FI:PA193 Secure coding principles - Course Information

PA193 Secure coding principles and practices

Extent and Intensity

2/2/2. 5 credit(s) (plus 2 credits for an exam). Type of Completion: zk (examination).
Taught in person.

Teacher(s)

doc. RNDr. Petr Švenda, Ph.D. (lecturer)
Lukasz Michal Chmielewski, PhD (seminar tutor)
Miroslav Jaroš (seminar tutor)
Mgr. Ján Masarik (seminar tutor)
Mgr. Milan Patnaik (seminar tutor)
RNDr. Lukáš Ručka (seminar tutor)
Mgr. Marek Sýs, Ph.D. (seminar tutor)
RNDr. Martin Ukrop, Ph.D. (seminar tutor)
RNDr. Antonín Dufka (assistant)

Guaranteed by

doc. RNDr. Petr Švenda, Ph.D.
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics

Timetable

Mon 14. 2. to Mon 9. 5. Mon 16:00–17:50 A318

• Timetable of Seminar Groups:

PA193/01: Tue 15. 2. to Tue 10. 5. Tue 10:00–11:50 A403, P. Švenda
PA193/02: Tue 15. 2. to Tue 10. 5. Tue 14:00–15:50 A403, P. Švenda
PA193/03: Tue 15. 2. to Tue 10. 5. Tue 16:00–17:50 A403, P. Švenda

Prerequisites

SOUHLAS
Basic knowledge in applied cryptography and IT security, practical experience in programming with C/C++ language, basic knowledge in formal languages and compilers, user-level experience with Windows and Linux OS

Course Enrolment Limitations

The course is also offered to the students of the fields other than those the course is directly associated with.
The capacity limit for the course is 36 student(s).
Current registration and enrolment status: enrolled: 6/36, only registered: 0/36, only registered with preference (fields directly associated with the programme): 0/36

fields of study / plans the course is directly associated with

there are 31 fields of study the course is directly associated with, display

Course objectives

At the end of this course the student will understand what the typical security issues related to secure coding are. The student will also be able to design applications and write programs in C/C++ and Java in a more secure way.

Learning outcomes

After a course completion, the student will be able to:
- able to review source code for typical security bugs;
- able to properly check and sanitize check program input data;
- able to use standard tools for static and dynamic code analysis and interpret results;
- able to describe typical bugs from concurrent program execution and write code without it;
- able to apply systematic methods to produce code with better resiliency against bugs;
- understand basic cryptographic primitives and their proper use in source code;

Syllabus

• Language level vulnerabilities, secure programming techniques and approaches, input processing, static and dynamic code checking, binary defenses and exploits, security testing, integrity of modules, concurrent issues, random number generation and usage, security primitives, security code review.

Teaching methods

Lectures, seminars in computer lab, home assignments, team project.

Assessment methods

Written test. Home assignments in seminars. Team project.

Language of instruction

English

Follow-Up Courses

• IA169 Model Checking
• PA197 Secure Network Design
• PV181 Laboratory of security and applied cryptography
• PV204 Security Technologies

Further Comments

Study Materials
The course is taught annually.

Listed among pre-requisites of other courses

• PV286 Secure coding principles and practices
  !PA193  

• Enrolment Statistics (Spring 2022, recent)
  
• Permalink: https://is.muni.cz/course/fi/spring2022/PA193