While different types of software play a major role in providing security, they are also a major source of security problems. Thus, the demand for secure and dependable software systems is acute due to the increasing use of cyber-physical systems. This course will introduce the students with the foundations of software security, important software vulnerabilities and attack vectors that exploit them. The list of topics will includes software bugs, flaws, and vulnerabilities, attack patterns, attack vectors, threat modelling, software design security, operating system security, privilege escalation problem, common software vulnerabilities (e.g., buffer overflow, shellshock, format string), OWASP top 10, SQL injection attack, cross site scripting (XSS), code-review and secure coding practices.
Spring.