Erinevus lehekülje "ITI8610" redaktsioonide vahel
| 22. rida: | 22. rida: | ||
==Lecture plan== | ==Lecture plan== | ||
* [[Media:ITI_8610_lecture_1.pdf|Lecture 1]]: Introduction to software assurance | * [[Media:ITI_8610_lecture_1.pdf|Lecture 1]]: Introduction to software assurance | ||
| − | ====Module I: Assurance processes | + | ====Module I: Assurance processes, risk management & security assurance==== |
| − | + | ||
====Module II: Security Assurance ==== | ====Module II: Security Assurance ==== | ||
Lecture 1: Security Risk Management<br /> | Lecture 1: Security Risk Management<br /> | ||
Redaktsioon: 8. november 2018, kell 11:17
Course code: ITI8610
Lecturer: prof. Jüri Vain
Contact: juri.vain ätt ttu.ee, ICT-418
Co-lecturer: Maili Markvardt
Co-lecturer: Aleksandr Lenin
Time and place
Lectures: Wednesdays 14:00, SOC-212
Labs: Wednesdays 15.45
- Lab supervisors:
- Maili Markvardt (maili.markvardt ätt ttu.ee) - Module I
- Aleksandr Lenin (aleksandr.lenin ätt ttu.ee) - Module II
- Jüri Vain (juri.vain ätt ttu.ee), Leonidas Tsiopoulos (letsio ätt ttu.ee) - Module III
News 2017
Deadline for submitting lab assignments of Module III - January 9, 2018
Lecture plan
- Lecture 1: Introduction to software assurance
Module I: Assurance processes, risk management & security assurance
Module II: Security Assurance
Lecture 1: Security Risk Management
Lecture 2: Security Risk Management (contd.)
Lecture 3: Security Best Practices
Lecture 4: Input Validation
Lecture 5. Web Application Security. Cross-Site Scripting Attacks
Module III: : Assured Software Analytics
- Module III Lecture 1: Design by Contract
- Module III Lecture 2: Specification cases
- Module III Lecture 3: Multi-view contracts
- Module III Lecture 4: JML contracts for OOP methods
- Module III Lecture 5: A Tutorial on OpenJML
Practice Assignments
Module I
- Lab 1:
Module I: Security Assurance
Assignment 1: Risk Analysis using the FAIR (Factor Analysis of Information Security Risk) framework
Assignment 2: Vulnerability Identification in Code using Static Analysis Tools
Assignment 3: Architectural Risk Analysis
Assignment 4: Web Application Exploitation
Module II
- Lab instruction: Lab assignment plan
NB! To report completed lab assignments go to web page https://ained.ttu.ee
and register as user with uniID of TUT
Grading
Each of the three modules is graded independently on the scale 0-100 points. A student must receive a positive grade in every module. Therefore, a student may obtain max 300 points for the entire course. 51%, or 153 points in the absolute minimum required to pass the course. The standard TUT grading rules are applied to calculate the student's final grade.
Resources
https://ained.ttu.ee -- õppekeskkonas olevad materjalid
Gary McGraw "Software Security. Building Security In"