Operating Systems and Applications Security

Data is displayed for the academic year: 2024./2025.

Lecturers

Assoc. Prof.
Stjepan Groš
PhD
Assoc. Prof.
Marin Vuković
PhD

Course Description

The goal of this course is to make students aware of problems with development of secure software and vulnerabilities that might arise if due care is not taken. Students will also know which hardware and operating system mechanisms they have on their disposal to avoid vulnerabilities or make them harder to exploit. Also, students will learn about methods to search for vulnerabilities in software using static and dynamic analysis.

Study Programmes

University graduate
[FER3-HR] Audio Technologies and Electroacoustics - profile
Elective Courses (2. semester)
[FER3-HR] Communication and Space Technologies - profile
Elective Courses (2. semester)
[FER3-HR] Computational Modelling in Engineering - profile
Elective Courses (2. semester)
[FER3-HR] Computer Engineering - profile
Elective Course of the profile (2. semester)
Elective Courses (2. semester)
[FER3-HR] Computer Science - profile
Elective Courses (2. semester)
Elective Courses of the Profile (2. semester)
[FER3-HR] Control Systems and Robotics - profile
Elective Courses (2. semester)
[FER3-HR] Data Science - profile
Elective Courses (2. semester)
[FER3-HR] Electrical Power Engineering - profile
Elective Courses (2. semester)
[FER3-HR] Electric Machines, Drives and Automation - profile
Elective Courses (2. semester)
[FER3-HR] Electronic and Computer Engineering - profile
Elective Courses (2. semester)
[FER3-HR] Electronics - profile
Elective Courses (2. semester)
[FER3-HR] Information and Communication Engineering - profile
Elective Courses (2. semester)
[FER3-HR] Network Science - profile
Elective Courses (2. semester)
Elective Courses of the Profile (2. semester)
[FER3-HR] Software Engineering and Information Systems - profile
Elective Course of the profile (2. semester)
Elective Courses (2. semester)

Learning Outcomes

  1. describe threats to applications
  2. describe protections in modern computing platforms
  3. describe methods to improve application security in the software development lifecycle
  4. describe potential security issues of using artificial intelligence in software development
  5. describe more frequently used technical protections
  6. select appropriate programming language

Forms of Teaching

Lectures

Lectures consist of lecturer's presentations and students' presentations.

Seminars and workshops

Each student has to study and present one topic from the offensive security during the lecture. Topics are proposed by the teacher.

Independent assignments

Reading scientific and professional texts.

Laboratory

In laboratory exercises students get to know methods and tools for secure software development.

Grading Method

Continuous Assessment Exam
Type Threshold Percent of Grade Threshold Percent of Grade
Laboratory Exercises 40 % 20 % 40 % 20 %
Class participation 40 % 40 % 40 % 40 %
Mid Term Exam: Written 40 % 20 % 40 %
Final Exam: Written 40 % 20 %
Exam: Written 50 % 40 %

Week by Week Schedule

  1. Introduction. Challenges in development of secure software.
  2. Trusted execution environments
  3. Protection mechanisms of contemporary operating systems.
  4. Virtualizations and containerizations as elements of security.
  5. Secure software development lifecycle.
  6. Threat modeling. Security requirements. Secure software architecture.
  7. Secure coding.
  8. Midterm exam
  9. Security challenges of use of artificial intelligence in software development.
  10. Modern programming languages for secure software development. Vulnerability search.
  11. Logging.
  12. Operational security of applications.
  13. API security. Privacy.
  14. Mobile platoforms and mobile application security.
  15. Final exam

Literature

Gary McGraw (2006.), Software Security, Addison-Wesley Professional
James N. Helfrich (2018.), Security for Software Engineers, CRC Press
Asoke K Talukder, Taylor & Francis Group, Manish Chaitanya (2019.), Architecting Secure Software Systems, Auerbach Publications

General

ID 222777
  Summer semester
5 ECTS
L0 English Level
L1 e-Learning
45 Lectures
0 Seminar
0 Exercises
12 Laboratory exercises
0 Project laboratory
0 Physical education excercises

Grading System

88 Excellent
75 Very Good
63 Good
50 Sufficient