Software Security (SOS)
The course is focused on software security studied from a programming language perspective. The course will present a variety of techniques based on programming language semantics that serve to improve or guarantee the security of a program. Topics that will be covered in the course include information-flow control, vulnerability analysis, and software-fault isolation and sand-boxing. We will address the problem of security of a variety of languages (high- and low-level) coming from different programming paradigms. The course will provide introductions to relevant program analysis techniques such as abstract interpretation and type systems and demonstrate their applications on a selection of use cases.
- Basic software security policies, their formalisation as program properties.
- The role of a precise (formal) semantics for a programming language in developing techniques for enforcing security policies.
- Describe properties relevant to software security and define what they mean precisely.
- Formalize ideas and concepts into rigorous definitions and make falsifiable (or provable) statements about them.
- Read, assess and communicate research papers in language-based security.
- Apply central results in the given area of studies.
Lectures, in-class exercises, group work on programming and analysis assignments.
See Absalon for the final curriculum, but it will contain:
- Course notes.
- Research articles and excerpts from books, distributed electronically.
Proactive Computer Security (PCS) and Semantics and Types (SaT) are recommended
- 7,5 ECTS
- Type of assessment
Written assignmentOral examination, 30 min.
- Type of assessment details
- The exam has two parts:
1) 3-4 individual/group written assignments during the course
2) an individual oral exam (30 minutes) based on the written assignments.
The final grade is based on an overall assessment of the handed-in assignments and the oral exam.
- All aids allowed
- Marking scale
- 7-point grading scale
- Censorship form
- No external censorship
Several internal examiners
Criteria for exam assessment
See Learning Outcome.
Single subject courses (day)
- Exam Preparation
- Course number
- 7,5 ECTS
- Programme level
- Full Degree Master
- Block 2
- No limit.
The number of seats may be reduced in the late registration period
- Study Board of Mathematics and Computer Science
- Department of Computer Science
- Faculty of Science
- Thomas Philip Jensen (4-776b6d6843676c316e7831676e)
Are you BA- or KA-student?
Courseinformation of students