Secure software engineering joins two important fields: Software engineering and information security. software engineering is the systematic use of principles, methods and tools to develop and deploy software. information security covers topics like confidentiality, integrity and availability of informations and data.
- Claudia Eckert: IT-Sicherheit, 9. Auflage, De Gruyter Oldenbourg, 2014; - Ross Anderson: Security Engineering, 2. Auflage, Wiley, 2008. Weitere Literaturhinweise werden zu den einzelnen Themenblöcken bereitgestellt.
The goal of this lecture is to teach principles, methods and tools for the development of secure software applications. To this end, basic concepts are first introduced. This is followed by process models for developing secure software and evaluating the maturity of development processes. Along the phases or process groups of software development, central principles, methods and tools are then introduced and explained. Special attention is given to threat and risk analysis, security requirements, principles and patterns for designing secure software applications, secure and insecure software implementations, security tests and evaluation of the security properties of software applications.
wöchentlich, ab 22.10.2021, 12:00 - 14:00 (16 Termine)