Print as pdf if you want a pdf! If you want a nicer printout, click off the browser's automatically added header and footer.
Blekinge Institute of Technology
Department of Computer Science
Revision: 2
Reg.no:
Course syllabus
Software Security
Software Security
6 credits (6 högskolepoäng)
Course code: DV1665
Main field of study: Computer Science
Disciplinary domain: Technology
Education level: First-cycle
Specialization: G1F - First cycle, has less than 60 credits in first-cycle course/s as entry requirements
Language of instruction: English
Applies from: 2023-08-28
Approved: 2023-03-01
1. Descision
This course is established by Dean 2022-05-03. The course syllabus is approved by Head of Department of Computer Science 2023-03-01 and applies from 2023-08-28.
2. Entry requirements
Admission to the course requiers completed course in programming in C or C++.
3. Objective and content
3.1 Objective
The main purpose of the course is to understand and manage various software security problems in a safe and controlled environment. Risky programming patterns that can be exploited for nefarious purposes can cause significant financial losses and reputational damage to organizations that use or develop vulnerable products. The knowledge and skills imparted during the course are intended to limit the above-mentioned risks and are therefore important for companies and organizations where professional software is being developed.
3.2 Content
The student will learn to understand the adversary’s way of working and to identify risky programming patterns to be avoided. During the course, the student will become familiar with various security mechanisms built into operating systems or provided by specific development tools. The student will also learn to use tools for both code and binaries for purpose to understand exploitation techniques as well as protect software. The course includes the following elements:
- Background to software security and causes of vulnerabilities in software
- Quick introduction to assembler programming for x86-32/64 bit microprocessors
- Handling vulnerabilities in memory management, in system calls and calls to library functions
- Methods and measures to counter unsafe handling of input data
- Tools for analyzing source code and binaries
- Introduction to threat modeling
4. Learning outcomes
The following learning outcomes are examined in the course:
4.1. Knowledge and understanding
On completion of the course, the student will be able to:
- explain how software vulnerability exploitation techniques work.
- explain how protection against specific exploitation techniques in software works.
- explain techniques and implementation choices that lead to safe handling of input data.
4.2. Competence and skills
On completion of the course, the student will be able to:
- apply the tools for analysis of source code and binaries presented during the course.
4.3. Judgement and approach
On completion of the course, the student will be able to:
- evaluate limitations of selected measures and protection mechanisms in relation to a specific vulnerability or lack of security.
5. Learning activities
The teaching takes place in the form of lectures on campus, recorded video material, as well as own studies of fundamentals literature, research literature and other written material. During the course, communication, feedback and discussions with teachers and other participants take place via e-mail, the course's learning platform and via physical or online meetings.
6. Assessment and grading
Modes of examinations of the course
| Code | Module | Credit | Grade |
| 2310 | Written assignment 1 | 2.5 credits | GU |
| 2320 | Written assignment 2 | 3.5 credits | GU |
The course will be graded G Pass, Ux Failed result, a little more work required, U Fail.
The information before the start of the course states the assessment criteria and make explicit in which modes of examination that the learning outcomes are assessed.
An examiner can, after consulting the Disability Advisor at BTH, decide on a customized examination form for a student with a long-term disability to be provided with an examination equivalent to one given to a student who is not disabled.
7. Course evaluation
The course evaluation should be carried out in line with BTH:s course evaluation template and process.
8. Restrictions regarding degree
The course can form part of a degree but not together with another course the content of which completely or partly corresponds with the contents of this course.
9. Course literature and other materials of instruction
Materials such as research articles and other course material are provided on the course's learning platform and via BTHs library resources, as well as recommendations for further reading.
10. Additional information
This course replaces DV1579