Graduate Course
CSC 760
Secure Software Development
COURSESYLLABUS
CSC 760   Secure Software Development

SEMESTERS OFFERED:  Fall/2013

Printable Version
COURSE NUMBERCOURSE TITLE
CSC-760Secure Software Development
 
COURSE DESCRIPTION
A graduate course in the Information Assurance Track. It introduces basic concepts and latest research trends and results in developing secure software. Topics include the best practices in developing secure software within Software Development Lifecycle (SDLC).
 
PREREQUISITESCO-REQUISITES
Graduate Standing See Instructor
 
COURSE MATERIALS / REQUIRED TEXT(s)/ SUPPLEMENTARY READINGS
Text: Software Security: Building Security In, Gary McGraw, Addison-Wesley, 2006.     ISBN-10: 0321356705
Purchase books/supplies Online at NSU Barnes & Nobles Bookstore (http://norfolkstate.bncollege.com)
 
COURSE RATIONALE
Developing secure software systems has become a challenge due to the complexity of the systems. According to CERT Coordination Center, the number of vulnerabilities reported daily has increased significantly. In addition to the above, the US spends billions to repair systems caused by software errors according to the National Institute of Standards and Technology. Thus security issues must be addressed across the entire software development lifecycle. In this course, basic concepts and the latest research trends and results with respect to secure software development will be cover. Students will be exposed to the following topics:
  1. Goals and technical trends of software security
  2. Security requirements
  3. Software vulnerabilities
  4. Risk analysis
  5. Security Analysis and verification
  6. Software security testing
  7. Legal and ethical issues
 
COURSE GOALS AND INTENDED OUTCOMES
Main Objective:
  • To introduce basic concepts on secure software development.
  • To introduce latest research efforts on developing secure software.
    Measureable Objectives:
  • Be able to understand secure software engineering principles that are introduced in course and apply them to develop more secure software.
  • Adopt best practices in the development of software
  • Be able to identify known software vulnerabilities
  • Be able to describe and apply software analysis and testing and verification techniques covered in course.
    •  
    COURSE OUTLINE
    TOPIC
    Introduction to Software Security
    Security and Software Engineering(historical/future perspectives
    Security and SDLC
    Process and Requirements
    Midterm Exam/Introduction of Project
    Software Vulnerabilities
    Software Vulnerabilities
    Software Analysis and Verification Architecture and Design
    Security Testing
    Legal and Ethical Issues
    Presentation on Final Project
     
    GRADING STANDARDS
    Tests 40%
    Test #1 : 20%
    Test #2 : 20%
    Assignments/Presentations 35%
    Final Project 25%
    TOTAL100%


    Grading Standards
    below 50F
    51 - 62 D
    63 - 69 C-
    70 - 75 C
    76 - 79 C+
    80 - 85 B
    86 - 89 B+
    90 - 100 A

    The instructor reserves the right to revise the grading criteria as appropriate and will make reasonable attempts to notify students
     
    ACADEMIC INTEGRITY STANDARDS
  • Test – There will be two exams, the first exam will cover the first half of the course and the second exam will cover material after midterm.
  • Project – The final project will be announced in the beginning of March.
  • Presentations- All students will be required to make Powerpoint presentations on topics and participate in class discussions. Each presenter must be prepared to answer questions on their subject matter. These questions will come from other students in the class as well as the professor.
  • I Grade - No incomplete grades will be given except for illness or other tragic circumstances. In either case, proof of the circumstance must be provided.
  • Late Assignments - All assignments are expected at the due date. Each student has two late passes. After these are used, assignments and labs that are not turned in on time will be penalized a letter grade for each day that they are late, weekends included. Late passes can not be applied to the project.
  • Make-up Exams - It is the responsibility of the student to arrange a make-up exam. The student must provide an official university excuse.
  • Class Participation - Class participation is not averaged into your grade. However, it will be used to determine borderline grades.


    • E-Mail Policy: Students are expected to check their NSU-email accounts regularly for correspondence from the university. Consult the NSU Student Handbook (pdf) on NSU's policy regarding student conduct such as attendance, illness, off-campus trips, and grade appeals, etc. by going to http://www.nsu.edu/studentaffairs/handbook.html
     
    AMERICANS WITH DISABILITIES ACT (ADA) STATEMENT
    In accordance with Section 504 of the Rehabilitation Act of 1973 and the Americans With Disabilities Act (ADA) of 1990, if you have a disability or think you have a disability, we ask that you please contact the Supporting Students through Disability Services (SSDS) office.
    LOCATION: Student Services Center - Room 110D
    CONTACT PERSON: Marian Shepherd - Coordinator SSDS
    TELEPHONE: (757) 823-2014
    EMAIL: mshepherd@nsu.edu
     
    UNIVERSITY ASSESSMENT STATEMENT
    As part of NSU's commitment to provide the environment and resources needed for success, students may be required to participate in a number of university-wide assessment activities. The activities may include tests, surveys, focus groups and interviews, and portfolio reviews. The primary purpose of the assessment activities is to determine the extent to which the university's programs and services maintain a high level of quality and meet the needs of students. Students will not be identified in the analysis of results. Unless indicated otherwise, by the instructor, results from University assessment activities will not be computed in student grades.
     
    UNIVERSITY WIDE & COURSE-SPECIFIC REQUIREMENTS
      Information Technology Literacy
    • Learning foundation skills (hardware, software, and operating systems).
      Critical Thinking
    • Solving problems utilizing application software from a narrative description.
    • Knowing the appropriate software application to apply to a specific task.
      Laboratory
    • Demonstrating proficiency in utilizing software applications.
    CLASS ATTENDANCE POLICY
  • A student is expected to attend all classes. The student assumes all responsibility for work missed due to an absence. Make-up work may be permitted at the discretion of the instructor. Refer to the NSU Student Handbook (http://www.nsu.edu/studentaffairs/pdf/NSUStudentHandbook.pdf) for further details.


    • NSU E-MAIL ACCOUNTS
  • In an effort to keep students informed about Norfolk State University updates and account information, students must check their official NSU student email account frequently.
    You may access your official NSU email account at http://www.nsu.edu/webmail/. Follow instructions on the NSU-webmail login page.
    •  
    DISCLAIMER
  • The instructor reserves the right to revise the syllabi as appropriate and will make reasonable attempts to notify students.
    •  
    NSU Department of Computer Science
    700 Park Avenue
    Norfolk, VA 23504
     Phone: (757) 823-9454
         Fax: (757) 823-9229
      eMail: CompSci@nsu.edu
    Home | Resources | People | Courses | Undergraduate Program | Graduate Program |
    Research | News & Events
    Norfolk State University - Department of Computer Science
    Copyright © 2008. All Rights Reserved.
    		NSU College Of Science, Engineering & Technology