\setcounter{numTAs}{0} \setcounter{totalSections}{2} \def\secNum{{"001","DL1",""}} \def\tenSchFileName{{"","",""}} \def\classTime{{"M from 06:10 pm to 08:50 pm Location: CEER 109","M from 06:10 pm to 08:50 pm Location: TBA",""}} \def\classRm{{"CEER 109","",""}} \def\classLive{{"","",""}} \def\classInstructor{{"Gerard J. Mayer","Gerard J. Mayer",""}} \def\classInstrContact{{"","",""}} \def\classInstrOffHrs{{"","",""}} \def\classInstrLive{{"","",""}} \def\TA{{{""},{""},{""}}} \def\TAEmail{{{""},{""},{""}}} \def\TAOffHrs{{{""},{""},{""}}} \def\TARoom{{{""},{""},{""}}} \newcommand\semester{Spring 2022} \newcommand\rsemester{202230} \newcommand\courseNum{ECE 8492} \newcommand\courseName{Secure Software Development} \newcommand\courseCoordinator{Gerard J. Mayer} \newcommand\credits{3} \newcommand\contactHrs{3} \newcommand\lecture{1} \newcommand\lab{0} \newcommand\undergradCourse{0} \newcommand\isFreshmanCourse{0} \newcommand\isCustomElecPolicy{0} \newcommand\isClassLive{0} \newcommand\isLabLive{0} \newcommand\meetingMiscExists{0} \newcommand\isClassInstrLive{0} \newcommand\isLabInstrLive{0} \newcommand\instrMiscExists{0} \newcommand\hasTARoom{0} \newcommand\meetingDesc{Example: (Two 75-minute lectures)} \newcommand\meetingMisc{Special notes on meeting info go here, if specified} \newcommand\instructorMisc{Special notes on instructor(s), TA(s) go here, if specified} \newcommand\textBookExists{1} \newcommand\textBookReqd{0} \newcommand\textBookMiscExists{0} \newcommand\referencesExist{0} \newcommand\txtBkAuthExists{1} \newcommand\txtBkPublExists{0} \newcommand\txtBkYrExists{1} \newcommand\txtBkISBNExists{1} \newcommand\textBookTitle{Enterprise Software Security: A confluence of disciplines} \newcommand\textBookAuth{Van Wyk, K. R., Graff, M. G., Peters, D. S., \& Burley, D. L.} \newcommand\textBookPub{} \newcommand\textBookYr{2014} \newcommand\textBookISBN{ISBN-13: 978-0321604118} \newcommand\supplMaterials{} \newcommand\refPapers{References go here, if specified} \newcommand\textBookMisc{Special notes on textbook(s) go here, if specified} \newcommand\catalogDesc{Security requirements and design principles for secure software development. Security issues in current applications, database systems and web systems. Identifying vulnerabilities, their impact, and solutions to securing them.} \newcommand\preReqs{ECE 8484} \newcommand\coReqs{None} \newcommand\coreRequirement{Example: Required for BS CPE} \newcommand\courseExpectation{This is a graduate level class focused on making software systems secure starting in the functional, design and requirements stage. You will acquire the knowledge to function as a Security Advisor (SA) on major software development teams. As an SA you will learn to bring the separate mindsets of Software Developers and Security Experts to into one team with shared goals and collaborative development and testing. } \newcommand\ABETOutOne{0} \newcommand\ABETOutTwo{0} \newcommand\ABETOutThree{0} \newcommand\ABETOutFour{0} \newcommand\ABETOutFive{0} \newcommand\ABETOutSix{0} \newcommand\ABETOutSeven{0} \newcommand\covTopics{\item • Developing shared goals and requirements for collaboration between software \item developers and security experts \item • Informing software developers to design, write, deploy, and operate more \item secure software \item • Organizing a software security team before you’ve even created requirements \item • Implementing positive secure software design practices and identifying security \item defects in existing designs \item • Software developers and security experts teaming to include security \item design in code reviews, clarify attack scenarios associated with vulnerable \item code, and validate positive compliance \item • Integrating your new application with your existing security infrastructure \item • Protecting application security during updates and maintenance \item • Moving beyond pentesting (penetration testing) toward more comprehensive \item security testing \item • Real world program examples \item • Security requirements in application fields: Medical, Military, Financial, and \item Homeland Infrastructure \item • High interest secure applications: Cloud, Blockchain, BITCOIN, MLS, and \item Key management } \newcommand\isScheduleExternal{0} \newcommand\isScheduleCommon{1} \newcommand\scheduleRows{4} \newcommand\scheduleCols{3} \newcommand\scheduleHeight{1} \newcommand\schedule{\begin{table}[h!] \centering \caption*{Tentative Schedule for \textbf{All Sections}} \vspace{0.05in} {\renewcommand{\arraystretch}{1.5} \small \begin{tabularx}{\linewidth}{c|l|X} \toprule \large \textbf{Week or Date} & \large \textbf{Topics or whatever} & \large \textbf{Reading or whatever}\\ \midrule \midrule 1 & Introduction & Chapter 1\\ 2 & Stuff... & \\ ... & & \\ \bottomrule \end{tabularx} } \end{table}} \newcommand\gradingPolicy{Grading policy here \\ \\ Letter grade scale: A(94--100), A--(90--93), B+(87--89), B(83--86), B--(78--82), C+(74--77),\\ C(70--73), F(<70)} \newcommand\HWandLabPolicy{Homework and/or lab policies go here} \newcommand\AttendancePolicy{\textcolor{red}{State here if attendance is mandatory or not for your class. Provide a description of what it means to be present (e.g. seated and ready to go, or just in the room; be explicit).}} \newcommand\ElectronicsPolicy{\textcolor{red}{Since you opted for a customize electronics policy, you should edit this part. Your policy should address your general stance on recording of class sessions and the circumstances under which recording will be allowed or prohibited. If you generally prohibit recording, yet allow recording of certain classes for some reason, then ypu should notify all students that those classes will be recorded. If recording is permitted as an ADA accommodation for a student, you obviously should not identify that student(s).)}}