Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Remove links to old material, point to 2016 material

...

Threat model. Download the instructions hereDeadline Sun 17 May through

Continue threat model. Download the instructions here.

DateLecture topicLecture notesWeekly Assignment Support & Discussion Meeting
(Optional)
Exercise and deadline (all deadlines 23:55 UTC+3)

Mon 

13 Apr

  • Concept inventory test
  • Introduction
  • How software breaks (low level)

(Removed, see 2016 page )

15 Apr

  • More advanced fuzzing concepts (demos and discussion possible)

Fuzzing. Download the assignment instructions here.

Deadline Sun 19 Apr through Moodle. 

(Removed, see 2016 page)

 

Mon 

20 Apr

  • How software breaks (web apps)
  • Concepts of language theoretic security
  • Lecture outline
  • Reading list

    (Removed, see 2016 page )

    22 Apr

    • Deeper dive into Burp Suite Professional

    MitM proxy. Download the assignment instructions here.

    Deadline Sun 26 Apr through Moodle. Target addresses listed on Moodle.(Removed, see 2016 page )

    Mon 

    27 Apr

    • Security in a software project
    • Visitor: A consultant's view - Henri Lindberg from nSense

    (Removed, see 2016 page )

    29 Apr

    • Modern software development processes and security activities

    A critical look at various security tools. Download the instructions here.

    Deadline Tue 05 May through Moodle (extended due to Wappu).(Removed, see 2016 page )

    Mon 

    04 May

    • Threat modelling (architectural risk analysis) 1
  • Lecture outline
  • Reading list

    (Removed, see 2016 page )

    None; if you have challenges, post a question on Moodle..

    Deadline Tue 12 May through Moodle (extended due to Mothers' day).(Removed, see 2016 page )

    Mon 

    11 May

    • Engineering for privacy
    • Threat modelling (architectural risk analysis) 2

    (Removed, see 2016 page )

    None; if you have challenges, post a question on Moodle. Moodle.

    (This work is based on the results of previous week.
    If you did not finish that, a reference picture you can build on will be available here once the Week 4 deadline has passed.Removed, see 2016 page )

    Mon 

    18 May

    • Software security in the society
    • Economics of software security
    • EU and national regulation
    • Concept inventory test

    (Removed, see 2016 page )

    20 May

    • Case studies of real threat modelling that were interesting or lead to architectural changes

    Essay. Download the instructions here.

    Deadline Sun 24 May through Moodle.(Removed, see 2016 page )

    Books

    Neither book is a strict requirement for passing the course, but will support your learning as follows: If you have no previous exposure to software or application security, you would be strongly recommended to obtain the Secure Coding book, and if you are planning to work in information security, I recommend getting the Threat Modeling book.

    ...