Lecture0 Into Israfil

This document outlines the plan for a lecture series on secure systems development. It includes a 10-week lecture plan covering topics like secure software development lifecycles, security requirements, secure coding practices, and security attacks. It also describes a coursework assignment involving a critical report on secure development and a practical project to develop a secure application with documentation and security testing. Finally, it lists several references textbooks on secure software engineering principles and practices.

Uploaded by

Victor Imeh

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

31 views6 pages

Lecture0 Into Israfil

Uploaded by

Victor Imeh

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 6

Introduction to 6G7V0030 Secure

Systems Development
Dr Md Israfil Biswas
Lecturer, Computing
01.02.23
Lecture Plan

Week Current Topic
• *SUBJECT TO CHANGE*
Week 1 Lecture 0 Introduction
-Introduction to the Unit
• 2022-23 Secure Systems Development Week 2 Lecture 1 Overview
-Overview of Secure Systems
Schedule Development, Models and Methods
Week 3 Lecture 2 Introduction to SDLC, Agile Development
Process.
• Lectures: 1 hour (50 minutes net)
Week 4 Lecture 3 Building Security in Software, Security
Testing, Security Requirements and Options
Week 5 Lecture 4 Secure coding: Vulnerability, Error
Handlining, Patterns,
Week 6 Lecture 5 Coursework/Assignment Discussion
Week 7 Lecture 6 Security by Design; Functional
requirements.
Week 8 Lecture 7 Injections, Cross-Site Scripting, Access
control.
Week 9 Lecture 8 Formal Verification and Methods,
Exploitation techniques, Fault tolerance.
Week 10 Lecture 9 Security Properties (Confidentiality,
Integrity, and Authentication), Attacks.
Week 11 Lecture 10 Review

Coursework
Secure Systems Development
Unit title:

Assignment set by: Dr Md Israfil Biswas

Assignment ID: 1CWK100

Assignment title: Secure Systems Development Report

Assessment weighting: 100%

Type: (Group/Individual) Individual

Hand-in deadline: See Moodle

Hand-in format and mechanism: Via a Turnitin link on Moodle

Support Labs are designed to support the assignment. Unit staff will
provide additional support via e-mail or during office
hours.
Assignment
• Part A: Critical Report 80%
A critical report on the secure system development lifecycle, state of the art,
attack vectors, risk management, incident response, privacy by design, secure
by design and future directions.
• Part B: Video Demonstration 20%
A practical exercise requiring the development of a secure application, for
either web, desktop or mobile with network connectivity and data at rest and
transit, along with supporting documentation. Validating security requirements
through testing with ethical hacking techniques should also be demonstrated.
Unit References
• Building Secure Software: How to avoid the Security Problems the Right Way,
John Viega, Gary McGraw, Addison-Wesley, 2002

• Enterprise Java Security: Building Secure J2EE Applications, Marco Pistoia, Nataraj
Nagaratnam, Larry Koved, Anthony Nadalin, Addition-Wesley, 2004

• Secure Systems Development with UML, Jan Jurjens, Springer-Verlag, 2005.

• Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy,

SAML, XML Signature, and XML Encryption – Jothy Rosenberg, David Remy, 2004,
Sams Publishing, 2004.
Unit References
• High Assurance Design: Architecting Secure and Reliable Enterprise Applications,
Clifford J. Berg, Addison-Wesley, 2006.

• Core Security Patterns: Best Practices and Strategies for J2EE?, Web Services, and
Identity Management, Christopher Steel, Ramesh Nagappan, Ray Lai; Prentice-
Hall