Secure software design

A.Y. 2020/2021
Overall hours
Learning objectives
The course presents principles, processes and techniques for the design and the analysis of software applications, with specific emphasis on secure aspects.
Expected learning outcomes
Students will be able to plan the development of software projects having security aspects. They will have skills on modeling software requirements, developing code from models and performing code testing.
Course syllabus and organization

Single session

Lesson period
Second four month period
Unless further indications from DR, for the AA. 2020/21 the lessons will be delivered online in synchronous mode through the Microsoft Teams platform. Recorded lessons will also be made available online at the Ariel course website for possible asynchronous use. The individual or group chat services of the course Teams will be used for asynchronous communication between the teacher and students.
The entire teaching material of the course is available on the following Ariel site.
Course syllabus
1. SOFTWARE SECURITY. Software properties. Properties of secure software. Software life cycle: software development steps, life cycle models. Security in the software life cycle. The vulnerability cycle. Design-level attacks. Implementation-level attacks. Operations-level attacks.

2. SECURITY ARCHITECTURE. Principles of security architecture. Security architecture guide lines. Criteria for selecting secure technologies The Java sandbox case study.

3. DESIGN OF SECURE SOFTWARE. Properties of secure software models. Specification methods. Finite state machines. Communicating Machines. UML state machines. Design by contract. Java Modeling Language tool.

4. IMPLEMENTATION. Good and bad implementation practices. Security level of programming languages. Security violations in C code. Secure C code. An introduction to the Java Language. From models to code: finite state machines in Java.

5. TESTING. The testing activity within the software life cycle. Kinds of testing. Validation and verification techniques. Testing limits. Program-based testing. Program flow chart. Statement coverage, branch coverage, decision and condition coverage. MCC and MCDC methods. Tools Emma and JUnit.
Prerequisites for admission
Prerequisites of this course are the knowledge and concepts learned in the courses of Programming and Security in web and mobile systems. Passing these exams is therefore strongly recommended.
Teaching methods
Lessons and virtual lab activities
Teaching Resources
· Mark G. Graff, Kenneth R. van Wyk. Secure Coding: Principles and Practices. O'Reilly, 2003.
· Ghezzi Carlo, Jazayeri Mehdi, Mandrioli Dino. Ingegneria del software. Fondamenti e principi. Pearson Education Italia, 2004, 2ª ed.
· Glenford J. Myers, Corey Sandler, Tom Badgett, Todd M. Thomas. The Art of Software Testing. John Wiley & Sons; 2 edition, 2004.
· G. Pighizzini, M. Ferrari. Dai fondamenti agli oggetti - Corso di Programmazione Java. Terza Edizione. Pearson Education, 2008.

Web Site:
Assessment methods and Criteria
The exam consists of a written test and a practical test, both mandatory and both lasting two hours. The written test aims to verify the student's knowledge of the theoretical aspects of the course (through open-ended questions and / or exercises). The practical test (to be done in the lab) aims to ascertain the student's skills on some software tools for the definition of contracts and the validation of Java code. The written test is evaluated in twentieths, the laboratory test in tenths and the overall mark consists of the sum of the two assessments.

Possible online exams will be taken on the platform, following the indications given at the University website.
The written test will have the same structure of the same test taken in presence, but slightly reduced time.
INF/01 - INFORMATICS - University credits: 6
Lessons: 48 hours
on appointment
Dept. of Computer Science