IS-510 Secure software development and project management
- ECTS Credits:
- 10
- Responsible department:
- Faculty of Social Sciences
- Lecture Semester:
- Spring
- Teaching language:
- English
- Duration:
- 1 term
The course is connected to the following study programs
Teaching language
EnglishRecommended prerequisites
The participants are recommended to have taken two or more of the following courses: Strategy and Governance of Cybersecurity, Cybersecurity Architecture and Ethics, legislation, and compliance for cybersecurity.
Course contents
The course provides an overview of relevant aspects of secure software development from design, implementation, and verification. During the course we will have several case studies, as well as hands-on examples such as threat modelling, user and abuser story, and other relevant techniques. Moreover, the students will be introduced to the cybersecurity implications of IT Project Management.
Learning outcomes
Upon successful completion of the course, the students will:
- have advanced knowledge of software development and secure software development methodology.
- have advanced knowledge of the key guidelines for the secure software development, e.g., OWASP´s Secure Coding Practice, OWASP Top 10, NIST, ISF, and other relevant sources.
- have knowledge of secure software design principles and how to apply these principles.
- understand software development project management, e.g., DevOps, and Agile Methods.
- have advanced understanding of security requirement and verification guidelines for mobile environment such as OWASP Mobile Application Security (MAS)
- be able to apply secure software implementation and verification guidelines.
- be able to analyze and evaluate the security of software applications and software development processes.
- be able to create secure software development requirements and processes.
Examination requirements
Compulsory assignments. More detailed information will be provided in Canvas at the start of the semester.
Teaching methods
Lectures and seminar discussions with hands-on assignments and group tasks. The estimated workload is 270 hours.
Admission for external candidates
No
Assessment methods and criteria
Portfolio hand-in (50%) and written examination (50%). Graded assessment, A-F. Individual grade on the written examination and group grade on the portfolio. More information on what will be included in the portfolio will be given at the start of the semester in Canvas. There is no postponed examination in the portfolio part of the exam.
Reduction of Credits
This course’s contents overlap with the following courses. A reduction of credits will occur if one of these courses is taken in addition:
| Course | Reduction of Credits |
|---|---|
| IS-505 – Security Management in IS Development Projects | 5 |
| IS-506 – IS Security Projects | 3 |