Educational guide

IDENTIFYING DATA

2023_24

Subject

SECURE DESIGN AND PROGRAMMING

Code

01747004

Study programme

1746 - Máster Universitario de Investigación en Ciberseguridad (OL)

Descriptors

Credit.

Type

Year

Period

Compulsory

First

Language

Castellano

Prerequisites

Department

ING.MECANICA,INFORMAT.AEROESP.

Coordinador

RODRÍGUEZ LERA , FRANCISCO JAVIER

E-mail

fjrodl@unileon.es
cferll@unileon.es

Lecturers

FERNÁNDEZ LLAMAS , CAMINO

RODRÍGUEZ LERA , FRANCISCO JAVIER

Web

http://

General description

Tribunales de Revisión

Tribunal titular
Cargo	Departamento	Profesor
Presidente	ING.MECANICA,INFORMAT.AEROESP.	MATELLAN OLIVERA , VICENTE
Secretario	ING.MECANICA,INFORMAT.AEROESP.	SANCHEZ GONZALEZ , LIDIA
Vocal	ING.MECANICA,INFORMAT.AEROESP.	CASTEJON LIMAS , MANUEL

Tribunal suplente
Cargo	Departamento	Profesor
Presidente		CONDE GONZALEZ , MIGUEL ANGEL
Secretario	ING.MECANICA,INFORMAT.AEROESP.	PEREZ GARCIA , HILDE
Vocal	ING.MECANICA,INFORMAT.AEROESP.	PANIZO ALONSO , LUIS

Competencies

Type A	Code	Competences Specific
	A18804
Type B	Code	Competences Transversal
	B5729
	B5730
	B5731
	B5732
	B5733
	B5734
	B5735
	B5736
	B5737
	B5738
	B5739
	B5740
Type C	Code	Competences Nuclear
	C1
	C2
	C3
	C4
	C5

Learning aims

	Competences
Design and develop secure software avoiding the most common software vulnerabilities	A18804	B5729 B5730 B5731 B5732 B5733 B5734 B5735 B5736 B5737 B5738 B5739 B5740	C1 C2 C3 C4 C5
Program and analyze tasks in different programming languages in the area of communication and software security	A18804	B5729 B5730 B5731 B5732 B5733 B5734 B5735 B5736 B5737 B5738 B5739 B5740	C1 C2 C4 C5
Learn to communicate conclusions		B5729 B5730 B5731 B5732	C3

Contents

Topic	Sub-topic
BLOCK 1. Introduction to Software Security	Topic 1. General presentation Topic 2. Introduction to secure software development
BLOCK 2. Design and Architecture of Secure Software Systems	Topic 1. Design of Software Systems Topic 2. Software Architectures
BLOCK 3. Secure Engineering Methodologies	Topic 1. Implementation Topic 2. Operations Topic 3. Automation and Testing
BLOCK 4. Software Defined - Secure Programming	Topic 1. General Concepts Topic 2. C++ Topic 3. Java Topic 4. Python Topic 5. Programming Errors. Top 25 OWASP and SANS Topic 6. CMU CERT Rules and Recommendations

Planning

Methodologies :: Tests
	Class hours	Hours outside the classroom	Total hours
Personal tuition	2	0	2

Laboratory practicals	20	20	40
Assignments	2	16	18

Lecture	10	20	30

Objective short-answer tests	2	1	3
Practical tests	2	1	3
Oral tests	2	2	4

(*)The information in the planning table is for guidance only and does not take into account the heterogeneity of the students.

Methodologies

Methodologies ::

	Description
Personal tuition	Monitoring student activity and progression. Advising, correcting and proposing improvement activities.
Laboratory practicals	Programming exercises based on lectures under the supervision of the teacher.
Assignments	Individual programming tasks that will be corrected by the teacher and defended by the student.
Lecture	Explanation of theoretical knowledge with the active participation of students.

Personalized attention

Personal tuition

Description

The web page at agora.unileon.es includes the office hours for every teacher involved in the course.

Assessment

	Description	Qualification
Assignments	Coding and individual defense of the code.	20%-40%
Objective short-answer tests	Individual assessment of theoretical contents.	10%-30%
Practical tests	Evaluation of experience obtained by performing the practical assignments of the course.	10%-30%
Oral tests	Final project and its oral defense individually.	10%-30%
Others	Part of the final mark assigned by the teacher depending on students active participation in the course.	0%-10%

Other comments and second call

Sources of information

Access to Recommended Bibliography in the Catalog ULE

Basic	Fred Long, Dhruv Mohindra, Robert . Seacord, Dean F. Sutherland, David Svoboda, Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley Professional, SEI Series in Software Engineering Robert C. Seacord, Secure Coding in C and C++, Addison-Wesley Professional, Second Edition.

Complementary

Recommendations