It's UWAweek 47
|
unitinfo
This page provides helpful information about many coursework units offered by
Computer Science and Software Engineering
in 2023.
The information here is not official -
for official information please see the
current UWA Handbook.
Instead, it will help students to prepare for their future units,
before the beginning of each semester,
and before they have access to
UWA's
Learning Management System (LMS).
|
About the unit CITS3007 Secure Coding (2nd semester 2023)
Unit description:
This unit covers different types of security vulnerabilities of computer systems and how to prevent and mitigate the effects of them. Topics include: (1) memory and Arithmetic Errors; (2) validated input and inter-process communication; (3) race conditions and file operations; (4) cryptographic practises; and (5) development practices.
Unit outcomes:
Students are able to (1) demonstrate an understanding of the basic execution model of computer programs and how programs represent and access their resources; (2) explain a range of common software vulnerabilities, the threats that they pose to correct execution, and steps to mitigate them; (3) validate a program's input data and external connections; (4) apply industry standard secure programming practices; and (5) develop a systems approach to the evaluation of a software system to identify security vulnerabilities.
Unit coordinator:
Unit homepage:
|
|
Unit is offered in these majors and courses:
Indicative weekly topics:
week 1 |
Unit info, security concepts |
week 2 |
Memory and arithmetic introduction |
week 3 |
Memory and arithmetic errors |
week 4 |
Inter-process communication (IPC) introduction |
week 5 |
Input validation and IPC security |
week 6 |
Concurrency and resources introduction |
week 7 |
Race conditions and secure file operations |
week 8 |
Cryptography introduction |
week 9 |
Cryptography best practices |
week 10 |
Secure software development introduction |
week 11 |
Secure development best practices |
week 12 |
Review |
Indicative assessment:
quiz, mid-semester test, project, final exam
Useful prior experience and background knowledge:
Familiarity with operating systems concepts
Useful prior programming and software experience:
Familiarity with the C language (specifically, the C11 standard)
Hardware required for this unit:
Students are able to undertake their laboratory exercises and projects in laboratories in the CSSE building, but most students also complete work on their own laptops.
The following hardware is required to successfully complete this unit:
Laptop capable of running Virtualbox (see https://cits3007.github.io/faq/#linux-os)
Software required for this unit:
Students are able to undertake their laboratory exercises and projects in laboratories in the CSSE building, but most students also complete work on their own laptops.
The following software is required to successfully complete this unit:
Virtualbox+Vagrant (or: access to a Linux system)
Operating system(s) used in this unit:
Different units will use different operating systems for their teaching - for in-class examples, laboratory exercises, and programming projects.
If an operating system is REQUIRED, it will be used when marking assessments.
Linux (standard unit environment is: Ubuntu 20.04 running version 5.4.0 of the Linux kernel on an x86-64 processor). See https://cits3007.github.io/faq/#cits3007-sde
This information last updated 7:41pm Fri 21st Jul 2023