Software Security Lifecycle - ZEIT8024
Faculty: UNSW Canberra at ADFA
School: School of Engineering & Information Technology @ UNSW Canberra at ADFA
Course Outline: ZEIT8024 Course Outline
Campus: UNSW Canberra at ADFA
Career: Postgraduate
Units of Credit: 6
EFTSL: 0.12500 (more info)
Indicative Contact Hours per Week: 6
CSS Contribution Charge: 2 (more info)
Tuition Fee: See Tuition Fee Schedule
Further Information: See Class Timetable
View course information for previous years.
Description
The world is more digitally connected than it has ever been before with the digitisation of money and content, supporting e-commerce and access from anywhere via fixed or mobile networks. The integrity of such critical digital assets then depends on the reliability and security of the software that enables and controls those assets. According to the latest reports, software application vulnerabilities are ranked the No.1 threat to information security professionals and will continue to be among the top cyber security concerns.
While attackers and researchers continue to expose new application vulnerabilities, the many common application flaws are very often previous, rediscovered threats. In many cases software applications operate as part of a larger systems thus face a number of different security risks. For example, security issues associated with implementing COTS software within existing systems. Most importantly, developing web applications in this current environment requires an understanding of:
· all security issues associated with software components and their interfaces within the larger system; and
· applicability of a holistic approach to build security in starting from a user requirements, software design and implementation to testing and deployment.
This Masterscourse is designed to provide students with a deep understanding, and the skills to implement, manage and incorporate security practices throughout the whole Software Development Lifecycle (SDLC), from identifying customer needs, writing secure requirements, designing, implementing, testing and deployment.
This course meets an essential requirement for software developers to stay current on the latest advances in software development and the new security threats they create. This course is theoretical and covers not only the content of the ISC2 CSSLP® certification, but also provides a holistic view on a role of software applications within complex systems. It draws on ISC2 material as well as other scholarly sources.
Topics include:
v Secure Software Concepts
v Secure Software Requirements
v Secure Software Design
v Secure Software Implementation / Coding
v Secure Software Testing
v Software Acceptance
v Software Deployment Operations, Maintenance and Disposal
While attackers and researchers continue to expose new application vulnerabilities, the many common application flaws are very often previous, rediscovered threats. In many cases software applications operate as part of a larger systems thus face a number of different security risks. For example, security issues associated with implementing COTS software within existing systems. Most importantly, developing web applications in this current environment requires an understanding of:
· all security issues associated with software components and their interfaces within the larger system; and
· applicability of a holistic approach to build security in starting from a user requirements, software design and implementation to testing and deployment.
This Masterscourse is designed to provide students with a deep understanding, and the skills to implement, manage and incorporate security practices throughout the whole Software Development Lifecycle (SDLC), from identifying customer needs, writing secure requirements, designing, implementing, testing and deployment.
This course meets an essential requirement for software developers to stay current on the latest advances in software development and the new security threats they create. This course is theoretical and covers not only the content of the ISC2 CSSLP® certification, but also provides a holistic view on a role of software applications within complex systems. It draws on ISC2 material as well as other scholarly sources.
Topics include:
v Secure Software Concepts
v Secure Software Requirements
v Secure Software Design
v Secure Software Implementation / Coding
v Secure Software Testing
v Software Acceptance
v Software Deployment Operations, Maintenance and Disposal
Study Levels
UNSW Quick Links
