FI:PV286 Secure coding principles - Course Information
PV286 Secure coding principles and practices
Faculty of InformaticsSpring 2023
- Extent and Intensity
- 2/0/1. 3 credit(s) (plus extra credits for completion). Recommended Type of Completion: zk (examination). Other types of completion: z (credit).
- Teacher(s)
- Lukasz Michal Chmielewski, PhD (lecturer)
doc. RNDr. Petr Švenda, Ph.D. (lecturer)
JUDr. Pavel Loutocký, Ph.D., BA (Hons) (seminar tutor)
RNDr. Lukáš Ručka (seminar tutor)
Mgr. Marek Sýs, Ph.D. (seminar tutor)
RNDr. Antonín Dufka (assistant)
Mgr. Jan Kvapil (assistant)
Mgr. Roman Lacko (assistant)
Mgr. Štěpánka Trnková (assistant) - Guaranteed by
- Lukasz Michal Chmielewski, PhD
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics - Timetable
- Mon 13. 2. to Mon 15. 5. Mon 10:00–11:50 A217
- Prerequisites
- ! PA193 Seminar on secure coding
Basic knowledge in applied cryptography and IT security, practical experience in programming with C/C++ language, basic knowledge in formal languages and compilers, user-level experience with Windows and Linux OS - Course Enrolment Limitations
- The course is also offered to the students of the fields other than those the course is directly associated with.
- fields of study / plans the course is directly associated with
- Image Processing and Analysis (programme FI, N-VIZ)
- Bioinformatics and systems biology (programme FI, N-UIZD)
- Computer Games Development (programme FI, N-VIZ_A)
- Computer Graphics and Visualisation (programme FI, N-VIZ_A)
- Computer Networks and Communications (programme FI, N-PSKB_A)
- Cybersecurity Management (programme FI, N-RSSS_A)
- Discrete algorithms and models (programme FI, N-TEI)
- Formal analysis of computer systems (programme FI, N-TEI)
- Graphic design (programme FI, N-VIZ)
- Graphic Design (programme FI, N-VIZ_A)
- Hardware Systems (programme FI, N-PSKB_A)
- Hardware systems (programme FI, N-PSKB)
- Image Processing and Analysis (programme FI, N-VIZ_A)
- Information security (programme FI, N-PSKB)
- Information Security (programme FI, N-PSKB_A)
- Quantum and Other Nonclassical Computational Models (programme FI, N-TEI)
- Deployment and operations of software systems (programme FI, N-SWE)
- Design and development of software systems (programme FI, N-SWE)
- Computer graphics and visualisation (programme FI, N-VIZ)
- Computer Networks and Communications (programme FI, N-PSKB)
- Principles of programming languages (programme FI, N-TEI)
- Cybersecurity management (programme FI, N-RSSS)
- Services development management (programme FI, N-RSSS)
- Software Systems Development Management (programme FI, N-RSSS)
- Services Development Management (programme FI, N-RSSS_A)
- Software Systems Development Management (programme FI, N-RSSS_A)
- Software Systems (programme FI, N-PSKB_A)
- Software systems (programme FI, N-PSKB)
- Machine learning and artificial intelligence (programme FI, N-UIZD)
- Computer Games Development (programme FI, N-VIZ)
- Processing and analysis of large-scale data (programme FI, N-UIZD)
- Natural language processing (programme FI, N-UIZD)
- Course objectives
- At the end of this course the student will understand what the typical security issues related to secure coding are. The student will also be able to design applications and write programs in C/C++ and Java in a more secure way.
- Learning outcomes
- After a course completion, the student will be able to:
- able to review source code for typical security bugs;
- able to properly check and sanitize check program input data;
- able to use standard tools for static and dynamic code analysis and interpret results;
- able to describe typical bugs from concurrent program execution and write code without it;
- able to apply systematic methods to produce code with better resiliency against bugs;
- understand basic cryptographic primitives and their proper use in source code; - Syllabus
- Language level vulnerabilities, secure programming techniques and approaches, input processing, static and dynamic code checking, binary defenses and exploits, security testing, integrity of modules, concurrent issues, random number generation and usage, security primitives, security code review.
- Teaching methods
- Lectures, Questionaries, Team project, Written test.
- Assessment methods
- 10 questionnaires from lectures (approximately 10% of the final mark/score), team programming project (approximately 60% of the final mark/score), and final written exam (30% of the final mark/score).
- Language of instruction
- English
- Follow-Up Courses
- Further Comments
- Study Materials
The course is taught annually. - Listed among pre-requisites of other courses
- PA193 Seminar on secure coding principles and practices
(PV286 || NOW(PV286) ) && SOUHLAS
- PA193 Seminar on secure coding principles and practices
- Enrolment Statistics (Spring 2023, recent)
- Permalink: https://is.muni.cz/course/fi/spring2023/PV286