I recently completed a lecture on secure software engineering,
and I guess there a quite a few people on this list who could
make use of some of the material, whether for their own presentations
or simply for teaching themselves.

The lecture was given at Kaiserslautern University of Technology as 
12 lessons of 90 minutes (each comprising about 35 slides) in English; 
note that the accompanying student exercise problems are in German,
The chapters (of varying length, as indicated by their mapping to
are as follows:

01      IT Security and Software Security
02      Fundamental Notions and Definitions
03a     Vulnerabilities and Attacks (Part 1)
03b     Vulnerabilities and Attacks (Part 2) 
04      Security in the Software Development Process
05      Security Requirements Elicitation 
06      Threat Analysis
07a     Security in Architecture and Design (Part 1)
07b     Security in Architecture and Design (Part 2)
08a     Secure Coding (Part 1) 
08b     Secure Coding (Part 2)
09      Quality Assurance
10, 11, 12 Process Models, Usability, and Conclusions 

You can find all the material at

This was the first iteration of my first self-designed lecture; it is 
certainly not perfect yet (in fact I already have some improvements
sketched for the next iteration, such as reorganizing the process
material), so criticism is welcome. 

I know of few comparable lectures world-wide, i.e. university lectures
security specifically from a software engineering viewpoint; so far, I'm
aware of the lectures by Pascal Meunier at Purdue and by Dieter Gollmann

at Hamburg-Harburg;  if you know of any others, I'd be glad to hear
those, too.

Kind regards from Germany,
Holger Peine

Dr. Holger Peine, Project Manager Security
Fraunhofer IESE, Fraunhofer-Platz 1, 67663 Kaiserslautern, Germany
Phone +49-631-6800-2134, Fax -1899 (shared)
PGP key via http://pgp.mit.edu ; fingerprint is 1BFA 30CB E3ED BA99 E7AE
2BBB C126 A592 48EA F9F8

Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to