Core Module Information
Module title: Secure Software Development

SCQF level: 10:
SCQF credit value: 20.00
ECTS credit value: 10

Module code: SET10613
Module leader: Ashkan Sami
School School of Computing, Engineering and the Built Environment
Subject area group: Computer Science
Prerequisites

Requisites: AND Pre-requisite: Experience in object-oriented high-level programming language and web-based programming languages and frameworks. AND Pre-requisite: [Module SET09603] Advanced Web Technologies

Description of module content:

12. Module ContentThe aim of this module is to teach the theory and practice of secure software development in the context of managed languages (e.g. Java and C#) and in web-based solutions (e.g. JavaScript and online data sources). As such, the module will cover both managed software development and web-based software development, and how we can integrate security throughout the Software Development Lifecycle (SDLC). An indicative list of the topics includes:Secure software – The SDLC and security, security architectures, legacy systemsWeb Technologies – including overview, Server configuration, HTTP, Web services, Authentication mechanisms, Session managementSoftware vulnerabilities – including OWASP Top 10, common coding errorsWeb application security – including XXS, CSRF, Authentication bypass, XXEDatabase Security – SQLiServer-side and Client-side Security – including preventing client and server attacksData validation – including input validation, encoding, parameterised queriesEncryption - including certificates, and Architectures such as JCASecurity Testing Source Code Review – including Code Analysis Tools

Learning Outcomes for module:

Upon completion of this module you will be able to

LO1: Construct a software system in a managed programming language to meet secure software requirements.

LO2: Construct a software system using web technologies to meet secure software requirements.

LO3: Evaluate software systems through a formal process to examine its security capabilities.

LO4: Integrate secure software practices into a software development lifecycle.

LO5: Critically reflect on secure software requirements.

Full Details of Teaching and Assessment
2024/5, Trimester 1, In Person,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: In Person
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Ashkan Sami
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)NESH Description
Face To Face Lecture 24 LECTURE
Face To Face Practical classes and workshops 48 Practical classes and workshops
Face To Face Supervised time in studio/workshop 62 Supervised time in studio/workshop
Online Guided independent study 66 Guided independent study
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words Description
Project - Practical 60 1~2~3~4 Week 1 HOURS= 60 Project - Practical
Class Test 40 3~4~5 Week 1 HOURS= 2 Class Test
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100
2024/5, Trimester 2, FACE-TO-FACE,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: FACE-TO-FACE
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Ashkan Sami
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)NESH Description
Face To Face Lecture 24 Contact Module Leader
Face To Face Practical classes and workshops 48 Contact Module Leader
Independent Learning Guided independent study 66 Contact Module Leader
Face To Face Supervised time in studio/workshop 62 Contact Module Leader
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words Description
Project - Practical 60 1-4 1 HOURS= 60, WORDS= 0 Contact Module Leader
Class Test 40 3-5 1 HOURS= 2, WORDS= 0 Contact Module Leader
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100
2024/5, Trimester 3, FACE-TO-FACE,
VIEW FULL DETAILS
Occurrence: 001
Primary mode of delivery: FACE-TO-FACE
Location of delivery: MYANMAR
Partner:
Member of staff responsible for delivering module: Ashkan Sami
Module Organiser:


Student Activity (Notional Equivalent Study Hours (NESH))
Mode of activityLearning & Teaching ActivityNESH (Study Hours)NESH Description
Face To Face Lecture 24 Contact Module Leader
Face To Face Practical classes and workshops 48 Contact Module Leader
Independent Learning Guided independent study 66 Contact Module Leader
Face To Face Supervised time in studio/workshop 62 Contact Module Leader
Total Study Hours200
Expected Total Study Hours for Module200


Assessment
Type of Assessment Weighting % LOs covered Week due Length in Hours/Words Description
Project - Practical 60 1-4 1 HOURS= 60, WORDS= 0 Contact Module Leader
Class Test 40 3-5 1 HOURS= 2, WORDS= 0 Contact Module Leader
Component 1 subtotal: 100
Component 2 subtotal: 0
Module subtotal: 100

Indicative References and Reading List - URL:
Contact your module leader