COURSE UNIT TITLE

: SECURE SOFTWARE DESIGN AND PROGRAMMING

Description of Individual Course Units

Course Unit Code Course Unit Title Type Of Course D U L ECTS
CSC 5017 SECURE SOFTWARE DESIGN AND PROGRAMMING ELECTIVE 3 0 0 8

Offered By

Graduate School of Natural and Applied Sciences

Level of Course Unit

Second Cycle Programmes (Master's Degree)

Course Coordinator

ASSISTANT PROFESSOR ERDEM ALKIM

Offered to

Ph.D. in Computer Science (English)
Computer Science

Course Objective

This course aims to provide a thorough, up-to-date coverage of the entire discipline of computer security specifically in design and development, doing code review using static analysis tools and to learn how to do architectural risk analysis, penetration testing and security testing.

Learning Outcomes of the Course Unit

1   To be able to understand the computer security threats
2   To be able to utilize the secure coding principles across multiple operating system domains
3   To be able to do the security testing
4   To be able to perform a Security Code Review
5   To understand and appreciate the importance of the standards that are central to today's security solutions

Mode of Delivery

Face -to- Face

Prerequisites and Co-requisites

None

Recomended Optional Programme Components

None

Course Contents

Week Subject Description
1 Introduction, Basic Threats, Vulnerability Analysis, Profile Analysis
2 Secure Coding Techniques
3 Side-Channel analysis and threats
4 Side-Channel sources
5 Cryptographic Issues
6 Runtime and cache attacks
7 Midterm exam
8 Runtime and cache attacks (continued)
9 Speculative execution based attacks
10 Power based side channel attacks
11 Fault injection
12 Rowhammer type attacks

Recomended or Required Reading

Textbook(s): Gary McGraw, Software Security: Building Security In, Addison-Wesley, 2006.
Supplementary Book(s):
- Michael Howard, David LeBlanc, Writing Secure Code, 2nd. Ed., Microsoft Press, 2003.
- Naiwei Liu, Meng Yu, Ravi Sandhu, Cache Security on ARM: Side-channel Attack and Defense: Introduction to Side-channel on ARM Platform, Eliva Press, 2020.

Planned Learning Activities and Teaching Methods

The course is taught in a lecture, class presentation and discussion format. Besides the taught lecture, group presentations are to be prepared by the groups assigned and presented in a discussion session. In some weeks of the course, results of the homework given previously are discussed.

Assessment Methods

SORTING NUMBER SHORT CODE LONG CODE FORMULA
1 ASG ASSIGNMENT
2 MTE MIDTERM EXAM
3 FIN FINAL EXAM
4 FCG FINAL COURSE GRADE ASG * 0.30 + MTE * 0.30 + FIN * 0.40
5 RST RESIT
6 FCGR FINAL COURSE GRADE (RESIT) ASG * 0.30 + MTE * 0.30 + RST * 0.40


*** Resit Exam is Not Administered in Institutions Where Resit is not Applicable.

Further Notes About Assessment Methods

None

Assessment Criteria

To be announced.

Language of Instruction

English

Course Policies and Rules

To be announced.

Contact Details for the Lecturer(s)

erdem.alkim@deu.edu.tr

Office Hours

To be announced.

Work Placement(s)

None

Workload Calculation

Activities Number Time (hours) Total Work Load (hours)
Lectures 13 3 39
Preparations before/after weekly lectures 13 4 52
Preparation for midterm exam 1 20 20
Preparation for final exam 1 20 20
Preparing assignments 2 20 40
Preparing presentations 2 10 20
Final 1 2 2
Midterm 1 2 2
TOTAL WORKLOAD (hours) 195

Contribution of Learning Outcomes to Programme Outcomes

PO/LOPO.1PO.2PO.3PO.4PO.5PO.6PO.7PO.8PO.9PO.10
LO.15434434533
LO.25534543433
LO.35534543433
LO.43345443444
LO.55454445455