| Software Engineering | |||||
| Bachelor | TR-NQF-HE: Level 6 | QF-EHEA: First Cycle | EQF-LLL: Level 6 | ||
| Course Code: | YAZ214 | ||||
| Course Name: | Software Security | ||||
| Semester: | Spring | ||||
| Course Credits: |
|
||||
| Language of instruction: | Turkish | ||||
| Course Condition: | |||||
| Does the Course Require Work Experience?: | No | ||||
| Type of course: | Compulsory Courses | ||||
| Course Level: |
|
||||
| Mode of Delivery: | Face to face | ||||
| Course Coordinator: | Dr. Öğr. Üy. MUHAMMED DAVUD | ||||
| Course Lecturer(s): | Dr. Öğr. Üyesi Femilda Josephin Joseph Shobana Bai | ||||
| Course Assistants: |
| Course Objectives: | This software security course aims to equip students with a comprehensive understanding of secure software development. Covering topics such as secure coding, architecture, and system assembly challenges, the course delves into essential mechanisms like authentication, encryption, and cryptography. Students explore practical applications in web and mobile security, along with network security considerations. Governance and management strategies for secure software are emphasized, and emerging trends, including blockchain, IoT security, and AI/ML applications, are examined. Through theoretical insights and practical exercises, students develop the skills necessary for designing and maintaining secure software systems in a dynamic technological landscape. |
| Course Content: | This software security course covers fundamental aspects such as secure coding, architecture, and testing, progressing to advanced topics like authentication, encryption, and network security. Governance strategies and emerging trends, including blockchain and AI in security, are explored. Students gain skills for designing and maintaining secure software systems in the dynamic technological landscape. |
|
The students who have succeeded in this course;
1) Gain a solid grasp of the importance of security in software development, recognizing prevalent threats and vulnerabilities. 2) Develop secure coding practices and integrating security into the software development life cycle. 3) Explore strategies for effective governance and management in ensuring secure software development. 4) Enhance analytical skills to address security challenges in networked software systems, covering communication security, firewalls, and intrusion detection. 5) Gain insights into securing web and mobile applications, covering common vulnerabilities and best practices. |
| Week | Subject | Related Preparation |
| 1) | Why Is Security a Software Issue? | |
| 2) | What makes software Secure? | |
| 3) | Requirements Engineering for Secure Software | |
| 4) | Secure Software Architecture and Design | |
| 5) | Considerations for Secure Coding and Testing | |
| 6) | Security and Complexity: System Assembly Challenges | |
| 7) | Governance, and Managing for More Secure Software | |
| 8) | Midterm | |
| 9) | Authentication and Authorization | |
| 10) | Encryption and Cryptography | |
| 11) | Encryption and Cryptography | |
| 12) | Web Application Security, Mobile Application Security | |
| 13) | Network Security for Software Systems | |
| 14) | Emerging Trends in Software Security |
| Course Notes / Textbooks: | Software Security: Building Security In by Gary McGraw, " Addison-Wesley Professional, 2006, ISBN: 0321356705 |
| References: | Class Notes |
| Course Learning Outcomes | 1 |
2 |
3 |
4 |
5 |
||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Program Outcomes | |||||||||||
| 1) Adequate knowledge in mathematics, science and software engineering; the ability to use theoretical and practical knowledge in these areas in complex engineering problems. | |||||||||||
| 2) Ability to identify, formulate, and solve complex software engineering problems; ability to select and apply appropriate analysis and modeling methods for this purpose. | |||||||||||
| 3) Ability to design, implement, verify, validate, measure and maintain a complex software system, process, device or product to meet specific requirements under realistic constraints and conditions; ability to apply modern design methods for this purpose. | |||||||||||
| 4) Ability to develop, select and use modern techniques and tools necessary for the analysis and solution of complex problems encountered in software engineering applications; ability to use information technologies effectively. | |||||||||||
| 5) Ability to design, conduct experiments, collect data, analyze and interpret results for the study of complex engineering problems or software engineering research topics. | |||||||||||
| 6) Ability to work effectively within and multidisciplinary teams; individual study skills. | |||||||||||
| 7) Ability to communicate effectively orally and in writing; knowledge of at least one foreign language; ability to write effective reports and understand written reports, to prepare design and production reports, to make effective presentations, to give and receive clear and understandable instructions. | |||||||||||
| 8) Awareness of the necessity of lifelong learning; the ability to access information, to follow developments in science and technology and to renew continuously. | |||||||||||
| 9) To act in accordance with ethical principles, professional and ethical responsibility; information on the standards used in engineering applications. | |||||||||||
| 10) Information on business practices such as project management, risk management and change management; awareness of entrepreneurship and innovation; information about sustainable development. | |||||||||||
| 11) Knowledge of the effects of software engineering practices on health, environment and safety in the universal and social scale and the problems of the era reflected in software engineering; awareness of the legal consequences of software engineering solutions. | |||||||||||
| No Effect | 1 Lowest | 2 Average | 3 Highest |
| Program Outcomes | Level of Contribution | |
| 1) | Adequate knowledge in mathematics, science and software engineering; the ability to use theoretical and practical knowledge in these areas in complex engineering problems. | 3 |
| 2) | Ability to identify, formulate, and solve complex software engineering problems; ability to select and apply appropriate analysis and modeling methods for this purpose. | 2 |
| 3) | Ability to design, implement, verify, validate, measure and maintain a complex software system, process, device or product to meet specific requirements under realistic constraints and conditions; ability to apply modern design methods for this purpose. | |
| 4) | Ability to develop, select and use modern techniques and tools necessary for the analysis and solution of complex problems encountered in software engineering applications; ability to use information technologies effectively. | 2 |
| 5) | Ability to design, conduct experiments, collect data, analyze and interpret results for the study of complex engineering problems or software engineering research topics. | 2 |
| 6) | Ability to work effectively within and multidisciplinary teams; individual study skills. | |
| 7) | Ability to communicate effectively orally and in writing; knowledge of at least one foreign language; ability to write effective reports and understand written reports, to prepare design and production reports, to make effective presentations, to give and receive clear and understandable instructions. | |
| 8) | Awareness of the necessity of lifelong learning; the ability to access information, to follow developments in science and technology and to renew continuously. | |
| 9) | To act in accordance with ethical principles, professional and ethical responsibility; information on the standards used in engineering applications. | |
| 10) | Information on business practices such as project management, risk management and change management; awareness of entrepreneurship and innovation; information about sustainable development. | |
| 11) | Knowledge of the effects of software engineering practices on health, environment and safety in the universal and social scale and the problems of the era reflected in software engineering; awareness of the legal consequences of software engineering solutions. |
| Semester Requirements | Number of Activities | Level of Contribution |
| Quizzes | 2 | % 10 |
| Homework Assignments | 3 | % 20 |
| Midterms | 2 | % 30 |
| Final | 2 | % 40 |
| total | % 100 | |
| PERCENTAGE OF SEMESTER WORK | % 60 | |
| PERCENTAGE OF FINAL WORK | % 40 | |
| total | % 100 | |
| Activities | Number of Activities | Workload |
| Course Hours | 13 | 39 |
| Study Hours Out of Class | 14 | 70 |
| Homework Assignments | 2 | 4 |
| Quizzes | 2 | 4 |
| Midterms | 1 | 2 |
| Final | 1 | 2 |
| Total Workload | 121 | |