20649 - SOFTWARE METHODOLOGIES AND ARCHITECTURES FOR SECURITY - MODULE 2: SOFTWARE ENGINEERING METHODOLOGIES FOR SECURITY
Cross-institutional study L. Bocconi - Politecnico Milano
Course taught in English
Go to class group/s: 25
Course Director:
MARCELLO MARIA BERSANI
MARCELLO MARIA BERSANI
Mission & Content Summary
MISSION
The development of complex software systems requires different many skills cooperating in a coordinated manner, ranging from technical abilities and managerial attitudes. In such a complex job, designers must be supported by suitable, and possibly standardized, tools and practices that can be used throughout the whole life of the software product. In addition to the design practices and techniques, including, for instance, the analysis of requirements, the design of the architecture, the verification and validation activities and the process maintenance, the awareness of software vulnerabilities that might expose the user data to potential attack is becoming nowadays more and more important. Developing secure systems is a hard problem mixing elements of cryptography, software engineering, secure networking, besides political and social challenges. The focus of the course is on the development of complex software system and aim to provide a coherent view of the foundations of software engineering and the main techniques defining the basis of the development of secure software.
CONTENT SUMMARY
The course covers the design and development of software in general and delves into some of the essential phases of its life cycle. In particular, the phases of requirements analysis, design, implementation and verification and validation shape the course. The key aspects of each of these phases are discussed within the context of secure software design.
Intended Learning Outcomes (ILO)
KNOWLEDGE AND UNDERSTANDING
At the end of the course student will be able to...
- the paradigms and the models for developing a software system.
- The relation between risk management and software development.
- The notion of algorithm and data structures and their main families.
- The basics of Python language.
- The fundamental phases of software development.
- The goals, assumptions and requirements associated with a software system.
- The modeling of some aspects of software systems.
- The architecture of a software system and the architectural patterns as a means of determining software qualities.
- The verification, validation and testing of software.
- The main software vulnerabilities in web applications and IoT systems.
APPLYING KNOWLEDGE AND UNDERSTANDING
At the end of the course student will be able to...
- Determine the paradigm and the model for developing a software.
- Apply a methodology to describe the goals, assumptions and requirements of the software through scenarios and use-cases.
- Implement simple Python programs.
- Design and comprehend the model diagram of simple scenarios by using UML diagrams.
- Apply/understand data-flow analysis and symbolic testing in simple scenarios and collaborate to testing activities.
- Understand the basic software vulnerabilities in some classes of applications.
Teaching methods
- Lectures
DETAILS
Assessment methods
| Continuous assessment | Partial exams | General exam | |
|---|---|---|---|
|
x |
ATTENDING AND NOT ATTENDING STUDENTS
Written exams.
- Solving exercises: designing UML models and analysing Python code with standard techniques (Dublin descriptors 1,2,3)
- Open-ended questions on topics covered in class (Dublin descriptors 1,2)
Teaching materials
ATTENDING AND NOT ATTENDING STUDENTS
- Hans van Vliet, Software Engineering: Principles and Practice, 3rd Edition, Editore: Wiley, ISBN: 978-0-470-03146-9
- Carlo Ghezzi, Mehdi Jarayeri, Dino Mandrioli, Fundamentals of Software Engineering, Editore: Prentice-Hall, ISBN: 0133056996
- Martin Fowler, UML distilled, Editore: Pearson, ISBN: 9788891907820
- Ross Anderson, Security Engineering, Editore: Wiley, ISBN: 0-471-38922-6
Last change 12/11/2024 16:39