NDAK21007U Software Security (SOS)
The course is focused on software security studied from a programming language perspective. The course will present a variety of techniques based on programming language semantics that serve to improve or guarantee the security of a program. Topics that will be covered in the course include information-flow control, vulnerability analysis, and software-fault isolation and sand-boxing. We will address the problem of security of a variety of languages (high- and low-level) coming from different programming paradigms. The course will provide introductions to relevant program analysis techniques such as abstract interpretation and type systems and demonstrate their applications on a selection of use cases.
- Basic software security policies, their formalisation as program properties.
- The role of a precise (formal) semantics for a programming language in developing techniques for enforcing security policies.
- Describe properties relevant to software security and define what they mean precisely.
- Formalize ideas and concepts into rigorous definitions and make falsifiable (or provable) statements about them.
- Read, assess and communicate research papers in language-based security.
- Apply central results in the given area of studies.
See Absalon for the final curriculum, but it will contain:
- Course notes.
- Research articles and excerpts from books, distributed electronically.
- Exam Preparation
- 7,5 ECTS
- Type of assessment
- Continuous assessmentOral examination, 20 min.Continuous assessment based on 3-4 individual/group assignments and a final individual oral examination based on the assignments(20min.).
The final grade is based on an overall assessment of the handed-in assignments and the oral exam.
- All aids allowed
- Marking scale
- 7-point grading scale
- Censorship form
- No external censorship
Several internal examiners
A resubmission of revised written assignments and a 20 minutes individual oral examination without preparation.
Criteria for exam assesment
See Learning Outcome.
- Course code
- 7,5 ECTS
- Full Degree Master
- 1 block
- Block 2
- Course capacity
- No limit.
- Course is also available as continuing and professional education
- Study board
- Study Board of Mathematics and Computer Science
- Department of Computer Science
- Faculty of Science
- Thomas Philip Jensen (4-7c70726d486c7136737d366c73)