CSC8204 : Secure Software Development
CSC8204 : Secure Software Development
- Offered for Year: 2024/25
- Module Leader(s): Dr Leo Freitas
- Lecturer: Professor Thomas Gross
- Owning School: Computing
- Teaching Location: Newcastle City Campus
Semesters
Your programme is made up of credits, the total differs on programme to programme.
| Semester 1 Credit Value: | 10 |
| ECTS Credits: | 5.0 |
| European Credit Transfer System | |
Pre-requisite
Modules you must have done previously to study this module
Pre Requisite Comment
N/A
Co-Requisite
Modules you need to take at the same time
Co Requisite Comment
N/A
Aims
The module is concerned with the principles and practices of secure software design and security analysis. It will cover model-driven security which is concerned with engineering methods to support development of security-critical software systems. In addition, it will cover program verification techniques.
Concepts taught will include formal methods, common software security vulnerabilities and threats, tools and techniques for secure software design and how they are integrated into the software development lifecycle to reason and enforce security.
Outline Of Syllabus
Syllabus will among other things include the following:
• Principles of Secure Software Development
• Model-Driven Security
• Software Vulnerabilities
• Information Flow Control
• Static Analysis
• Program Verification
Learning Outcomes
Intended Knowledge Outcomes
To be able to describe and discuss:
- model-based engineering approaches to develop secure software.
- information flow control as a mechanism to enforce and ensure confidentiality and integrity in programs.
- formal verification to reason about software security and correctness.
- common software security issues and vulnerabilities and how to prevent them.
- secure programming practices and the secure software development lifecycle.
Intended Skill Outcomes
The ability to:
- analyze software security vulnerabilities and apply appropriate techniques to prevent them.
- apply formal processes to assess and verify the security of software systems.
- integrate secure software practices into a software development lifecycle.
Teaching Methods
Teaching Activities
| Category | Activity | Number | Length | Student Hours | Comment |
|---|---|---|---|---|---|
| Scheduled Learning And Teaching Activities | Lecture | 8 | 1:00 | 8:00 | Lectures in person. |
| Guided Independent Study | Directed research and reading | 20 | 1:00 | 20:00 | Background reading. |
| Scheduled Learning And Teaching Activities | Small group teaching | 8 | 2:00 | 16:00 | Practical sessions/Workshops (in person or online) synchronous scheduled. |
| Guided Independent Study | Project work | 36 | 1:00 | 36:00 | Coursework. |
| Guided Independent Study | Independent study | 20 | 1:00 | 20:00 | Lecture follow-up. |
| Total | 100:00 |
Teaching Rationale And Relationship
Lectures will be used to introduce the learning material and for demonstrating the key concepts by example. Students are expected to follow-up lectures within a few days by re- reading and annotating lecture notes to aid deep learning.
This is a very practical subject, and it is important that the learning materials are supported by opportunities provided by practical classes, either in person or supported online. Students are expected to spend time on coursework outside timetabled practical classes.
Reading Lists
Assessment Methods
The format of resits will be determined by the Board of Examiners
Other Assessment
| Description | Semester | When Set | Percentage | Comment |
|---|---|---|---|---|
| Practical/lab report | 1 | M | 100 | Exercises in secure programming, logic and verification. |
Formative Assessments
Formative Assessment is an assessment which develops your skills in being assessed, allows for you to receive feedback, and prepares you for being assessed. However, it does not count to your final mark.
| Description | Semester | When Set | Comment |
|---|---|---|---|
| Practical/lab report | 1 | M | Formative tutorial exercises. |
Assessment Rationale And Relationship
The coursework assessment assesses the design, tools selection and assessment skills on a substantial problem.
Timetable
- Timetable Website: www.ncl.ac.uk/timetable/
- CSC8204's Timetable
Past Exam Papers
- Exam Papers Online : www.ncl.ac.uk/exam.papers/
- CSC8204's past Exam Papers
General Notes
N/A
Welcome to Newcastle University Module Catalogue
This is where you will be able to find all key information about modules on your programme of study. It will help you make an informed decision on the options available to you within your programme.
You may have some queries about the modules available to you. Your school office will be able to signpost you to someone who will support you with any queries.
Disclaimer
The information contained within the Module Catalogue relates to the 2024 academic year.
In accordance with University Terms and Conditions, the University makes all reasonable efforts to deliver the modules as described.
Modules may be amended on an annual basis to take account of changing staff expertise, developments in the discipline, the requirements of external bodies and partners, and student feedback. Module information for the 2025/26 entry will be published here in early-April 2025. Queries about information in the Module Catalogue should in the first instance be addressed to your School Office.