Software Security (SOS)
Course content
The course is focused on software security studied from a programming language perspective. The course will present a variety of techniques based on programming language semantics that serve to improve or guarantee the security of a program. Topics that will be covered in the course include information-flow control, vulnerability analysis, and software-fault isolation and sand-boxing. We will address the problem of security of a variety of languages (high- and low-level) coming from different programming paradigms. The course will provide introductions to relevant program analysis techniques such as abstract interpretation and type systems and demonstrate their applications on a selection of use cases.
Knowledge of
- Basic software security policies, their formalisation as program properties.
- The role of a precise (formal) semantics for a programming language in developing techniques for enforcing security policies.
Skills to
- Describe properties relevant to software security and define what they mean precisely.
- Formalize ideas and concepts into rigorous definitions and make falsifiable (or provable) statements about them.
Competences to
- Read, assess and communicate research papers in language-based security.
- Apply central results in the given area of studies.
Lectures, in-class exercises, group work on programming and analysis assignments.
See Absalon for the final curriculum, but it will contain:
- Course notes.
- Research articles and excerpts from books, distributed electronically.
Proactive Computer Security (PCS) and Semantics and Types (SaT) are recommended
- ECTS
- 7,5 ECTS
- Type of assessment
-
Oral exam on basis of previous submission, 30 minutes
- Type of assessment details
- The exam has two parts:
1) 3-4 individual/group written assignments during the course
2) an individual oral exam (30 minutes) based on the written assignments.
The final grade is based on an overall assessment of the handed-in assignments and the oral exam. - Aid
- All aids allowed
- Marking scale
- 7-point grading scale
- Censorship form
- No external censorship
Several internal examiners
- Re-exam
-
A resubmission of revised written assignments and a 30 minutes individual oral examination without preparation.
Criteria for exam assessment
See Learning Outcome
Single subject courses (day)
- Category
- Hours
- Lectures
- 28
- Preparation
- 146
- Exercises
- 21
- Exam Preparation
- 10
- Exam
- 1
- English
- 206
Kursusinformation
- Language
- English
- Course number
- NDAK21007U
- ECTS
- 7,5 ECTS
- Programme level
- Full Degree Master
- Duration
-
1 block
- Placement
- Block 1
- Schedulegroup
-
B
- Capacity
- No limitation – unless you register in the late-registration period (BSc and MSc) or as a credit or single subject student.
- Studyboard
- Study Board of Mathematics and Computer Science
Contracting department
- Department of Computer Science
Contracting faculty
- Faculty of Science
Course Coordinator
- Thomas Philip Jensen (4-837779744f73783d7a843d737a)
Are you BA- or KA-student?
Courseinformation of students