Secure Software Design
A.Y. 2021/2022
Learning objectives
The course presents principles, processes and techniques for the design and the analysis of software applications, with specific emphasis on secure aspects.
Expected learning outcomes
Students will be able to plan the development of software projects having security aspects. They will have skills on modeling software requirements, developing code from models and performing code testing.
Lesson period: Second four month period
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course cannot be attended as a single course. Please check our list of single courses to find the ones available for enrolment.
Course syllabus and organization
Single session
Responsible
Lesson period
Second four month period
More specific information on the delivery modes of training activities for the academic year 2021-22will be provided over the coming months, based on the evolution of the public health situation.
The entire teaching material of the course is available on the following Ariel site.
Link: http://ericcobenepss.ariel.ctu.unimi.it/
The entire teaching material of the course is available on the following Ariel site.
Link: http://ericcobenepss.ariel.ctu.unimi.it/
Course syllabus
1. SOFTWARE SECURITY. Software properties. Properties of secure software. Software life cycle: software development steps, life cycle models. Security in the software life cycle. The vulnerability cycle. Design-level attacks. Implementation-level attacks. Operations-level attacks.
2. SECURITY ARCHITECTURE. Principles of security architecture. Security architecture guide lines. Criteria for selecting secure technologies The Java sandbox case study.
3. DESIGN OF SECURE SOFTWARE. Properties of secure software models. Specification methods. Finite state machines. Communicating Machines. UML state machines. Design by contract. Java Modeling Language tool.
4. IMPLEMENTATION. Good and bad implementation practices. Security level of programming languages. Security violations in C code. Secure C code. An introduction to the Java Language. From models to code: finite state machines in Java.
5. TESTING. The testing activity within the software life cycle. Kinds of testing. Validation and verification techniques. Testing limits. Program-based testing. Program flow chart. Statement coverage, branch coverage, decision and condition coverage. MCC and MCDC methods. Tools Emma and JUnit.
2. SECURITY ARCHITECTURE. Principles of security architecture. Security architecture guide lines. Criteria for selecting secure technologies The Java sandbox case study.
3. DESIGN OF SECURE SOFTWARE. Properties of secure software models. Specification methods. Finite state machines. Communicating Machines. UML state machines. Design by contract. Java Modeling Language tool.
4. IMPLEMENTATION. Good and bad implementation practices. Security level of programming languages. Security violations in C code. Secure C code. An introduction to the Java Language. From models to code: finite state machines in Java.
5. TESTING. The testing activity within the software life cycle. Kinds of testing. Validation and verification techniques. Testing limits. Program-based testing. Program flow chart. Statement coverage, branch coverage, decision and condition coverage. MCC and MCDC methods. Tools Emma and JUnit.
Prerequisites for admission
Prerequisites of this course are the knowledge and concepts learned in the courses of Programming and Security in web and mobile systems. Passing these exams is therefore strongly recommended.
Teaching methods
Lessons and virtual lab activities
Teaching Resources
· Mark G. Graff, Kenneth R. van Wyk. Secure Coding: Principles and Practices. O'Reilly, 2003.
· Ghezzi Carlo, Jazayeri Mehdi, Mandrioli Dino. Ingegneria del software. Fondamenti e principi. Pearson Education Italia, 2004, 2ª ed.
· Glenford J. Myers, Corey Sandler, Tom Badgett, Todd M. Thomas. The Art of Software Testing. John Wiley & Sons; 2 edition, 2004.
· G. Pighizzini, M. Ferrari. Dai fondamenti agli oggetti - Corso di Programmazione Java. Terza Edizione. Pearson Education, 2008.
Web Site: http://ericcobenepss.ariel.ctu.unimi.it/
· Ghezzi Carlo, Jazayeri Mehdi, Mandrioli Dino. Ingegneria del software. Fondamenti e principi. Pearson Education Italia, 2004, 2ª ed.
· Glenford J. Myers, Corey Sandler, Tom Badgett, Todd M. Thomas. The Art of Software Testing. John Wiley & Sons; 2 edition, 2004.
· G. Pighizzini, M. Ferrari. Dai fondamenti agli oggetti - Corso di Programmazione Java. Terza Edizione. Pearson Education, 2008.
Web Site: http://ericcobenepss.ariel.ctu.unimi.it/
Assessment methods and Criteria
The exam consists of a written test and a practical test, both mandatory and both lasting two hours. The written test aims to verify the student's knowledge of the theoretical aspects of the course (through open-ended questions and / or exercises). The practical test (to be done in the lab) aims to ascertain the student's skills on some software tools for the definition of contracts and the validation of Java code. The written test is evaluated in twentieths, the laboratory test in tenths and the overall mark consists of the sum of the two assessments.
Possible online exams will be taken on the exam.net platform, following the indications given at the University website.
The written test will have the same structure of the same test taken in presence, but slightly reduced time.
Possible online exams will be taken on the exam.net platform, following the indications given at the University website.
The written test will have the same structure of the same test taken in presence, but slightly reduced time.
Professor(s)