Course: Software Security credits: 5
- Course code
- ITVP20SCY
- Name
- Software Security
- Study year
- 2021-2022
- ECTS credits
- 5
- Language
- Dutch, with parts in English
- Coordinator
- N. van der Spek
- Modes of delivery
-
- Lecture
- Practical / Training
- Assessments
-
- Assignments Software Security - Other assessment
- English Assignments - Other assessment
Learning outcomes
The student can:
1. Detect common security vulnerabilities in a desktop application through the use of tools such as American Fuzzy Lop.
2. Detect common security vulnerabilities in a web application through the use of tools such as Burp Suite.
3. Discuss the advantages and disadvantages – as well as the appropriateness – of applying a given security tool within the software development life-cycle.
4. Carry out an architectural security risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as Microsoft's DFD-based STRIDE.
5. Carry out an architectural privacy risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as DistriNet's DFD-based LINDDUN.
6. Argue for and against a claim describing the responsibility of developers for addressing security problems in a given system.
7. Speak and write in English at CEFR B2 level.
8. Carry out a root-cause analysis on an existing project and report the findings in a structured short paper.
9. Build on the following philosophical theories in oral argumentation: the boundary between humans and machines (Turing test, Chinese room argument), responsibilities in applying AI and IoT technologies, and the implications of actor-network theory.
1. Detect common security vulnerabilities in a desktop application through the use of tools such as American Fuzzy Lop.
2. Detect common security vulnerabilities in a web application through the use of tools such as Burp Suite.
3. Discuss the advantages and disadvantages – as well as the appropriateness – of applying a given security tool within the software development life-cycle.
4. Carry out an architectural security risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as Microsoft's DFD-based STRIDE.
5. Carry out an architectural privacy risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as DistriNet's DFD-based LINDDUN.
6. Argue for and against a claim describing the responsibility of developers for addressing security problems in a given system.
7. Speak and write in English at CEFR B2 level.
8. Carry out a root-cause analysis on an existing project and report the findings in a structured short paper.
9. Build on the following philosophical theories in oral argumentation: the boundary between humans and machines (Turing test, Chinese room argument), responsibilities in applying AI and IoT technologies, and the implications of actor-network theory.
Content
The student can:
1. Detect common security vulnerabilities in a desktop application through the use of tools such as American Fuzzy Lop.
2. Detect common security vulnerabilities in a web application through the use of tools such as Burp Suite.
3. Discuss the advantages and disadvantages – as well as the appropriateness – of applying a given security tool within the software development life-cycle.
4. Carry out an architectural security risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as Microsoft's DFD-based STRIDE.
5. Carry out an architectural privacy risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as DistriNet's DFD-based LINDDUN.
6. Argue for and against a claim describing the responsibility of developers for addressing security problems in a given system.
7. Speak and write in English at CEFR B2 level.
8. Carry out a root-cause analysis on an existing project and report the findings in a structured short paper.
9. Build on the following philosophical theories in oral argumentation: the boundary between humans and machines (Turing test, Chinese room argument), responsibilities in applying AI and IoT technologies, and the implications of actor-network theory.
1. Detect common security vulnerabilities in a desktop application through the use of tools such as American Fuzzy Lop.
2. Detect common security vulnerabilities in a web application through the use of tools such as Burp Suite.
3. Discuss the advantages and disadvantages – as well as the appropriateness – of applying a given security tool within the software development life-cycle.
4. Carry out an architectural security risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as Microsoft's DFD-based STRIDE.
5. Carry out an architectural privacy risk analysis (i.e. design review) of a software-centric system using a threat modelling approach such as DistriNet's DFD-based LINDDUN.
6. Argue for and against a claim describing the responsibility of developers for addressing security problems in a given system.
7. Speak and write in English at CEFR B2 level.
8. Carry out a root-cause analysis on an existing project and report the findings in a structured short paper.
9. Build on the following philosophical theories in oral argumentation: the boundary between humans and machines (Turing test, Chinese room argument), responsibilities in applying AI and IoT technologies, and the implications of actor-network theory.
Included in programme(s)
School(s)
- School of Communication, Media & IT