Secure Code

  • English
  • Deutsch

Good knowledge of programming will be required (especially the lectures Software Development 1 and 2). Participants should be familiar with both Java and C, and have at least working knowledge of HTML / HTTP and SQL.

Course content: 
•principles and techniques of secure software development
•security risk rankings and taxonomies
•code injection (SQL injection, cross-site scripting XSS)
•(buffer) overflows, format string attacks
•I/O handling (canonicalization, validation, sanitization)
•information exposure, guarding secrets (keys, passwords)
•defensive and diligent coding
•resilience and anti-tampering (denial of service, obfuscation)
•safe parallelization (deadlocks, race conditions)
•authentication, authorization, privilege management
•secure software development processes
•specific features of languages and environments
Lecturer(s): 
LVA type: 
KV
LVA number: 
353.064
Hours per semester: 
1
ECTS: 
1.50
Max. participants: 
35
Location: 
S2 Z74
Exam: 

Written exam

Dates: 

Preliminary discussion: Mo, 03/07/2016, 17:15 - 18:00, S2 Z74