PA2582 Security in Software-intensive Product and Service Development - an introduction

Single subject course, 6 Higher education credits, Second cycle, autumn semester 2020

Apply

Apply via universityadmissions.se

The purpose of this course is to introduce areas of: layers of security, development/operations/technology security, security “built-in”, architectural security and patterns, ROI on pre-emptive security, Security risk assessment, privacy in relation to security, usability in relation to security. Experience of programming and design of software-intensive products and services are desirable.

Facts

  • Type of instruction: Distance, mixed-time, part-time 17%
  • Application code: BTH-D5818
  • Period : 2020-August-31 until 2021-January-17
  • Education level: A1N
  • Application: Apply via universityadmissions.se
  • Language of instruction: The teaching language is English.
  • Location: Some or all of education and examination is held at distance.
  • No. of occasions: Mandatory: none, Voluntary: none
  • Main field of study: Software Engineering
  • Course syllabus: Download
  • Welcome letter: Download
  • Entry requirements: Admission to the course requires at least 120 credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).

Content

The student will learn to understand the importance of taking security aspects into account already during the planning and development of software-intensive product and service development. During the course, the student will be familiarized with and get practical experience from different methods to evaluate, plan, and prepare for the so-called “secure software engineering.” By taking security aspects into account as a part of product design and development, you can use different techniques and methods such as architectural patterns and good practices. Also included is to understand the different phases and aspects that are influenced by, and where good engineering influences, security – where security has to be seen in the three layers of engineering security, operational security, and technology-based security.
The course consist of the following parts:
• Background to security and its’ influences on software engineering
• Secure software engineering
• Secure architectures and design
• ROI and trade-offs between security and other quality aspects such as usability
• Risk analysis
• Introduction of infrastructure choices in relation to security
• Introduction to how the choice of technologies and languages influences security

Learning outcomes

Knowledge and understanding
• Be able to account for the understanding of security aspects in secure software engineering
• Be able to gain a detailed understanding of how to apply different methods to achieve security in software engineering, e.g., secure architectures)
• Be able to account for how to apply initial security analysis and trade-offs in relation to security in the design and development of software-intensive product and service development
Competence and skills
• Be able to apply frameworks and methods, models and processes that are presented in the course with the purpose of engineering so-called “secure software”
Judgement and approach
• Be able to evaluate and assess the appropriate applications of the frameworks and methods, models and processes that are presented in the course including the trade-off its application entails

Course literature and other teaching material

Materials such as research articles and other course materials, as well as recommendations for additional reading, are provided via the courses? online platform.

Course literature and other teaching material

Materials such as research articles and other course materials, as well as recommendations for additional reading, are provided via the courses? online platform.

Learning methods

The teaching is organised around online lectures, pre-recorded videos, together with written material, literature, and research literature. Throughout the course, communication, feedback, and discussions with teachers and fellow participants will take place through email and the course’s online learning platform.

Work placement

No work placement is included in the planned learning activities. BTH is aiming for a close contact with the surrounding community when developing courses and programmes.

Teachers

Examiner
  1. Tony Gorschek
Course Manager
  1. Oleksandr Adamov

Time allocation

On average, a student should study 160 hours to reach the learning outcomes.
This time includes all the various available learning activities (lectures, self studies, examinations, etc.).
This estimation is based on the fact that one academic year counts as 60 ECTS credits,
corresponding to an average student workload of 1 600 hours. This may vary individually.

Assessments

Grading

The course will be graded G Pass, UX Insufficient, supplementation required, U Fail.

Exams

More information about exams are found in the Student's Portal, where you also enrolls for most exams.


There might be other scheduled examinations. Information regarding these examinations are available in the learning platform Canvas or at other places that the person who is responsible of the course will refer to.

Course Evaluation

The course manager is responsible for the views of students on the course being systematically and regularly gathered and that the results of the evaluations in various forms affect the form and development of the course.