Developing Secure Software
General Material
- Syllabus (NEW August 12 2022)
- Ubiquitous Presenter Lecture Notes
- Ubiquitous Presenter Interactive Tutorial
- Article Summary Assignment (NEW August 12 2022)
- Article 1 Submission Page
- Article 2 Submission Page
- Article 3 Submission Page
Exam Information
- Midterm Exam Review Sheet (NEW August 12 2022)
- Final Exam Review Sheet (NEW August 12 2022)
Lectures
- Week 1 Lecture 1 Introduction: What is the Security Problem and How will we deal with it. (NEW August 12 2022)
- Week 1 Lecture 2 Secure Software Concepts (pgs 1-28) (NEW August 12 2022)
- Week 2 Lecture 1 Software Security Touchpoints (pgs. 29-73) (NEW August 12 2022)
- Week 2 Lecture 2 Security Requirements (pgs 79-110) (NEW August 12 2022)
- Week 3 Lecture 1 Security Requirements Elicitation (pgs. 110-121) (NEW August 12 2022)
- Week 3 Lecture 2 Basic Design Principles (pgs. 127-147) (NEW August 12 2022)
- Week 4 Lecture 1 Threat Modeling: Who will attack us and why? (Handout) (NEW August 12 2022)
- Week 4 Lecture 2 Design: Enforcing the Principle of Least Privilege (pgs. 148-191) (NEW August 12 2022)
- Week 5 Lecture 1 Design Aspects (Architecture) (pgs 192-227) (NEW August 12 2022)
- Week 5 Lecture 2 Design Aspects (Architecture) (pgs 192-227) (NEW August 12 2022)
- Week 6 Lecture 1 Catch Up (NEW August 12 2022)
- Week 6 Lecture 2 Midterm Exam
- Week 7 Lecture 1 Code Review with a Tool: Detecting out implementation mistakes (NEW August 12 2022)
- Week 7 Lecture 1 Secure Software Implementation and Coding (pgs 233-295) (NEW August 12 2022)
- Week 8 Lecture 1 Secure Software Testing (pgs 323-343) (NEW August 12 2022)
- Week 8 Lecture 2 Secure Software Testing, Part 2 (pgs 344-361) (NEW August 12 2022)
- Week 9 Lecture 1 Software Acceptance (pgs 367-398)
- Week 9 Lecture 1 Secure Software Deployment (pgs 403-441) (NEW August 12 2022)
- Week 9 Lecture 1 Secure Software Deployment (Raw ppts)(pgs 403-441) (NEW August 12 2022)
- Week 10 Lecture 1 The SAMATE Project (NEW August 12 2022)
- Week 10 Lecture 1 The SAMATE Project (Raw ppts) (NEW August 12 2022)
- Week 10 Lecture 2 Wrapup and Final Exam Review
Labs
- Lab 1: Asset Identification (NEW August 12 2022)
- Lab 2: The SQUARE Process (NEW August 12 2022)
- SQUARE Output Examples (NEW August 12 2022)
- Lab 2 submission page
- Lab 3: Misuse Case Definition (NEW August 12 2022)
- Lab 4: Threat Modelling (NEW August 12 2022)
- Lab 5: Elevation of Privilege Game (NEW August 12 2022)
- Lab 6: Proxies at the Casino Royale and Books of Insecurity (NEW August 12 2022)
- Webscarab proxy software
- Hackme Casino Installation Download
- Hackme Casino Tutorial Guide
- Hackme Books Installation Download
- Hackme Books Windows Installer
- Hackme Books Tutorial Guide
- Lab 6 submission page
- Lab 7: Of Bugs and Finding Them (NEW August 12 2022)
- Hackme Books Source Code
- Fortify Static Analysis Tool Installer
- Fortify Static Analysis Tool License File
- Newsest Version Fortify Static Analysis Tool Installer
- Lab 7 submission page
- Lab 8: Penetration testing and Finding What is out there (NEW August 12 2022)
- NMAP Download
- Metasplotable Virual Machine for VMWare
- Virtual Machien to use to attack Metasploitable Machine (user: student, pwd cs3841)
- VirtualBox Player Download
- Lab 8 submission page
- Lab 9: Fuzz Testing (NEW August 12 2022)