Educational guide | ||||||||||||||||||||||||||||||||||||||||
IDENTIFYING DATA | 2023_24 | |||||||||||||||||||||||||||||||||||||||
Subject | SECURE DESIGN AND PROGRAMMING | Code | 01747004 | |||||||||||||||||||||||||||||||||||||
Study programme |
|
|||||||||||||||||||||||||||||||||||||||
Descriptors | Credit. | Type | Year | Period | ||||||||||||||||||||||||||||||||||||
4 | Compulsory | First | First |
|||||||||||||||||||||||||||||||||||||
Language |
|
|||||||||||||||||||||||||||||||||||||||
Prerequisites | ||||||||||||||||||||||||||||||||||||||||
Department | ING.MECANICA,INFORMAT.AEROESP. |
|||||||||||||||||||||||||||||||||||||||
Coordinador |
|
fjrodl@unileon.es cferll@unileon.es |
||||||||||||||||||||||||||||||||||||||
Lecturers |
|
|||||||||||||||||||||||||||||||||||||||
Web | http:// | |||||||||||||||||||||||||||||||||||||||
General description | ||||||||||||||||||||||||||||||||||||||||
Tribunales de Revisión |
|
|||||||||||||||||||||||||||||||||||||||
Competencies |
Type A | Code | Competences Specific |
A18804 | ||
Type B | Code | Competences Transversal |
B5729 | ||
B5730 | ||
B5731 | ||
B5732 | ||
B5733 | ||
B5734 | ||
B5735 | ||
B5736 | ||
B5737 | ||
B5738 | ||
B5739 | ||
B5740 | ||
Type C | Code | Competences Nuclear |
C1 | ||
C2 | ||
C3 | ||
C4 | ||
C5 |
Learning aims |
Competences | |||
Design and develop secure software avoiding the most common software vulnerabilities | A18804 |
B5729 B5730 B5731 B5732 B5733 B5734 B5735 B5736 B5737 B5738 B5739 B5740 |
C1 C2 C3 C4 C5 |
Program and analyze tasks in different programming languages in the area of communication and software security | A18804 |
B5729 B5730 B5731 B5732 B5733 B5734 B5735 B5736 B5737 B5738 B5739 B5740 |
C1 C2 C4 C5 |
Learn to communicate conclusions | B5729 B5730 B5731 B5732 |
C3 |
Contents |
Topic | Sub-topic |
BLOCK 1. Introduction to Software Security | Topic 1. General presentation Topic 2. Introduction to secure software development |
BLOCK 2. Design and Architecture of Secure Software Systems | Topic 1. Design of Software Systems Topic 2. Software Architectures |
BLOCK 3. Secure Engineering Methodologies | Topic 1. Implementation Topic 2. Operations Topic 3. Automation and Testing |
BLOCK 4. Software Defined - Secure Programming | Topic 1. General Concepts Topic 2. C++ Topic 3. Java Topic 4. Python Topic 5. Programming Errors. Top 25 OWASP and SANS Topic 6. CMU CERT Rules and Recommendations |
Planning |
Methodologies :: Tests | |||||||||
Class hours | Hours outside the classroom | Total hours | |||||||
Personal tuition | 2 | 0 | 2 | ||||||
Laboratory practicals | 20 | 20 | 40 | ||||||
Assignments | 2 | 16 | 18 | ||||||
Lecture | 10 | 20 | 30 | ||||||
Objective short-answer tests | 2 | 1 | 3 | ||||||
Practical tests | 2 | 1 | 3 | ||||||
Oral tests | 2 | 2 | 4 | ||||||
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students. |
Methodologies |
Description | |
Personal tuition | Monitoring student activity and progression. Advising, correcting and proposing improvement activities. |
Laboratory practicals | Programming exercises based on lectures under the supervision of the teacher. |
Assignments | Individual programming tasks that will be corrected by the teacher and defended by the student. |
Lecture | Explanation of theoretical knowledge with the active participation of students. |
Personalized attention |
|
|
Assessment |
Description | Qualification | ||
Assignments | Coding and individual defense of the code. | 20%-40% | |
Objective short-answer tests | Individual assessment of theoretical contents. | 10%-30% | |
Practical tests | Evaluation of experience obtained by performing the practical assignments of the course. | 10%-30% | |
Oral tests | Final project and its oral defense individually. | 10%-30% | |
Others | Part of the final mark assigned by the teacher depending on students active participation in the course. | 0%-10% | |
Other comments and second call | |||
Sources of information |
Access to Recommended Bibliography in the Catalog ULE |
Basic |
Fred Long, Dhruv Mohindra, Robert . Seacord, Dean F. Sutherland, David Svoboda, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley Professional, SEI Series in Software Engineering Robert C. Seacord, Secure Coding in C and C++, Addison-Wesley Professional, Second Edition. |
Complementary | |
Recommendations |