Software security (5.2.2014)

Principal theme Prerequisite knowledge Approaches the learning objectives Reaches the learning objectives Deepens the learning objectives
Architectural Risk Analysis Understanding the basic OS concepts (process, virtual machine); basic networking concepts (protocol stack, Message Sequence Charts); basic concepts of HTTP / TCP / IP. Can describe the concept of an attack surface. Can describe asymmetry in attack and defense. Can identify information assets and data flows from a system, given an architectural description.
Can perform risk analysis for an example architecture.
 
Can effectively detect a range of typical risks from an example architectural description.
Can modify an existing example architecture through applying one or more of architectural security patterns we introduce.
 
Architecting and re-architecting systems to mitigate complete classes of weaknesses using patterns. Platform and framework specific issues that call for specific architectural design. Balancing security with other architectural requirements such as scalability and performance.
How software breaks Must be able to program (any language is fine); comfortable with Unix (e.g., Linux/Mac OS X/Cygwin) command line; can install and run Java apps; basic OS concepts (process, stack, heap), basics of HTTP as a protocol and HTML as a markup language. Can describe some main classes of software vulnerabilities. Can distinguish between implementation and design level issues. Can perform robustness testing for a simple input using a fuzzer. Can perform basic web security testing tasks using an attack proxy. Can describe DoS and contributing factors to it.
 
Can describe a traditional stack overflow attack in sufficient technical detail. Can describe current process memory protection features are and how they relate to exploitation. Can use an attack proxy to detect straightforward injection vulnerabilities in web apps unguided.
 
Writing a working exploit. Use of a debugger, assessing exploitability of a finding. Understanding the basic idea of return-oriented programming and heap spraying. Unguided web app exploratory testing, with more obscure problems. Language, platform and framework specific issues; detecting issues in code review.
Software security in software development lifecycle
 
Basic understanding of software development project concepts (requirements, development, quality assurance, maintenance). Can describe main software security practice areas in a software development project. Can explain the concept of a residual risk. Can describe types of tools for enhancing software security, and explain how they are technically supposed to increase security. Making a risk-based evaluation of the benefits and costs of acquiring a tool, or taking a software security activity into use in a software project. Communicating risk and residual risk to management.
 
Software security as a policy and standardisation issue None. Can describe some of the debate and differences around “full disclosure” and “responsible disclosure”. Can list sources of regulatory / standards based software security requirements. Can justify an informed personal opinion on topics such as disclosure policies or attack and defense in “cyberwarfare”. Has an overall picture of main sources of regulatory / standards based software security requirements.
 
Transforming regulatory or standards based software security requirements into engineering requirements. Assessing a software against those requirements. Maintain an ongoing understanding of the “cybersecurity” discourse.

 

05.03.2014 - 16:15 Sini S Ruohomaa
21.10.2013 - 12:37 Sini S Ruohomaa