WM286-15 Secure Software development
Introductory description
Software engineering is concerned with the application of theory, knowledge, and practice to effectively and efficiently build reliable and secure software systems that satisfy the requirements of customers and users. This discipline is applicable to small, medium, and large-scale systems. It encompasses all phases of the lifecycle of a software system, including requirements elicitation, analysis and specification; design; construction; verification and validation; deployment; and operation and maintenance. Whether small or large, following a traditional plan-driven development process, an agile approach, or some other method, software engineering is concerned with the best way to build good software systems. This module will look at software engineering in the context of cyber security, applying frameworks such as Trustworthy Software Framework, Secure Software Development Life Cycle, etc. when developing software systems.
There is a specific focus on the security of software.
Module aims
This module aims to equip students with the knowledge and practical experience of secure software design and development principles.
Outline syllabus
This is an indicative module outline only to give an indication of the sort of topics that may be covered. Actual sessions held may differ.
Software processes
Software project management
Tools and environments to support and manage:
Requirements engineering
Software design
Software construction
Software verification and validation
Software evolution in the context of large, pre-existing code bases
Software reliability
Software weaknesses
Case studies in software security and weaknesses
Secure software development
Learning outcomes
By the end of the module, students should be able to:
- Apply cyber security good practice to various phases of the software engineering lifecycle
- Demonstrate the understanding and application of relevant software development frameworks to a given software development scenario
- Analyze and juxtapose different methodologies for enhancing software and/or system security
- Demonstrate an applied understanding of strategies, methodologies, and practices aimed at ensuring the security of software
Indicative reading list
Sommerville, Ian, "Software Engineering", 10 Ed, Pearson (2021)
Farley, David, "Modern Software Engineering: Doing What Works to Build Better Software Faster ", Addison Wesley, 2021
Winters et al, "Software Engineering at Google: Lessons Learned from Programming Over Time", O'Reilly, 2020
Subject specific skills
Advanced applied understanding of Secure software design, Secure software development
Software security testing and validation
Transferable skills
Problem Solving
Analytical Reasoning
Teamwork
Communication
Study time
| Type | Required |
|---|---|
| Lectures | 18 sessions of 1 hour (12%) |
| Supervised practical classes | 18 sessions of 1 hour (12%) |
| Private study | 54 hours (36%) |
| Assessment | 60 hours (40%) |
| Total | 150 hours |
Private study description
Additional lab work and research
Costs
No further costs have been identified for this module.
You do not need to pass all assessment components to pass the module.
Assessment group A
| Weighting | Study time | Eligible for self-certification | |
|---|---|---|---|
Assessment component |
|||
| Software design report | 50% | 30 hours | Yes (extension) |
|
Report on the design of a software product meeting a set of pre-defined requirements. |
|||
Reassessment component is the same |
|||
Assessment component |
|||
| Software development and evaluation report | 50% | 30 hours | Yes (extension) |
|
Develop software in response to client requirements. Software will be tested for & proven to be secure. |
|||
Reassessment component is the same |
|||
Feedback on assessment
In a feedback form
Courses
This module is Core for:
-
UWMA-H651 Undergraduate Cyber Security
- Year 2 of H651 Cyber Security
- Year 2 of H651 Cyber Security
- Year 2 of H651 Cyber Security