ECTS - Secure Software Development
Secure Software Development (SE457) Course Detail
| Course Name | Course Code | Season | Lecture Hours | Application Hours | Lab Hours | Credit | ECTS |
|---|---|---|---|---|---|---|---|
| Secure Software Development | SE457 | Area Elective | 3 | 0 | 0 | 3 | 5 |
| Pre-requisite Course(s) |
|---|
| N/A |
| Course Language | English |
|---|---|
| Course Type | Elective Courses |
| Course Level | Natural & Applied Sciences Master's Degree |
| Mode of Delivery | Face To Face |
| Learning and Teaching Strategies | Lecture, Drill and Practice. |
| Course Lecturer(s) |
|
| Course Objectives | The course objective is to teach the fundamental concepts of security, and its role in software development. Risk management, threat models, common vulnerabilities, and incorporation of security into the software development process will be identified, researched, discussed, and evaluated. |
| Course Learning Outcomes |
The students who succeeded in this course;
|
| Course Content | Security Basics. Secure Software Development. DevSecOps. Risk management. Threat modeling. Security of Data, Communication and Application. Security Controls. API Security. Security Scenarios. Secure Coding Practices. OWASP Top 10. Mitre Atta@ck. Security Assessment and Testing. Security Frameworks and Guidelines |
Weekly Subjects and Releated Preparation Studies
| Week | Subjects | Preparation |
|---|---|---|
| 1 | Introduction | Course notes |
| 2 | Security Basics, DevSecOps | Course notes |
| 3 | Web Sources for vulnerabilities, Architecturally Significant Requirements | Course notes |
| 4 | Risk management | Course notes |
| 5 | Security Controls | Course notes |
| 6 | Data Classification and Security | Course notes |
| 7 | Application Security | Course notes |
| 8 | OWASP Top 10 | Ders notları |
| 9 | MITRE Att@ck | Course notes |
| 10 | Secure Coding Practices | Course notes |
| 11 | API Security | Course notes |
| 12 | Security Assessment and Testing | Course notes |
| 13 | Security Frameworks and Guidelines | Course notes |
| 14 | Important Topics for security after deployment and during maintenance | Course notes |
| 15 | Final Exam | Ders notları |
| 16 | Final Exam | Course notes |
Sources
| Course Book | 1. Course Notes and online resources will be provided. |
|---|---|
| Other Sources | 2. Secure Coding: Principles and Practices, First edition, by Mark G. Graff, Kenneth R. van Wyk, O'Reilly Media, ISBN 978-0596002428, 2003. |
| 3. Secure Software Development: A Security Programmer's Guide, First edition, by Jason Grembi, Cengage Learning, ISBN 978-1418065478, 2008. | |
| 4. Secure and Resilient Software Development, First edition, by Mark S. Merkow, Lakshmikanth Raghavan, ISBN 978-1439826966, Auerbach Publications, 2010. | |
| 5. Designing Secure Software: A Guide for Developers, by Loren Kohnfelder, ISBN 978-1718501928, No Starch Press, 2021. | |
| 6. Software Security: Building Security, , First edition, by Gary McGraw, ISBN 978-0321356703, Addison-Wesley Professional, 2006. | |
| 7. Alice and Bob Learn Application Security, First edition, by Tanya Janca, ISBN 978-1119687351, Wiley, 2020 | |
| 8. Threat Modeling: Designing for Security, First edition, by Adam Shostack, ISBN 978-1118809990, Wiley, 2014 |
Evaluation System
| Requirements | Number | Percentage of Grade |
|---|---|---|
| Attendance/Participation | - | - |
| Laboratory | - | - |
| Application | 4 | 20 |
| Field Work | - | - |
| Special Course Internship | - | - |
| Quizzes/Studio Critics | - | - |
| Homework Assignments | - | - |
| Presentation | - | - |
| Project | 1 | 20 |
| Report | - | - |
| Seminar | - | - |
| Midterms Exams/Midterms Jury | 1 | 20 |
| Final Exam/Final Jury | 1 | 40 |
| Toplam | 7 | 100 |
| Percentage of Semester Work | 60 |
|---|---|
| Percentage of Final Work | 40 |
| Total | 100 |
Course Category
| Core Courses | X |
|---|---|
| Major Area Courses | |
| Supportive Courses | |
| Media and Managment Skills Courses | |
| Transferable Skill Courses |
The Relation Between Course Learning Competencies and Program Qualifications
| # | Program Qualifications / Competencies | Level of Contribution | ||||
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 1 | Gains the ability to apply advanced computing and/or information knowledge in solving software engineering problems. | |||||
| 2 | Develops solutions using different technologies, software architectures and life-cycle approaches. | |||||
| 3 | Gains the ability to design, implement, and evaluate a software system, component, process, or program using modern techniques and engineering tools for software engineering practices. | |||||
| 4 | Gains ability to gather/acquire, analyze, interpret data and make decisions to understand software requirements. | |||||
| 5 | Gains skills of effective oral and written communication and critical thinking about a wide range of issues arising in the context of working constructively on software projects. | |||||
| 6 | Gains the ability to access information to follow current developments in science and technology, conducts scientific research in the field of software engineering, and conducts a project. | |||||
| 7 | Acquires an understanding of professional, legal, ethical and social issues and responsibilities related to Software Engineering. | |||||
| 8 | Acquires project and risk management skills and gains awareness of the importance of entrepreneurship, innovation, and sustainable development, as well as international standards and methodologies. | |||||
| 9 | Understands the impact of Software Engineering solutions in a global, environmental, societal and legal context while making decisions. | |||||
| 10 | Gains awareness of the development, adoption, and ongoing support for the use of excellence standards in software engineering practices. | |||||
ECTS/Workload Table
| Activities | Number | Duration (Hours) | Total Workload |
|---|---|---|---|
| Course Hours (Including Exam Week: 16 x Total Hours) | 16 | 3 | 48 |
| Laboratory | |||
| Application | |||
| Special Course Internship | |||
| Field Work | |||
| Study Hours Out of Class | 16 | 2 | 32 |
| Presentation/Seminar Prepration | |||
| Project | 1 | 20 | 20 |
| Report | |||
| Homework Assignments | 2 | 5 | 10 |
| Quizzes/Studio Critics | |||
| Prepration of Midterm Exams/Midterm Jury | 1 | 5 | 5 |
| Prepration of Final Exams/Final Jury | 1 | 10 | 10 |
| Total Workload | 125 | ||