About this course: The design step in developing software has some unique characteristics. First of all, it’s the only step where drawing pictures of things is the norm. Why is that? What do pictures do that other representations cannot do? Pictures have varying levels of detail; pictures have context. Pictures…paint a picture. Why are these things important? In this course, too, we begin looking at other disciplines (building architecture is a favorite one) for lessons on design.
Who is this class for: This is a graduate class and it will be best appreciated by students who have a solid foundation in basic software engineering, who can code well (although no real coding is required) and who have had at least internships if not full-time jobs in software development. This is not to say that you need to know how to design software before you learn about designing secure software. It is to say that the more experience you already have in software development, the more the examples and ideas put forth in this course will resonate with you.
Created by: University of Colorado System
Taught by: Albert Glock, Instructor
Computer Science
| Basic Info | Course 4 of 4 in the Secure Software Design Specialization |
| Level | Intermediate |
| Commitment | 4 weeks, 3-4 hours/week |
| Language | English |
| How To Pass | Pass all graded assignments to complete the course. |
Syllabus
WEEK 1
Common Vulnerabilities and Weaknesses
How to use the CVE and CWE on-line databases to assess threats and mitigations
4 videos, 4 readings, 2 practice quizzes
- Video: Introduction to Threats and Mitigations
- Reading: Additional Resource
- Video: Open source threat and mitigation information
- Reading: Additional Resource
- Discussion Prompt: Discussion 1
- Practice Quiz: Open source threat and mitigation information
- Video: Medical analogies
- Reading: Additional Resource
- Video: Secure software design is good software design.
- Reading: Additional Resource
- Discussion Prompt: Discussion 2
- Practice Quiz: Secure software design is good software design
WEEK 2
Specific Design Considerations
Specific things you can do to create a better design.
2 videos, 2 readings, 1 practice quiz
- Video: Design Principles in detail -- I
- Reading: Additional Resource
- Video: Design Principles in detail - II
- Reading: Additional Resource
- Discussion Prompt: Discussion 3
- Practice Quiz: Design Principles in detail
WEEK 3
Building Security in
Security must be built in to a project, not added on.
2 videos, 1 practice quiz
- Video: Security as a build-on, not an add-on
- Video: Active vs Passive security
- Discussion Prompt: Discussion 4
- Practice Quiz: Active vs Passive security
WEEK 4
A Dramatic Failure
The consequences of a bad design can haunt you forever.
1 video, 1 reading, 1 practice quiz
- Video: Therac-25 Case Study
- Reading: Additional Resource
- Discussion Prompt: Discussion 5
- Practice Quiz: Therac-25 Case Study
WEEK 5
Bitcoin Foundations
A detailed look at the first two sentences of the abstract of Nakamoto's 2009 paper announcing Bitcoin.
2 videos, 2 readings, 1 practice quiz
- Video: Intro to Bitcoin
- Reading: Additional Resource
- Video: Bitcoin Lecture 2
- Reading: Additional Resource
- Discussion Prompt: Discussion 6
- Practice Quiz: Bitcoin Foundations
WEEK 6
The Bitcoin Project
Continuing with the abstract of Nakamoto's Bitcoin paper. More details on how it works and how security is integrated into it.
2 videos, 2 readings, 1 practice quiz
- Video: Bitcoin Lecture 3
- Reading: Additional Reading
- Video: Bitcoin Lecture 4
- Reading: Additional Resource
- Discussion Prompt: Discussion 7
- Practice Quiz: Bitcoin 2
WEEK 7
Simple software compromises
A look into the specifics of two common exploitation techniques--buffer overflow and SQL injections. Even though they're "old", these exploits are still used today!
3 videos, 3 readings, 2 practice quizzes
- Video: Buffer Overflow
- Reading: Additional Resource
- Video: SQL Injection
- Reading: Additional Resource
- Discussion Prompt: Discussion 8
- Practice Quiz: SQl Injection
- Video: Software Life Cycle and Management considerations
- Reading: Additional Resource
- Discussion Prompt: Discussion 9
- Practice Quiz: Software Life Cycle and Management considerations
WEEK 8
Final Exam
A comprehensive course assessment comprising of 5 quizzes. Each assessment contains a randomized set of questions from different modules of the course.
Graded: Assessment 1
Graded: Assessment 2
Graded: Assessment 3
Graded: Assessment 4
Graded: Assessment 5
FAQs
How It Works
Coursework
Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.
Help from Your Peers
Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.
Certificates
Earn official recognition for your work, and share your success with friends, colleagues, and employers.
Creators
University of Colorado System
The University of Colorado is a recognized leader in higher education on the national and global stage. We collaborate to meet the diverse needs of our students and communities. We promote innovation, encourage discovery and support the extension of knowledge in ways unique to the state of Colorado and beyond.
Pricing
| Purchase Course | |
|---|---|
| Access to course materials | Available |
| Access to graded materials | Available |
| Receive a final grade | Available |
| Earn a shareable Course Certificate | Available |
Ratings and Reviews
Coursera provides universal access to the world’s best education,
partnering with top universities and organizations to offer courses online.
© 2018 Coursera Inc. All rights reserved.
