ITKA2050 Ohjelmistoturvallisuuden perusteet (3 cr)
Description
Content
The exact course topics wary according to contemporary trends, but we will cover the following:
* Buffer overflows
* Various Injections
* Privilege handling
* Password storage & authentication
The course consists of lectures, supervised practice and mandatory exercises
Completion methods
Mandatory exercises and an exam OR mandatory exercises and a course project.
Assessment details
The course grade is based on the exam, quality and punctuality of course exercises (and the course project, if taking that option).
Also, clearly exceptional performance, such as going out of your way to help other students, can be rewarded with a higher grade.
Grade 1 will be awarded to students who can, for most part, recognize the discussed software vulnerabilities and can sketch the defenses for them and can do rudimentary practical work.
Grade 2 can be awarded to students who demonstrate competence above Grade 1 level, but lack the necessary skills for Grade 3
Grade 3 is awarded to students who have working understanding of the discussed software vulnerabilities and necessary skills to effect repairs on basic level.
Grade 4 can be awarded to students who demonstrate competence above Grade 1 level, but lack the necessary skills for Grade 4
Grade 5 will be awarded to students with detailed understanding of discussed software flaws and who have demonstrated practical excellence in course assignments.
Grades can be affected by punctuality and other exceptional performance not listed here (see previous).
Learning outcomes
Additional information
The course may be lectured in english to accomodate exchange students.
Description of prerequisites
Finally, you absolutely must be fluent in computer use. This includes working in shell, being able to use version control and to perform elementary system administration tasks.