Secured Software Engineering for MSc (M) COMPSCI5104

  • Academic Session: 2024-25
  • School: School of Computing Science
  • Credits: 10
  • Level: Level 5 (SCQF level 11)
  • Typically Offered: Semester 2
  • Available to Visiting Students: No
  • Collaborative Online International Learning: No

Short Description

This course covers secure software engineering methods and techniques. It explores all aspects of the software engineering lifecycle that are directly applicable to designing systems where security and/or privacy is critical.

Timetable

TBC

Requirements of Entry

Programming and Systems Development (H)

Excluded Courses

None

Co-requisites

None

Assessment

Class Test 80%, 20% for assessed coursework

(We note that there is no option for a Class Test in the list above)

Are reassessment opportunities available for all summative assessments? No

The coursework cannot be redone because the feedback provided to the students after the original coursework would give any students redoing the coursework an unfair advantage.

 

Students will be able to resit the Class test.

Course Aims

Broadly, this course aims to offer practical knowledge on engineering secure systems across the software engineering life-cycle. These include requirements, design, implementation, testing and maintenance. Topics covered include secure design principles and patterns, eliciting security requirements and uncovering security flaws in software design. This is in addition to fundamental privacy engineering concepts such as Privacy-by-Design and other the conceptual framework for understanding privacy in software. This course also devotes a significant time to discussing well known secure design solutions including architectural patterns and design patterns focusing on security/privacy countermeasures. We discuss information-flow analysis and evaluation as mechanisms to assess the effectiveness of the secure design solutions implemented in source code.

 

The course will help prepare students to apply software security and privacy techniques in industry, as well as to pursue research in software engineering, security and privacy.

 

 

 

Intended Learning Outcomes of Course

By the end of this course students will be able to:

1. Describe the life cycle for developing secure software systems.

2. Apply lightweight refactoring methods to balance trade-offs between competing security, privacy and functionality quality measures in software.

3. Verify the effectiveness of a secure software design solution.

4. Explore general approaches to privacy engineering and Privacy-by-Design paradigm in software.

5. Build a simple privacy justificatory framework for justifying the extent a given software aligns with data protection regulations (e.g GDPR, HIPPA, etc.).

6. Apply secure software design principles to a range of application domains and case studies such as social networks, internet of things, mobile computing, ecommerce, service oriented architectures, multi-agent and autonomous systems.

Minimum Requirement for Award of Credits

Students must submit at least 75% by weight of the components (including examinations or class tests) of the course's summative assessment.