SECURE PROGRAMMING
CYB5CPR
2020
Credit points: 15
Subject outline
This subject introduces students to the ideals and practices of secure programming. Students begin by learning a procedural language (C), including the C compiler and pre-processor, functions, control structures (branching and looping), pointers and arrays, structures, and file I/O. Students then learn to identify and analyse common coding practices that lead to security vulnerabilities, such as buffer overflows, SQL injection and Cross Site Scripting (XSS) attacks. Finally, students return to coding, learning to use secure coding techniques and strategies to avoid security vulnerabilities. This subject does not require prior knowledge of computer programming.
School: Engineering and Mathematical Sciences (Pre 2022)
Credit points: 15
Subject Co-ordinator: Kayes Kayes
Available to Study Abroad/Exchange Students: No
Subject year level: Year Level 5 - Masters
Available as Elective: No
Learning Activities: N/A
Capstone subject: No
Subject particulars
Subject rules
Prerequisites: Must have passed CYB5CYA and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval
Co-requisites: N/A
Incompatible subjects: N/A
Equivalent subjects: N/A
Quota Management Strategy: N/A
Quota-conditions or rules: N/A
Special conditions: N/A
Minimum credit point requirement: N/A
Assumed knowledge: N/A
Learning resources
Secure Coding in C and C++
Resource Type: Book
Resource Requirement: Prescribed
Author: Seacord, R.
Year: 2013
Edition/Volume: 2nd Edition
Publisher: Addison Wesley Professional
ISBN: N/A
Chapter/article title: N/A
Chapter/issue: N/A
URL: N/A
Other description: N/A
Source location: N/A
Career Ready
Career-focused: No
Work-based learning: No
Self sourced or Uni sourced: N/A
Entire subject or partial subject: N/A
Total hours/days required: N/A
Location of WBL activity (region): N/A
WBL addtional requirements: N/A
Graduate capabilities & intended learning outcomes
Graduate Capabilities
Intended Learning Outcomes
Melbourne (Bundoora), 2020, Semester 1, Day
Overview
Online enrolment: Yes
Maximum enrolment size: N/A
Subject Instance Co-ordinator: Kayes Kayes
Class requirements
Computer LaboratoryWeek: 10 - 22
One 2.00 hours computer laboratory per week on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.
LectureWeek: 10 - 22
One 2.00 hours lecture per week on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.
Assessments
| Assessment element | Category | Contribution | Hurdle | % | ILO* |
|---|---|---|---|---|---|
Weekly coding tasks (10 total - 250 words equivalent each, 2500 words in total) | N/A | N/A | No | 40 | SILO1, SILO2, SILO3, SILO4, SILO5, SILO6 |
Written Assignment 1 - Write a client report on secure coding practices (equivalent to 1000 words)Will include the need to be integrated into the software engineering environment to prevent security problems | N/A | N/A | No | 20 | SILO5, SILO6 |
2 hour Exam (2000 words equivalent)Given a complex C program, identify vulnerabilities and suggest strategies for mitigating these vulnerabilities | N/A | N/A | No | 40 | SILO1, SILO2, SILO3, SILO4, SILO5, SILO6 |