ITKA2050 Rudiments of Software Security (3 cr)

Study level:
Intermediate studies
Grading scale:
0-5
Language:
Finnish
Responsible organisation:
Faculty of Information Technology
Curriculum periods:
2017-2018, 2018-2019, 2019-2020

Description

Content

The exact course topics wary according to contemporary trends, but we will cover the following:

* Buffer overflows
* Various Injections
* Privilege handling
* Password storage & authentication

The course consists of lectures, supervised practice and mandatory exercises

Completion methods

Mandatory exercises and an exam OR mandatory exercises and a course project.

Assessment details

The course grade is based on the exam, quality and punctuality of course exercises (and the course project, if taking that option).

Also, clearly exceptional performance, such as going out of your way to help other students, can be rewarded with a higher grade.

Grade 1 will be awarded to students who can, for most part, recognize the discussed software vulnerabilities and can sketch the defenses for them and can do rudimentary practical work.

Grade 2 can be awarded to students who demonstrate competence above Grade 1 level, but lack the necessary skills for Grade 3

Grade 3 is awarded to students who have working understanding of the discussed software vulnerabilities and necessary skills to effect repairs on basic level.

Grade 4 can be awarded to students who demonstrate competence above Grade 1 level, but lack the necessary skills for Grade 4

Grade 5 will be awarded to students with detailed understanding of discussed software flaws and who have demonstrated practical excellence in course assignments.

Grades can be affected by punctuality and other exceptional performance not listed here (see previous).

Learning outcomes

After the course, students should be able to recognize (by name) the most common software security flaws and describe how to avoid and to neutralize them. Further, students should be able to recognize basic security flaws when simple source code and demonstrate their effects in practice. Students should also be able to fix problems in simple programs.

Additional information

The course may be lectured in english to accomodate exchange students.

Description of prerequisites

Primarily, must be able to program and read academic English. Further, we expect that you are familiar the basic working principles of operating systems and networking.

Finally, you absolutely must be fluent in computer use. This includes working in shell, being able to use version control and to perform elementary system administration tasks.

Study materials

A weekly reading list composed of online articles will be given by the lecturer during the course.

Completion methods

Method 1

Select all marked parts
Parts of the completion methods
x

Teaching (3 cr)

Type:
Participation in teaching
Grading scale:
0-5
Language:
Finnish
No published teaching