PA2585 Introduction to Security in the Software Development Lifecycle

Single subject course, 6 Higher education credits, Second cycle, autumn semester 2021

Apply

Apply via universityadmissions.se

The purpose of this course is to introduce security practices within the Software Development Lifecycle (SDLC) at the requirements, design, implementation, verification, and after release stages of software development.

This course is the guide to the cybersecurity issues arising throughout the entire development process. We consider the development from the security perspective from the beginning stage until the final release and beyond. The course is adapted to give a solid introduction to non-security-experts mainly and addresses both how professionals (developers, managers, decision-makers) can utilize security to improve (software-based) products/services, and how they are affected by security issues and challenges.

Whether you are a software developer in a bank or telecom company, or you are a product manager in a gaming company, this course will be relevant for you.

Facts

  • Type of instruction: Distance, mixed-time, part-time 17%
  • Application code: BTH-D5844
  • Period : 2021-August-30 until 2022-January-16
  • Education level: A1N
  • Application: Apply via universityadmissions.se
  • Language of instruction: The language of instruction is English.
  • Location: Some or all of education and examination is held at distance.
  • No. of occasions: Mandatory: none, Voluntary: none
  • Main field of study: Software Engineering
  • Course syllabus: Download
  • Welcome letter: Download
  • Entry requirements: Admission to the course requires at least 120 completed credits, of which at least 90 credits are in a technical area, and a minimum of 2 years professional experience within an area related to software-intensive product and/or service development (shown by, for example, a work certificate from an employer).

Content

This course covers trade-off analysis, investment decisions into security, requirements selection and prioritization, and risk assessment approaches. The student will learn the hands-on approaches for trade-off analysis, requirements prioritization methods, risk assessment approaches, and other security aspects at all stages of the software development lifecycle (SDLC). By taking security aspects into account as a part of product design and development, the student can use different techniques and methods along with the best practices.

The course consists of the following parts:

• Background to security and its impact on software engineering
• Secure software engineering
• Secure architectures and design
• ROI and trade-offs between security and other quality aspects such as usability
• Risk analysis
• Introduction of infrastructure choices in relation to security

Learning outcomes

Knowledge and understanding

  • Discuss security aspects in secure software engineering
  • Explain how to apply different methods to achieve security in software engineering, e.g., secure architectures, initial security analysis.

Competence and skills
  • Apply frameworks and methods, models and processes that are presented in the course with the purpose of engineering so-called “secure software”.

Judgement and approach
  • Evaluate the appropriate applications of the frameworks and methods, models and processes that are presented in the course including the trade-off their application entails.

Course literature and other teaching material

Materials such as research articles and other course materials, as well as recommendations for additional reading, are provided via the courses? online platform.

Course literature and other teaching material

Materials such as research articles and other course materials, as well as recommendations for additional reading, are provided via the courses? online platform.

Learning methods

The teaching is organised around online lectures, pre-recorded videos, together with written material, literature, and research literature. Throughout the course, communication, feedback, and discussions with teachers and fellow participants will take place through email and the course’s online learning platform.

Work placement

No work placement is included in the planned learning activities. BTH is aiming for a close contact with the surrounding community when developing courses and programmes.

Teachers

Examiner
  1. Tony Gorschek
Course Manager
  1. Oleksandr Adamov

Time allocation

On average, a student should study 160 hours to reach the learning outcomes.
This time includes all the various available learning activities (lectures, self studies, examinations, etc.).
This estimation is based on the fact that one academic year counts as 60 ECTS credits,
corresponding to an average student workload of 1 600 hours. This may vary individually.

Assessments

Grading

The course will be graded G Pass, UX Insufficient, supplementation required, U Fail.

Exams

More information about exams are found in the Student's Portal, where you also enrolls for most exams.


There might be other scheduled examinations. Information regarding these examinations are available in the learning platform Canvas or at other places that the person who is responsible of the course will refer to.

Course Evaluation

The course manager is responsible for the views of students on the course being systematically and regularly gathered and that the results of the evaluations in various forms affect the form and development of the course.

Do you have a question? Type it here and we will get back to you as soon as possible!
×