Back to list

Security Engineering – Developing Secure Software

Categories Safety Relevant Development

General Information
Code
SEC
Duration
3 Days

The news about security gaps in software are becoming increasingly commonplace, but it is no longer just software systems that are affected. As a result of increased networking, the software used in pacemakers, insulin pumps, cars and industrial automation systems is at much greater risk than manufacturers take into account. This makes for fatal results, particularly in functional safety.

The term 'IT security' is now on everybody's lips as a result of these news. However, there is still not enough attention being paid to secure development – security engineering or security by design. In order to constructively avoid security gaps, software has to be developed in a secure manner from day one.

This seminar has been designed to awaken a basic understanding in secure development, highlights threats and attacks and presents the appropriate methods for avoiding security gaps as much as possible throughout the entire software development process.

Contents
  • Introduction
    • Definition of security and differentiation to safety
    • Protection goals, threats and weaknesses
    • Basic security features
  • Attacks
    • Types of hackers
    • Web security (including XSS, CSRF and countermeasures)
    • Memory-based attacks and countermeasures
    • Social engineering
  • Development process
    • Software Assurance Maturity Model (SAMM)
    • ISO 27034
    • Microsoft SDL
  • Security requirements
    • Misuse cases
    • Context analysis
  • Security design
    • Attack surface reduction
    • Threat modelling
    • Design principles
  • Secure development
    • Typical errors
    • Techniques
    • MISRA coding guidelines
  • Security testing
    • Differentiation to functional testing
    • Penetration tests
    • Fuzzing
Target audience
  • Software architects, software designers, software developers
Prerequisites
  • Experience in software development

Any Questions?

Any questions about our engineering service offers? Feel free to call us!

Contact card open Contact card close
Courses 2023/24
Download (pdf, 2 MB)
General Terms & Conditions
Download (pdf, 165 KB)