SS Secure Software Engineering - Heinz Nixdorf Institut (HNI)

Secure Software Engineering SS2024

Course Abstract

What does it take to engineer software systems securely? This is the key question we wish to address in this course. Answering it requires to develop an understanding of the following key areas of secure software engineering: threat modeling, secure design, secure coding, security validation, secure deployment and maintenance. In this course we will be covering those areas in an example-driven style, discussing current techniques applicable to those areas and lessons learned from concrete real-world security breaches.

Prerequisites

Participants are expected to have completed or nearly completed the first section of the Bachelor degree, in particular the Softwaretechnikpraktikum. On top of that there are no special prerequisites for this course.

Course Material

The slides and exercise sheets will be uploaded after each lecture on the course's PANDA page (TBA)

Schedule

The teaching language will be English. Questions in German will be permitted.

The following course schedule is non-binding and may change at any time. Changes will be announced via PANDA.

No.	Date	Lecture Topic	OWASP Top-10	Lecturer
1	12.04.24	Introduction	OWASP Introduction	Bodden
2	19.04.24	What Security Is!	A1: Broken Access Control	Schott
3	26.04.24	Misuse & Abuse Cases	A3: Injection	Bodden
4	03.05.24	Threat Modeling	A4: Insecure Design	Bodden
5	10.05.24	Risk Assessment and Test Planning	A5: Security Misconfiguration	Khedkar
6	17.05.24	Defensive Coding and Security Mechanisms 1	A9: Security Logging and Monitoring Failures	Bodden
7	24.05.24	Defensive Coding and Security Mechanisms 2	A7: Identification and Authentication Failures	Bodden
8	31.05.24	Applied Cryptography	A2: Cryptographic Failures	Bodden
9	07.06.24	Applied Cryptography Continued & Code Inspection and Program Analysis	A8: Software and Data Integrity Failures	Bodden
10	14.06.24	Vulnerability Assessment	A6: Vulnerable and Outdated Components	Bodden
11	21.06.24	External Talk: TBA	-	TBA
12	28.06.24	Deployment and Distribution	A10: Server-Side Request Forgery	Bodden
13	05.07.24	Insider Threats and Usability	A11: Next steps	Bodden
14	12.07.24	Recap	-	Bodden
15	19.07.24	External Talk: TBA	-	TBA

Exercise Sheets

There will be 5 exercise sheets published in PANDA. One will be published every second week.

Exercise Sessions

There will be an exercise session (almost) every 2 weeks. The exercise sessions will introduce each newly released exercise sheet and discuss the results of the previous assignment sheet. Additionally, each of the {S}ecurify phases will be introduced and {S}ecurify presentations will be given.

Exercise session 1: Monday, 11:15 in F 1 110

Exercise session 2: Thursday, 09:15 in F 1 110

Exercise Schedule

Exercise	Dates	{S}ecurify Content
1	15.04.24 / 18.04.24	Introduction to Contest & Develop Phase
2	29.04.24 / 02.05.24
3	13.05.24 / 16.05.24	Introduction to Breach & Review Phase
4	10.06.24 / 13.06.24
5	24.06.24 / 27.06.24	Introduction to Repair Phase
6	08.07.24 / 11.07.24

Registration & Questions

To attend the course, you have to register in the PAUL system as a participant.

{S}ecurify: participation in the {S}ecurify contest is optional but highly encouraged. There is also a possibility to gain bonus points for successful participation.

Final Exam

There will be two written exam dates.

Date / Time / Room:

1. TBA
2. TBA

Further Information:

The exam will be given in English. Answers in German will be permitted.
The use of a English-Deutsch dictionary is permitted.

Learning Outcomes

After having attended this course, participants will have developed a solid understanding of the most important aspects of secure software engineering, both in theory and practice. This includes the ability to identify and model threats to software systems, to avoid the most common classes of vulnerabilities, and to identify and apply techniques and tools to avoid or identify the introduction of security vulnerabilities.

Syllabus

The course will be comprising different theoretical and practical parts:

The main lecture will cover background information about all relevant aspects of a secure software-engineering lifecycle. We will be motivating and explaining the core ideas with real-world examples. An integral part of every lecture will be the discussion of one of OWASP top-10 security risks. inspired by past real-world vulnerabilities and attacks, we will discuss each category of OWASP security risks and showcase common weaknesses and how to prevent them. Where possible, the discussion will directly relate to this day's remaining content of the lecture.
In addition, we will be conducting a practical contest called {S}ecurify. The course is meant to help students experience a secure development lifecycle first hand. In the "Develop" phase, students will be asked to gather in teams and develop small software projects based on a formal specification, also including security requirements. In the "Breach" phase, the developed software will be exchanged between development teams to break the implementation, i.e., find and exploit security vulnerabilities in code of other teams. Lastly, in the "Repair" phase, teams will get the chance to fix found vulnerabilities and, hence, render their software product more secure. This contest will be conducted using an automated online infrastructure.
The exercise classes are meant to reinforce the student's understanding of the main lecture's content. With practical, sometimes interactive exercises students will be able to learn important skills that can also support their work in the {S}ecurify contest.

The main lecture will discuss crucial elements of a Secure Software Development Lifecycle, including:

Threat modeling
Risk analysis
Architectural security
Secure coding
Applied Cryptography
Secure configuration and deployment
Updates and maintenance