Københavns Universitet - Kurser

NDAK21007U Software Security (SOS)

Volume 2021/2022

The course is focused on software security studied from a programming language perspective. The course will present a variety of techniques based on programming language semantics that serve to improve or guarantee the security of a program. Topics that will be covered in the course include information-flow control, vulnerability analysis, and software-fault isolation and sand-boxing. We will address the problem of security of a variety of languages (high- and low-level) coming from different programming paradigms. The course will provide introductions to relevant program analysis techniques such as abstract interpretation and type systems and demonstrate their applications on a selection of use cases.

Learning Outcome

Knowledge of

Basic software security policies, their formalisation as program properties.
The role of a precise (formal) semantics for a programming language in developing techniques for enforcing security policies.

Skills to

Describe properties relevant to software security and define what they mean precisely.
Formalize ideas and concepts into rigorous definitions and make falsifiable (or provable) statements about them.

Competences to

Read, assess and communicate research papers in language-based security.
Apply central results in the given area of studies.

Literature

See Absalon for the final curriculum, but it will contain:

Course notes.
Research articles and excerpts from books, distributed electronically.

Recommended Academic Qualifications

Proactive Computer Security (PCS) and Semantics and Types (SaT) are recommended

Teaching and learning methods

Lectures, in-class exercises, group work on programming and analysis assignments.

Workload

Category
Hours
Lectures
28
Preparation
146
Exercises
21
Exam Preparation
10
Exam
1
Total
206

Feedback form

Oral

Individual

Collective

Continuous feedback during the course of the semester

Exam

Credit: 7,5 ECTS
Type of assessment: Continuous assessment
Oral examination, 20 min.
Continuous assessment based on 3-4 individual/group assignments and a final individual oral examination based on the assignments(20min.).
The final grade is based on an overall assessment of the handed-in assignments and the oral exam.
Aid: All aids allowed
Marking scale: 7-point grading scale
Censorship form: No external censorship
Several internal examiners
Re-exam: A resubmission of revised written assignments and a 20 minutes individual oral examination without preparation.

Criteria for exam assesment

See Learning Outcome.

Course information

Language: English
Course code: NDAK21007U
Credit: 7,5 ECTS
Level: Full Degree Master
Duration: 1 block
Placement: Block 2
Schedule: B
Course capacity: No limit.
Course is also available as continuing and professional education
Study board: Study Board of Mathematics and Computer Science

Contracting department

Department of Computer Science

Contracting faculty

Faculty of Science

Course Coordinators

Thomas Philip Jensen (4-7c70726d486c7136737d366c73)

Saved on the 06-05-2021

Tilbage