{"id":24,"date":"2022-11-30T15:28:16","date_gmt":"2022-11-30T15:28:16","guid":{"rendered":"https:\/\/sites.tntech.edu\/sprowell\/?page_id=24"},"modified":"2024-05-22T18:50:28","modified_gmt":"2024-05-22T18:50:28","slug":"csc-6585-secure-software-development","status":"publish","type":"page","link":"https:\/\/sites.tntech.edu\/sprowell\/classes\/csc-6585-secure-software-development\/","title":{"rendered":"CSC 6585 Secure Software Development"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">This is a <em>graduate class<\/em> on secure software development.  The focus of the class is:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>How to think about systems with a security mindset.<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As a result, this class will introduce many security stories and general concepts that you may have already discussed in other security courses.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vulnerabilities, weaknesses, exploits<\/li>\n\n\n\n<li>STRIDE, ATT&amp;CK, threat modeling<\/li>\n\n\n\n<li>Attack trees, attack graphs, attack modeling, CAPEC<\/li>\n\n\n\n<li>Security architectures, Bell-LaPadula, Biba, Clark-Wilson<\/li>\n\n\n\n<li>Secure coding guides, data privacy, data security<\/li>\n\n\n\n<li>Statistical privacy, differential privacy, k-anonymity<\/li>\n\n\n\n<li>ACLs and capabilities, authN, authZ, Zero trust models<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The 2022 series is available on <a href=\"https:\/\/youtube.com\/playlist?list=PL6IR-mL3ooBBml87Du9mtR6_uGGhsWNgK\">YouTube<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"448\" height=\"274\" src=\"https:\/\/sites.tntech.edu\/sprowell\/wp-content\/uploads\/sites\/138\/2024\/05\/security.png\" alt=\"XKCD comic about guessing passwords versus applying brute force (to the password owner)\" class=\"wp-image-80\" srcset=\"https:\/\/sites.tntech.edu\/sprowell\/wp-content\/uploads\/sites\/138\/2024\/05\/security.png 448w, https:\/\/sites.tntech.edu\/sprowell\/wp-content\/uploads\/sites\/138\/2024\/05\/security-300x183.png 300w\" sizes=\"auto, (max-width: 448px) 100vw, 448px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Fall 2024<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The class is scheduled for 9:30 AM &#8212; 10:45 AM Central Time in Bruner 410, 22 August through 12 December 2024.  <strong>This is subject to change!<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Not sure if this class is for you, or concerned about the content?  Contact me and we can discuss it.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Part 0: Preliminaries \u2013 Class structure<\/li>\n\n\n\n<li>Part 1: Motivation \u2013 What is security and why is it hard<\/li>\n\n\n\n<li>Part 2: Basics \u2013 Weaknesses, vulnerabilities, and exploits<\/li>\n\n\n\n<li>Part 3: Security \u2013 Physical vs cyber<\/li>\n\n\n\n<li>Part 4: Models \u2013 Historical security models and properties<\/li>\n\n\n\n<li>Part 5: Threats \u2013 Threat modeling and attack trees<\/li>\n\n\n\n<li>Part 6: Advanced Models \u2013 Capability systems and zero trust<\/li>\n\n\n\n<li>Part 7: Privacy \u2013 Understanding differential privacy<\/li>\n\n\n\n<li>Part 8: Development \u2013 Develop secure software<\/li>\n\n\n\n<li>Aside: Case study of a secure system<\/li>\n\n\n\n<li>Part 9: Ethics \u2013 The ethical crisis in computing<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Do you want more details?  I have shared the course plan <em>as it is right now<\/em> here.  It is subject to lots of changes, of course.<\/p>\n\n\n\n<div data-wp-interactive=\"core\/file\" class=\"wp-block-file\"><object data-wp-bind--hidden=\"!state.hasPdfPreview\" hidden class=\"wp-block-file__embed\" data=\"https:\/\/sites.tntech.edu\/sprowell\/wp-content\/uploads\/sites\/138\/2024\/05\/CSC6585-2024-Course-Plan.pdf\" type=\"application\/pdf\" style=\"width:100%;height:600px\" aria-label=\"Embed of CSC6585-2024-Course-Plan.\"><\/object><a id=\"wp-block-file--media-6b2528fa-9a30-4602-a5cd-4dd569dede6f\" href=\"https:\/\/sites.tntech.edu\/sprowell\/wp-content\/uploads\/sites\/138\/2024\/05\/CSC6585-2024-Course-Plan.pdf\">CSC6585-2024-Course-Plan<\/a><a href=\"https:\/\/sites.tntech.edu\/sprowell\/wp-content\/uploads\/sites\/138\/2024\/05\/CSC6585-2024-Course-Plan.pdf\" class=\"wp-block-file__button wp-element-button\" download aria-describedby=\"wp-block-file--media-6b2528fa-9a30-4602-a5cd-4dd569dede6f\">Download<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>This is a graduate class on secure software development. The focus of the class is: How to think about systems with a security mindset. As a result, this class will introduce many security stories and general concepts that you may &hellip; <a href=\"https:\/\/sites.tntech.edu\/sprowell\/classes\/csc-6585-secure-software-development\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":154,"featured_media":0,"parent":72,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-24","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/pages\/24","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/users\/154"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/comments?post=24"}],"version-history":[{"count":12,"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/pages\/24\/revisions"}],"predecessor-version":[{"id":93,"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/pages\/24\/revisions\/93"}],"up":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/pages\/72"}],"wp:attachment":[{"href":"https:\/\/sites.tntech.edu\/sprowell\/wp-json\/wp\/v2\/media?parent=24"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}