PA193 Secure coding principles and practices

Faculty of Informatics
Autumn 2017
Extent and Intensity
2/2/2. 6 credit(s) (plus 2 credits for an exam). Type of Completion: zk (examination).
doc. RNDr. Petr Švenda, Ph.D. (lecturer)
RNDr. Petr Ročkai, Ph.D. (lecturer)
Miroslav Jaroš (seminar tutor)
RNDr. Lukáš Němec, Ph.D. (seminar tutor)
RNDr. Martin Ukrop, Ph.D. (seminar tutor)
Mgr. Marek Sýs, Ph.D. (assistant)
Guaranteed by
prof. RNDr. Václav Matyáš, M.Sc., Ph.D.
Department of Computer Systems and Communications - Faculty of Informatics
Supplier department: Department of Computer Systems and Communications - Faculty of Informatics
Mon 10:00–11:50 B410
  • Timetable of Seminar Groups:
PA193/01: Thu 10:00–11:50 A403, P. Ročkai, P. Švenda
PA193/02: Thu 14:00–15:50 A403, P. Ročkai, P. Švenda
PA193/03: Thu 16:00–17:50 A403, P. Ročkai, P. Švenda
Basic knowledge in applied cryptography and IT security, practical experience in programming with C/C++ language, basic knowledge in formal languages and compilers, user-level experience with Windows and Linux OS
Course Enrolment Limitations
The course is offered to students of any study field.
The capacity limit for the course is 36 student(s).
Current registration and enrolment status: enrolled: 0/36, only registered: 0/36, only registered with preference (fields directly associated with the programme): 0/36
Course objectives
At the end of this course the student will understand what the typical security issues related to secure coding are. The student will also be able to design applications and write programs in C/C++ and Java in a more secure way.
Learning outcomes
After a course completion, the student will be able to:
- able to review source code for typical security bugs;
- able to properly check and sanitize check program input data;
- able to use standard tools for static and dynamic code analysis and interpret results;
- able to describe typical bugs from concurrent program execution and write code without it;
- able to apply systematic methods to produce code with better resiliency against bugs;
- understand basic cryptographic primitives and their proper use in source code;
  • Language level vulnerabilities, secure programming techniques and approaches, input processing, code checking, security testing, integrity of modules, concurrent issues, random number generation and usage, security primitives, security code review.
Teaching methods
Lectures, seminars in computer lab, home assignments, (group) project.
Assessment methods
Written test. Home assignments in seminars. (Group) project.
Language of instruction
Follow-Up Courses
Further Comments
Study Materials
The course is taught annually.
Listed among pre-requisites of other courses
The course is also listed under the following terms Autumn 2013, Autumn 2014, Autumn 2015, Autumn 2016, Autumn 2018, Autumn 2019, Spring 2021, Spring 2022, Spring 2023.
  • Enrolment Statistics (Autumn 2017, recent)
  • Permalink: