Find us +44 (0)113 2837100
On successful completion of the module, students will be able to:
Demonstrate an understanding of fundamental design and implementation principles that preserve security properties;
Critically appraise security requirements and their role in securing software systems and the data they store and manage;
Predict software security design and implementation flaws;
Produce software products that meet ethical standards when creating, deploying; using, and retiring of software;
Apply static and dynamic testing to large software systems.
This module covers a range of principles, methodologies and processes that enable secure and effective end-to-end software product development and deployment.
The module builds on software design and development skills gained on earlier modules such as COM5003 Further Software Development, teaching students how to develop their code in a way that guards against the accidental introduction of common security vulnerabilities. Students also learn how to deploy applications securely and sustainably using cloud-based platforms such as Azure and AWS and through the application of agile principles. They will practise using tools to monitor and automate deployment tasks, strengthening their understanding of core DevOps principles gained on COM5033 Team Project. Students will also learn about decommissioning/retiring of software and how to remove it without causing security problems and how to use security documentation to avoid and deal with any potential security problems.
Examples of topics covered on the module include:
- Secure development best practices including use of processes and tools such as version control and agile methods in securing applications;
- Securing the build and development pipeline including use of DevOps processes and tools such as continuous integration, containers and build automation;
- Best practices for deploying apps in the cloud;
- Data security and standards;
- Security testing;
- Vulnerability analysis and risk assessment.
Workshops
Hours: 40
Intended Group Size: Cohort
Guided independent study
Hours: 260
Further details relating to assessment
Artefact: As part of the module students design and deliver several software applications. The final product is the one that is marked. Marking reflects the ability to produce work that matches stated requirements for functionality and reliability but focuses on secure design and integration processes deployed.
Written Assignment: This assignment will test the students’ knowledge and problem-solving skills on issues related to secure development and deployment. The assignment will ask them questions with reference to supplied code resources and the students must review the code and respond with their recommendations.
In this module, formative assessment will be used to support the skills that contribute to the assessment. Formative assessment may include coding labs, design and modelling tasks, case study presentations, short quizzes, or specific research tasks. Formative feedback will be an ongoing process within class sessions.
Full details are available in the Module Handbook.
For students studying at Leeds Trinity campus, there are variations to the Taught Programme Academic Regulations, as required by the accrediting body, and these variations are contained within Additional Regulations.
Each assessment component must be passed, in accordance with PSRB requirements.
001 Artefact; 2,000 word equivalent; end of semester 1 50%
002 Written assignment; 2,500 words; end of semester 1 50%
003 Written exam; 3 hours; end of semester 1 %
Module Coordinator - Jim Diokou
Level - 6
Credit Value - 30
Pre-Requisites - NONE
Semester(s) Offered - 6S1