2stdG9vbHNldC1ibG9ja3MtY29udGFpbmVyLnRiLWNvbnRhaW5lcltkYXRhLXRvb2xzZXQtYmxvY2tzLWNvbnRhaW5lcj0iNzkxNTVmMTI5Mzk4MTNkNzQ5MzFkOTk2MzRkMjllNDYiXSB7IGJvcmRlci1yYWRpdXM6IDVweDtiYWNrZ3JvdW5kOiByZ2JhKCAyNTUsIDI1NSwgMjU1LCAxICk7cGFkZGluZzogNXB4IDM1cHggNXB4IDM1cHg7IH0gLnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWNvbnRhaW5lci50Yi1jb250YWluZXJbZGF0YS10b29sc2V0LWJsb2Nrcy1jb250YWluZXI9IjhlODg0NGUyZjFiMzIxOWE4YWM2NjJhMzgyMWNmY2E4Il0geyBwYWRkaW5nOiAyNXB4OyB9ICAgLnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWNvbnRhaW5lci50Yi1jb250YWluZXJbZGF0YS10b29sc2V0LWJsb2Nrcy1jb250YWluZXI9IjViMDQ3MWM0OWIxZDM0YzZkODFkYmI0NmUzYjJjY2YzIl0geyBwYWRkaW5nOiAyNXB4OyB9IC50Yi1ncmlkLC50Yi1ncmlkPi5ibG9jay1lZGl0b3ItaW5uZXItYmxvY2tzPi5ibG9jay1lZGl0b3ItYmxvY2stbGlzdF9fbGF5b3V0e2Rpc3BsYXk6Z3JpZDtncmlkLXJvdy1nYXA6MjVweDtncmlkLWNvbHVtbi1nYXA6MjVweH0udGItZ3JpZC1pdGVte2JhY2tncm91bmQ6I2QzOGEwMztwYWRkaW5nOjMwcHh9LnRiLWdyaWQtY29sdW1ue2ZsZXgtd3JhcDp3cmFwfS50Yi1ncmlkLWNvbHVtbj4qe3dpZHRoOjEwMCV9LnRiLWdyaWQtY29sdW1uLnRiLWdyaWQtYWxpZ24tdG9we3dpZHRoOjEwMCU7ZGlzcGxheTpmbGV4O2FsaWduLWNvbnRlbnQ6ZmxleC1zdGFydH0udGItZ3JpZC1jb2x1bW4udGItZ3JpZC1hbGlnbi1jZW50ZXJ7d2lkdGg6MTAwJTtkaXNwbGF5OmZsZXg7YWxpZ24tY29udGVudDpjZW50ZXJ9LnRiLWdyaWQtY29sdW1uLnRiLWdyaWQtYWxpZ24tYm90dG9te3dpZHRoOjEwMCU7ZGlzcGxheTpmbGV4O2FsaWduLWNvbnRlbnQ6ZmxleC1lbmR9IC53cC1ibG9jay10b29sc2V0LWJsb2Nrcy1ncmlkLnRiLWdyaWRbZGF0YS10b29sc2V0LWJsb2Nrcy1ncmlkPSJjNWJiOGIzYzMwY2MzOWExMzllNTNiZWY3NjMwZDdhMyJdIHsgZ3JpZC10ZW1wbGF0ZS1jb2x1bW5zOiBtaW5tYXgoMCwgMC41ZnIpIG1pbm1heCgwLCAwLjVmcik7Z3JpZC1jb2x1bW4tZ2FwOiAzMnB4O2dyaWQtcm93LWdhcDogNDRweDtncmlkLWF1dG8tZmxvdzogcm93IH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQudGItZ3JpZFtkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQ9ImM1YmI4YjNjMzBjYzM5YTEzOWU1M2JlZjc2MzBkN2EzIl0gPiAudGItZ3JpZC1jb2x1bW46bnRoLW9mLXR5cGUoMm4gKyAxKSB7IGdyaWQtY29sdW1uOiAxIH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQudGItZ3JpZFtkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQ9ImM1YmI4YjNjMzBjYzM5YTEzOWU1M2JlZjc2MzBkN2EzIl0gPiAudGItZ3JpZC1jb2x1bW46bnRoLW9mLXR5cGUoMm4gKyAyKSB7IGdyaWQtY29sdW1uOiAyIH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uLnRiLWdyaWQtY29sdW1uW2RhdGEtdG9vbHNldC1ibG9ja3MtZ3JpZC1jb2x1bW49IjQ2ZGNkMGU3MjI5ZDMwZTI4NmNkNDE0ZTE0NmYyNjRlIl0geyBiYWNrZ3JvdW5kLWNvbG9yOiByZ2JhKCAyNTUsIDI1NSwgMjU1LCAxICk7Ym9yZGVyLXJhZGl1czogNXB4O3BhZGRpbmctcmlnaHQ6IDM1cHg7cGFkZGluZy1sZWZ0OiAzNXB4O2Rpc3BsYXk6IGZsZXg7IH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uLnRiLWdyaWQtY29sdW1uW2RhdGEtdG9vbHNldC1ibG9ja3MtZ3JpZC1jb2x1bW49IjQ2ZGNkMGU3MjI5ZDMwZTI4NmNkNDE0ZTE0NmYyNjRlIl0gcCB7IGZvbnQtc2l6ZTogMThweDsgfSAgLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uLnRiLWdyaWQtY29sdW1uW2RhdGEtdG9vbHNldC1ibG9ja3MtZ3JpZC1jb2x1bW49Ijk0MzBmNTg3NTEwMzg3NTI4ZDI4ZGI2MWNmYWQxNDJhIl0geyBiYWNrZ3JvdW5kLWNvbG9yOiByZ2JhKCAyNTUsIDI1NSwgMjU1LCAxICk7Ym9yZGVyLXJhZGl1czogNXB4O3BhZGRpbmctcmlnaHQ6IDM1cHg7cGFkZGluZy1sZWZ0OiAzNXB4O2Rpc3BsYXk6IGZsZXg7IH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uLnRiLWdyaWQtY29sdW1uW2RhdGEtdG9vbHNldC1ibG9ja3MtZ3JpZC1jb2x1bW49Ijk0MzBmNTg3NTEwMzg3NTI4ZDI4ZGI2MWNmYWQxNDJhIl0gcCB7IGZvbnQtc2l6ZTogMThweDsgfSAgQG1lZGlhIG9ubHkgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA3ODFweCkgeyAudGItY29udGFpbmVyIC50Yi1jb250YWluZXItaW5uZXJ7d2lkdGg6MTAwJTttYXJnaW46MCBhdXRvfS50Yi1jb250YWluZXIgLnRiLWNvbnRhaW5lci1pbm5lcnt3aWR0aDoxMDAlO21hcmdpbjowIGF1dG99LnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gIC50Yi1jb250YWluZXIgLnRiLWNvbnRhaW5lci1pbm5lcnt3aWR0aDoxMDAlO21hcmdpbjowIGF1dG99LnRiLWdyaWQsLnRiLWdyaWQ+LmJsb2NrLWVkaXRvci1pbm5lci1ibG9ja3M+LmJsb2NrLWVkaXRvci1ibG9jay1saXN0X19sYXlvdXR7ZGlzcGxheTpncmlkO2dyaWQtcm93LWdhcDoyNXB4O2dyaWQtY29sdW1uLWdhcDoyNXB4fS50Yi1ncmlkLWl0ZW17YmFja2dyb3VuZDojZDM4YTAzO3BhZGRpbmc6MzBweH0udGItZ3JpZC1jb2x1bW57ZmxleC13cmFwOndyYXB9LnRiLWdyaWQtY29sdW1uPip7d2lkdGg6MTAwJX0udGItZ3JpZC1jb2x1bW4udGItZ3JpZC1hbGlnbi10b3B7d2lkdGg6MTAwJTtkaXNwbGF5OmZsZXg7YWxpZ24tY29udGVudDpmbGV4LXN0YXJ0fS50Yi1ncmlkLWNvbHVtbi50Yi1ncmlkLWFsaWduLWNlbnRlcnt3aWR0aDoxMDAlO2Rpc3BsYXk6ZmxleDthbGlnbi1jb250ZW50OmNlbnRlcn0udGItZ3JpZC1jb2x1bW4udGItZ3JpZC1hbGlnbi1ib3R0b217d2lkdGg6MTAwJTtkaXNwbGF5OmZsZXg7YWxpZ24tY29udGVudDpmbGV4LWVuZH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQudGItZ3JpZFtkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQ9ImM1YmI4YjNjMzBjYzM5YTEzOWU1M2JlZjc2MzBkN2EzIl0geyBncmlkLXRlbXBsYXRlLWNvbHVtbnM6IG1pbm1heCgwLCAxZnIpO2dyaWQtcm93LWdhcDogMjRweDtncmlkLWF1dG8tZmxvdzogcm93IH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQudGItZ3JpZFtkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQ9ImM1YmI4YjNjMzBjYzM5YTEzOWU1M2JlZjc2MzBkN2EzIl0gID4gLnRiLWdyaWQtY29sdW1uOm50aC1vZi10eXBlKDFuKzEpIHsgZ3JpZC1jb2x1bW46IDEgfSAud3AtYmxvY2stdG9vbHNldC1ibG9ja3MtZ3JpZC1jb2x1bW4udGItZ3JpZC1jb2x1bW5bZGF0YS10b29sc2V0LWJsb2Nrcy1ncmlkLWNvbHVtbj0iNDZkY2QwZTcyMjlkMzBlMjg2Y2Q0MTRlMTQ2ZjI2NGUiXSB7IGRpc3BsYXk6IGZsZXg7IH0gIC53cC1ibG9jay10b29sc2V0LWJsb2Nrcy1ncmlkLWNvbHVtbi50Yi1ncmlkLWNvbHVtbltkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uPSI5NDMwZjU4NzUxMDM4NzUyOGQyOGRiNjFjZmFkMTQyYSJdIHsgZGlzcGxheTogZmxleDsgfSAgIH0gQG1lZGlhIG9ubHkgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA1OTlweCkgeyAudGItY29udGFpbmVyIC50Yi1jb250YWluZXItaW5uZXJ7d2lkdGg6MTAwJTttYXJnaW46MCBhdXRvfS50Yi1jb250YWluZXIgLnRiLWNvbnRhaW5lci1pbm5lcnt3aWR0aDoxMDAlO21hcmdpbjowIGF1dG99LnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gIC50Yi1jb250YWluZXIgLnRiLWNvbnRhaW5lci1pbm5lcnt3aWR0aDoxMDAlO21hcmdpbjowIGF1dG99LnRiLWdyaWQsLnRiLWdyaWQ+LmJsb2NrLWVkaXRvci1pbm5lci1ibG9ja3M+LmJsb2NrLWVkaXRvci1ibG9jay1saXN0X19sYXlvdXR7ZGlzcGxheTpncmlkO2dyaWQtcm93LWdhcDoyNXB4O2dyaWQtY29sdW1uLWdhcDoyNXB4fS50Yi1ncmlkLWl0ZW17YmFja2dyb3VuZDojZDM4YTAzO3BhZGRpbmc6MzBweH0udGItZ3JpZC1jb2x1bW57ZmxleC13cmFwOndyYXB9LnRiLWdyaWQtY29sdW1uPip7d2lkdGg6MTAwJX0udGItZ3JpZC1jb2x1bW4udGItZ3JpZC1hbGlnbi10b3B7d2lkdGg6MTAwJTtkaXNwbGF5OmZsZXg7YWxpZ24tY29udGVudDpmbGV4LXN0YXJ0fS50Yi1ncmlkLWNvbHVtbi50Yi1ncmlkLWFsaWduLWNlbnRlcnt3aWR0aDoxMDAlO2Rpc3BsYXk6ZmxleDthbGlnbi1jb250ZW50OmNlbnRlcn0udGItZ3JpZC1jb2x1bW4udGItZ3JpZC1hbGlnbi1ib3R0b217d2lkdGg6MTAwJTtkaXNwbGF5OmZsZXg7YWxpZ24tY29udGVudDpmbGV4LWVuZH0gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQudGItZ3JpZFtkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQ9ImM1YmI4YjNjMzBjYzM5YTEzOWU1M2JlZjc2MzBkN2EzIl0geyBncmlkLXRlbXBsYXRlLWNvbHVtbnM6IG1pbm1heCgwLCAxZnIpO2dyaWQtYXV0by1mbG93OiByb3cgfSAud3AtYmxvY2stdG9vbHNldC1ibG9ja3MtZ3JpZC50Yi1ncmlkW2RhdGEtdG9vbHNldC1ibG9ja3MtZ3JpZD0iYzViYjhiM2MzMGNjMzlhMTM5ZTUzYmVmNzYzMGQ3YTMiXSAgPiAudGItZ3JpZC1jb2x1bW46bnRoLW9mLXR5cGUoMW4rMSkgeyBncmlkLWNvbHVtbjogMSB9IC53cC1ibG9jay10b29sc2V0LWJsb2Nrcy1ncmlkLWNvbHVtbi50Yi1ncmlkLWNvbHVtbltkYXRhLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uPSI0NmRjZDBlNzIyOWQzMGUyODZjZDQxNGUxNDZmMjY0ZSJdIHsgZGlzcGxheTogZmxleDsgfSAgLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWdyaWQtY29sdW1uLnRiLWdyaWQtY29sdW1uW2RhdGEtdG9vbHNldC1ibG9ja3MtZ3JpZC1jb2x1bW49Ijk0MzBmNTg3NTEwMzg3NTI4ZDI4ZGI2MWNmYWQxNDJhIl0geyBkaXNwbGF5OiBmbGV4OyB9ICAgfSA=
Course Description
Software systems are becoming an integral part of our daily life. In many domains the failure of a software system in not acceptable. Such a failure will have catastrophic effects. Hence, the quality of such software systems becomes so crucial. In this course we will introduce software quality and the associated quality factors.
As software systems advance in complexity so does the threats that they face. Hence, the security of these systems has became so essential. Traditionally security has been thought off as an add-on to an existing system. In this course, we will understand that this is not sufficient. Security should be considered throughout the software development life cycle.
Prerequisite: SWENG411
Overview
This course provides a detailed explanation of software quality assurance practices and methods throughout the software development life-cycle. It provides a foundation for building secure software by applying security principles to the software development lifecycle. test
Course Outline:
- Module 1: Intro to Software Quality
- Module 2: Software Errors
- Module 3: Introduction to Information Security
- Module 4: Security Requirements Planning
- Module 5: Vulnerability Mapping
- Module 6: Vulnerability Mapping – 2
- Module 7: Secure Software Architecture and Design
- Module 8: Secure Software Architecture and Design – 2
- Module 9: Secure Coding
- Module 10: Secure Testing
- Module 11: Secure Deployment and Maintenance
- Module 12: Microsoft® Security Development Lifecycle (SDL)
Learning Goals
By the end of this course students are expected to:
- Understand the concepts of software quality assurance.
- Understand the concept of secure software development.
- Understand the current and emerging threats
- Understand the effect of security on the software development life cycle (SDLC).
- Understand the effect of quality on the SDLC.
- Ability to integrate security in the software requirements planning and use Use-Cases to model security requirements.
- Ability to integrate security in software design.
Course Requirements and Grading
Grading Policy
Grading is based on three exams, weekly quizzes, weekly assignments, and course project. The following weights are assigned to the different assessed components of the course:
Category |
Percentage |
Module Quizzes |
10% |
Module Discussions |
5% |
Module Assignments |
10% |
Project (Three Phases) |
45% |
Exam 1 |
10% |
Exam 2 |
10% |
Exam 3 |
10% |
Assignments: Assignments will be assigned with some Modules. They are designed to enhance your understanding of the material covered in the Module. They are assigned on the Monday of the week and are due by Saturday (11:59pm, US Eastern time) of the same week. Project: This course will have one major group project. In the project you will develop a software system while integrating security in the development cycle. The project is divided intro three phases, requirements, design, and implementation and testing. Each phase is worth 15% of your grade. Quizzes: Quizzes are short and designed to make sure your knowledge on the current topic is sufficient. They are assigned on Monday of the week and are due by Saturday (11:59pm, US Eastern time) of the same week. No late Quizzes will be accepted. Module Discussions: Modules will contain a number of questions that are embedded. You will need to answer these questions through the discussion board. A link to the question will be displayed in the content of the module. It is important that you answer these questions. There will not be a right or wrong answer. It will rather be a pass or fail approach for these questions. I am looking for your best attempt. Answers that are unrelated or unreasonable will not be accepted. Exams: Exams will be given over the course of the semester to encourage your ongoing attention to course material. Covered topics will be drawn largely from the lectures and assigned readings. Test 1 will cover Module 1 to 4. Test 2 will cover Module 5 to 8, and Test 3 will cover Module 9 to 11.
Grade Assignments
Assessments are based on 100 points with final letter grades being assigned as follows:
A |
A- |
B+ |
B |
B- |
C+ |
C |
D |
F |
100-93 |
92.9-89 |
88.9-85 |
84.9-80 |
79.9-75 |
74.9-70 |
69.9-65 |
64.9-60 |
59.9-0 |