Educational guide
IDENTIFYING DATA 2023_24
Subject SECURE DESIGN AND PROGRAMMING Code 01747004
Study programme
1746 - Máster Universitario de Investigación en Ciberseguridad (OL)
Descriptors Credit. Type Year Period
4 Compulsory First First
Language
Castellano
Prerequisites
Department ING.MECANICA,INFORMAT.AEROESP.
Coordinador
RODRÍGUEZ LERA , FRANCISCO JAVIER
E-mail fjrodl@unileon.es
cferll@unileon.es
Lecturers
FERNÁNDEZ LLAMAS , CAMINO
RODRÍGUEZ LERA , FRANCISCO JAVIER
Web http://
General description
Tribunales de Revisión
Tribunal titular
Cargo Departamento Profesor
Presidente ING.MECANICA,INFORMAT.AEROESP. MATELLAN OLIVERA , VICENTE
Secretario ING.MECANICA,INFORMAT.AEROESP. SANCHEZ GONZALEZ , LIDIA
Vocal ING.MECANICA,INFORMAT.AEROESP. CASTEJON LIMAS , MANUEL
Tribunal suplente
Cargo Departamento Profesor
Presidente CONDE GONZALEZ , MIGUEL ANGEL
Secretario ING.MECANICA,INFORMAT.AEROESP. PEREZ GARCIA , HILDE
Vocal ING.MECANICA,INFORMAT.AEROESP. PANIZO ALONSO , LUIS

Competencies
Type A Code Competences Specific
  A18804
Type B Code Competences Transversal
  B5729
  B5730
  B5731
  B5732
  B5733
  B5734
  B5735
  B5736
  B5737
  B5738
  B5739
  B5740
Type C Code Competences Nuclear
  C1
  C2
  C3
  C4
  C5

Learning aims
Competences
Design and develop secure software avoiding the most common software vulnerabilities A18804
B5729
B5730
B5731
B5732
B5733
B5734
B5735
B5736
B5737
B5738
B5739
B5740
C1
C2
C3
C4
C5
Program and analyze tasks in different programming languages in the area of communication and software security A18804
B5729
B5730
B5731
B5732
B5733
B5734
B5735
B5736
B5737
B5738
B5739
B5740
C1
C2
C4
C5
Learn to communicate conclusions B5729
B5730
B5731
B5732
C3

Contents
Topic Sub-topic
BLOCK 1. Introduction to Software Security Topic 1. General presentation
Topic 2. Introduction to secure software development
BLOCK 2. Design and Architecture of Secure Software Systems Topic 1. Design of Software Systems
Topic 2. Software Architectures
BLOCK 3. Secure Engineering Methodologies Topic 1. Implementation
Topic 2. Operations
Topic 3. Automation and Testing
BLOCK 4. Software Defined - Secure Programming Topic 1. General Concepts
Topic 2. C++
Topic 3. Java
Topic 4. Python
Topic 5. Programming Errors. Top 25 OWASP and SANS
Topic 6. CMU CERT Rules and Recommendations

Planning
Methodologies  ::  Tests
  Class hours Hours outside the classroom Total hours
Personal tuition 2 0 2
 
Laboratory practicals 20 20 40
Assignments 2 16 18
 
Lecture 10 20 30
 
Objective short-answer tests 2 1 3
Practical tests 2 1 3
Oral tests 2 2 4
 
(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies
Methodologies   ::  
  Description
Personal tuition Monitoring student activity and progression. Advising, correcting and proposing improvement activities.
Laboratory practicals Programming exercises based on lectures under the supervision of the teacher.
Assignments Individual programming tasks that will be corrected by the teacher and defended by the student.
Lecture Explanation of theoretical knowledge with the active participation of students.

Personalized attention
 
Personal tuition
Description
The web page at agora.unileon.es includes the office hours for every teacher involved in the course.

Assessment
  Description Qualification
Assignments Coding and individual defense of the code. 20%-40%
Objective short-answer tests Individual assessment of theoretical contents. 10%-30%
Practical tests Evaluation of experience obtained by performing the practical assignments of the course. 10%-30%
Oral tests Final project and its oral defense individually. 10%-30%
Others Part of the final mark assigned by the teacher depending on students active participation in the course. 0%-10%
 
Other comments and second call

Sources of information
Access to Recommended Bibliography in the Catalog ULE

Basic Fred Long, Dhruv Mohindra, Robert . Seacord, Dean F. Sutherland, David Svoboda, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley Professional, SEI Series in Software Engineering
Robert C. Seacord, Secure Coding in C and C++, Addison-Wesley Professional, Second Edition.

Complementary


Recommendations