SECURE PROGRAMMING

CYB5CPR

2020

Credit points: 15

Subject outline

This subject introduces students to the ideals and practices of secure programming. Students begin by learning a procedural language (C), including the C compiler and pre-processor, functions, control structures (branching and looping), pointers and arrays, structures, and file I/O. Students then learn to identify and analyse common coding practices that lead to security vulnerabilities, such as buffer overflows, SQL injection and Cross Site Scripting (XSS) attacks. Finally, students return to coding, learning to use secure coding techniques and strategies to avoid security vulnerabilities. This subject does not require prior knowledge of computer programming.

SchoolEngineering and Mathematical Sciences

Credit points15

Subject Co-ordinatorKayes Kayes

Available to Study Abroad/Exchange StudentsNo

Subject year levelYear Level 5 - Masters

Available as ElectiveNo

Learning ActivitiesN/A

Capstone subjectNo

Subject particulars

Subject rules

Prerequisites Must have passed CYB5CYA and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval

Co-requisitesN/A

Incompatible subjectsN/A

Equivalent subjectsN/A

Quota Management StrategyN/A

Quota-conditions or rulesN/A

Special conditionsN/A

Minimum credit point requirementN/A

Assumed knowledgeN/A

Readings

Secure Coding in C and C++

Resource TypePrescribed

Resource RequirementN/A

AuthorSeacord, R.

Year2013

Edition/Volume2nd Edition

PublisherAddison Wesley Professional

ISBNN/A

Chapter/article titleN/A

Chapter/issueN/A

URLN/A

Other descriptionN/A

Source locationN/A

Career Ready

Career-focusedNo

Work-based learningNo

Self sourced or Uni sourcedN/A

Entire subject or partial subjectN/A

Total hours/days requiredN/A

Location of WBL activity (region)N/A

WBL addtional requirementsN/A

Graduate capabilities & intended learning outcomes

Graduate Capabilities

Intended Learning Outcomes

01. Construct correct solutions to programming problems using algorithms
02. Accurately transform algorithms into C code to produce a working program to address simple problems
03. Analyse syntax and logical errors in C code
04. Formulate the output of a given C program
05. Evaluate security vulnerabilities in C and other languages, including web applications
06. Design C code to avoid security problems

Subject options

Select to view your study options…

Start date between: and    Key dates

Melbourne (Bundoora), 2020, Semester 1, Day

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Subject Instance Co-ordinatorKayes Kayes

Class requirements

Computer Laboratory Week: 10 - 22
One 2.00 h computer laboratory per week on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.

Lecture Week: 10 - 22
One 2.00 h lecture per week on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.

Assessments

Assessment elementCommentsCategoryContributionHurdle% ILO*
Weekly coding tasks (10 total - 250 words equivalent each, 2500 words in total)N/AN/AN/ANo40 SILO1, SILO2, SILO3, SILO4, SILO5, SILO6
Written Assignment 1 - Write a client report on secure coding practices (equivalent to 1000 words) Will include the need to be integrated into the software engineering environment to prevent security problemsN/AN/AN/ANo20 SILO5, SILO6
2 hour Exam (2000 words equivalent) Given a complex C program, identify vulnerabilities and suggest strategies for mitigating these vulnerabilitiesN/AN/AN/ANo40 SILO1, SILO2, SILO3, SILO4, SILO5, SILO6