Module title: Secure Software Development

SCQF level: 10:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: SET10413
Module leader: Zakwan Jaroucheh
School School of Computing
Subject area group: Software Engineering
Prerequisites

Module Code SET08408 or CSN08414 and SET08401
Module Title Object-oriented Software Development or Scripting for Cybersecurity and Networks, and Web technologies
Examples of Equivalent Learning Experience in object-oriented high-level programming language, and Web-based programming languages.


Description of module content:

The aim of this module is to teach the theory and practice of secure software development in the context of managed languages (e.g. Java and C#) and in web-based solutions (e.g. JavaScript and online data sources). As such the module will cover both managed software development and web-based software development, and how we can integrate security throughout the Software Development Lifecycle (SDLC). An indicative list of the topics includes:

• Common Web vulnerabilities (e.g. XSS, CSRF, SQL Injection) and the corresponding countermeasures.
• Log management & intrusion detection mechanisms.
• Securing data at rest and in transit.
• Authentication and session management.
• JSON Web Tokens.
• Race condition and safe-IO.
• Secure SDLC and security testing.

Learning Outcomes for module:

Upon completion of this module you will be able to
LO1: Construct a software system in a managed programming language to meet secure software requirements.
LO2: Construct a software system using web technologies to meet secure software requirements.
LO3: Evaluate software systems through a formal process to examine its security capabilities.
LO4: Integrate secure software practices into a software development lifecycle.
LO5: Critically reflect on secure software requirements.

Indicative References and Reading List - URL:

Please contact your Module Leader for details
Click here to view the LibrarySearch.