|COURSE NUMBER||COURSE TITLE|
|CSC-760||Secure Software Development|
|A graduate course in the Information Assurance Track. It introduces basic concepts and latest research trends and results in developing secure software. Topics include the best practices in developing secure software within Software Development Lifecycle (SDLC). |
|Graduate Standing ||See Instructor |
|COURSE MATERIALS / REQUIRED TEXT(s)/ SUPPLEMENTARY READINGS|
|Text: Software Security: Building Security In, Gary McGraw, Addison-Wesley, 2006. ISBN-10: 0321356705
Purchase books/supplies Online at NSU Barnes & Nobles Bookstore (http://norfolkstate.bncollege.com)
|Developing secure software systems has become a challenge due to the complexity of the systems. According to CERT Coordination Center, the number of vulnerabilities reported daily has increased significantly. In addition to the above, the US spends billions to repair systems caused by software errors according to the National Institute of Standards and Technology. Thus security issues must be addressed across the entire software development lifecycle. In this course, basic concepts and the latest research trends and results with respect to secure software development will be cover. Students will be exposed to the following topics:
- Goals and technical trends of software security
- Security requirements
- Software vulnerabilities
- Risk analysis
- Security Analysis and verification
- Software security testing
- Legal and ethical issues
|COURSE GOALS AND INTENDED OUTCOMES|
To introduce basic concepts on secure software development.
To introduce latest research efforts on developing secure software.
Measureable Objectives:Be able to understand secure software engineering principles that are introduced in course and apply them to develop more secure software.
Adopt best practices in the development of software
Be able to identify known software vulnerabilities
Be able to describe and apply software analysis and testing and verification techniques covered in course.
|Introduction to Software Security|
|Security and Software Engineering(historical/future perspectives|
|Security and SDLC|
|Process and Requirements|
|Midterm Exam/Introduction of Project|
|Software Analysis and Verification Architecture and Design|
|Legal and Ethical Issues|
|Presentation on Final Project|
|Test #1 : || 20%|
|Test #2 : || 20%|
|Final Project|| 25%|
| below 50||F|
|51 - 62 ||D|
|63 - 69 ||C-|
|70 - 75 ||C|
|76 - 79 ||C+|
|80 - 85 ||B|
|86 - 89 ||B+|
|90 - 100 ||A|
The instructor reserves the right to revise the grading criteria as appropriate and will make reasonable
attempts to notify students
|ACADEMIC INTEGRITY STANDARDS|
| Test – There will be two exams, the first exam will cover the first half of the course and the second exam will cover material after midterm.
Project – The final project will be announced in the beginning of March.
Presentations- All students will be required to make Powerpoint presentations on topics and participate in class discussions. Each presenter must be prepared to answer questions on their subject matter. These questions will come from other students in the class as well as the professor.
I Grade - No incomplete grades will be given except for illness or other tragic circumstances. In either case, proof of the circumstance must be provided.
Late Assignments - All assignments are expected at the due date. Each student has two late passes. After these are used, assignments and labs that are not turned in on time will be penalized a letter grade for each day that they are late, weekends included. Late passes can not be applied to the project.
Make-up Exams - It is the responsibility of the student to arrange a make-up exam. The student must provide an official university excuse.
Class Participation - Class participation is not averaged into your grade. However, it will be used to determine borderline grades.
Students are expected to check their NSU-email accounts
regularly for correspondence
from the university. Consult the
NSU Student Handbook (pdf)
on NSU's policy regarding student conduct such as attendance, illness, off-campus trips, and grade appeals, etc.
by going to http://www.nsu.edu/studentaffairs/handbook.html
|AMERICANS WITH DISABILITIES ACT (ADA) STATEMENT|
In accordance with Section 504 of the Rehabilitation Act of 1973 and the Americans With
Disabilities Act (ADA) of 1990, if you have a disability or think you have a disability,
we ask that you please contact the Supporting Students through Disability Services (SSDS) office.|
|LOCATION:|| Student Services Center - Room 110D|
|CONTACT PERSON:|| Marian Shepherd - Coordinator SSDS|
|TELEPHONE:|| (757) 823-2014|
|UNIVERSITY ASSESSMENT STATEMENT|
As part of NSU's commitment to provide the environment and resources needed for success, students may be required to
participate in a number of university-wide assessment activities. The activities may include tests, surveys,
focus groups and interviews, and portfolio reviews. The primary purpose of the assessment activities is to
determine the extent to which the university's programs and services maintain a high level of quality and meet
the needs of students. Students will not be identified in the analysis of results. Unless indicated otherwise,
by the instructor, results from University assessment activities will not be computed in student grades. |
UNIVERSITY WIDE & COURSE-SPECIFIC REQUIREMENTS|
Information Technology Literacy
- Learning foundation skills (hardware, software, and operating systems).
- Solving problems utilizing application software from a narrative description.
- Knowing the appropriate software application to apply to a specific task.
CLASS ATTENDANCE POLICY
A student is expected to attend all classes. The student assumes all responsibility
for work missed due
to an absence. Make-up work may be permitted at the discretion of the instructor.
Refer to the
NSU Student Handbook
(http://www.nsu.edu/studentaffairs/pdf/NSUStudentHandbook.pdf) for further details.
- Demonstrating proficiency in utilizing software applications.
NSU E-MAIL ACCOUNTS
In an effort to keep students informed about Norfolk State
University updates and account information, students
must check their official NSU student email account frequently.
You may access your official NSU email account at
http://www.nsu.edu/webmail/. Follow instructions on the NSU-webmail login page.
The instructor reserves the right to revise the syllabi as appropriate and
will make reasonable attempts to notify students.