There is a class of software defects that can be easily avoided but which are a primary cause of commonly exploited software vulnerabilities. Empirical evidence shows that most vulnerabilities stem from a relatively small number of common programming errors. By identifying insecure coding practices and developing secure alternatives, software developers can take practical steps to reduce or eliminate vulnerabilities during design and deployment. Employing secure programming techniques before the software is deployed can lead to significant security-related cost savings.
The aim of this module is to:
- introduce the students to the principles of secure software development, installation, maintenance and management,
- give the students a thorough understanding of the secure software development issues,
- provide students with practical in-depth secure software development experience using the appropriate technologies and techniques
Common software vulnerabilities: buffer overflow, heap overflow, stack overflow, format string vulnerabilities, integer errors and race conditions, and memory corruption. Input validation. Error handling
How vulnerabilities are exploited using shellcode generation.
Static Code Analysis: Viruses, worms, malware and malicious code, botnets and social networks.
Source code analysis techniques and tools.
Fundamentals of cryptography and applications in secure systems development.
Building secure authentication, authorization and access control mechanisms.
Fundamentals and application of public and permissioned blockchain technology.
Byzantine fault-tolerant consensus algorithms.
Analysis of attacks on blockchain and blockchain security properties.
Architecture and security of decentralised applications.
The module is designed to be delivered within a blended learning model, employing mixed modes (online and face to face) of learning, teaching and assessment.
TU059 will be delivered primarily in a face-to-face mode while TU060 will be delivered in a blended mode.
Contact and online theory lectures and tutorials
Practical work in laboratories
Class and group discussions and presentations
Individual project work
Case studies
Academic literature reviews
| Module Content & Assessment | |
|---|---|
| Assessment Breakdown | % |
| Other Assessment(s) | 100 |