Modules

Core Module Information
Module title: Secure Software Development
SCQF level: 10:
SCQF credit value: 20.00
ECTS credit value: 10
Module code: SET10613
Module leader: Ashkan Sami
School School of Computing, Engineering and the Built Environment
Subject area group: Computer Science
Prerequisites

Module Code SET09603
Module Title Advanced Web Development
Examples of Equivalent Learning Experience in object-oriented high-level programming language and web-based programming languages and frameworks.
Description of module content:

12. Module Content
The aim of this module is to teach the theory and practice of secure software development in the context of managed languages (e.g. Java and C#) and in web-based solutions (e.g. JavaScript and online data sources). As such, the module will cover both managed software development and web-based software development, and how we can integrate security throughout the Software Development Lifecycle (SDLC). An indicative list of the topics includes:

Secure software – The SDLC and security, security architectures, legacy systems
Web Technologies – including overview, Server configuration, HTTP, Web services, Authentication mechanisms, Session management
Software vulnerabilities – including OWASP Top 10, common coding errors
Web application security – including XXS, CSRF, Authentication bypass, XXE
Database Security – SQLi
Server-side and Client-side Security – including preventing client and server attacks

Data validation – including input validation, encoding, parameterised queries
Encryption - including certificates, and Architectures such as JCA
Security Testing
Source Code Review – including Code Analysis Tools
Learning Outcomes for module:

Upon completion of this module you will be able to
LO1: Construct a software system in a managed programming language to meet secure software requirements.
LO2: Construct a software system using web technologies to meet secure software requirements.
LO3: Evaluate software systems through a formal process to examine its security capabilities.
LO4: Integrate secure software practices into a software development lifecycle.
LO5: Critically reflect on secure software requirements.
Full Details of Teaching and Assessment
2023/4, Trimester 1, FACE-TO-FACE,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: FACE-TO-FACE
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Ashkan Sami
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 24
Face To Face Practical classes and workshops 48
Independent Learning Guided independent study 66
Face To Face Supervised time in studio/workshop 62
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Project - Practical 60 1-4 1 HOURS= 60, WORDS= 0
Class Test 40 3-5 1 HOURS= 2, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100
2023/4, Trimester 3, FACE-TO-FACE,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: FACE-TO-FACE
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Ashkan Sami
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)
Face To Face Lecture 24
Face To Face Practical classes and workshops 48
Independent Learning Guided independent study 66
Face To Face Supervised time in studio/workshop 62
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words
Project - Practical 60 1-4 1 HOURS= 60, WORDS= 0
Class Test 40 3-5 1 HOURS= 2, WORDS= 0
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Indicative References and Reading List - URL:
Contact your module leader
 

Related information