FIT5003 - Software security - 2017

This unit aims to introduce the secure software development issues including secure software development life cycle, secure software design principles, secure coding practices, threat evaluation models, secure software testing, deployment and maintenance, software development and security policy integration. Students are provided with a range of practical exercises and tasks to reinforce their skills including: identification of security bugs in programs written in different programming languages, design, implementation, and testing of secure concurrent and networked applications, identification of vulnerabilities in networked and mobile/wireless applications. In addition, students will learn input validation techniques to minimise security risks, man-in-the-middle attack techniques to be able to build more secure networked applications, practical secure software testing techniques to be able to test applications for security bugs.

On successful completion of this unit, students should be able to:

1. investigate methods that are appropriate for the realisation software security;
2. investigate and model the possible vulnerabilities and threats for a given application system;
3. design, implement and produce test procedures and perform evaluation of software security features of concurrent and networked applications.

Examination (2 hours): 50%; In-semester assessment: 50%

Minimum total expected workload equals 12 hours per week comprising:

1. Contact hours for on-campus students:
   • Two hours of lectures
   • One 2-hour tutorial
2. Additional requirements (all students):
   • A minimum of 8 hours independent study per week for completing lab and project work, private study and revision.

See also Unit timetable information

Dr Ron Steinfeld

Networks and security

FIT9131 or FIT9133 or equivalent

Prerequisite knowledge: Programming experience, preferably in C or C++

FIT5163

http://www.infotech.monash.edu.au/units/