SYLLABUS
University: Technical University of Košice
Faculty: Faculty of Electrical Engineering and Informatics
Department: Department of Computers and Informatics
Course Number: 26001201 Course Name: Software security
Type, scope and method of learning activities:
Course Type: Lecture, Laboratory exercise
Recommended scope of the course content (in hours):
Full-time study (hours per week): 2,2
Part-time study (hours per semester): 26,26
Study Method: Attendance
Number of credits: 6
Recommended semester of study: WT
Recommended semester Study programme Study grade Study Method
2.rok WT Cybersecurity (KB_Ing_D_sk)
Informatics (INF_Ing_D_sk)
Informatics (INF_Ing_D_en)
Master
Master
Master
Attendance
Attendance
Attendance
Level of study:
Prerequisites:
Course completion requirements:
Assessment and completion of the course: Credit test and examination
Continuous assessment: Student passes the continuous assessment and receives credits when he or she meets the requirement to obtain at least 21% out of 40%.
Credit test
Final assessment: Student passes the final assessment and passes the examination when he or she meets the requirement to obtain at least 31% out of 60%.
Examination
Overall assessment: Overall assessment is the sum of the assessments obtained by students in the assessment period. The overall result is determined in accordance with the internal regulations of the Technical University in Košice. (Study Regulations, the internal regulation principles of doctoral studies)
Learning outcomes:
The subject aims to become familiar with the principles and practices of secure programming. Secure programming means creating secure software without vulnerabilities that attackers could exploit. The result is the application of security features of libraries such as authentication, encryption, and others.
Brief course content:
1. Principles of safe programming
2. Defensive programming
3. Input control, data validation
4. Tank overflow
5. Race gambling
6. Static, dynamic analysis
7. Security of sensitive data
8. Selection of programming language
9. Testing
10. SDLC and Security
Recommended Reference Sources:
1.   J. Viega and G. McGraw. Building Secure Software: How to Avoid Security Problems the Right Way. Addison-Wesley, 2001.
2.      M. Howard and D. LeBlanc. Writing Secure Code. Microsoft Press, second edition, 2003.
3.      David Basin, Patrick Schaller, Michael Schlapfer. Applied Information Security: A Hands-on Approach. Springer, 2011.
4.      Fred Long et al. The Oracle/CERT Secure Coding Standard for Java, Addison-Wesley, 2011. Available online at http://www.cert.org/secure-coding/.
5.      B. Chess and J. West. Secure Programming with Static Analysis. Addison-Wesley, 2007.
6.      The OWASP web application security project: https://www.owasp.org/.
Recommended optional program components:
Languages required for the course completion:
Notes:
Course assessment:
Total number of students assessed: 0
  A B C D E FX  
  0% 0% 0% 0% 0% 0%  
Teacher:
doc. Ing. Martin Chovanec, PhD.
doc. Ing. Branislav Madoš, PhD.
Last modified: 01.09.2022
Approved by: person(s) responsible for the study program