Secure Programming
BASIC DATA
course listing
A - main register
course code
ICS0022
course title in Estonian
Turvaline programmeerimine
course title in English
Secure Programming
course volume CP
-
ECTS credits
6.00
to be declared
yes
assessment form
Examination
teaching semester
autumn
language of instruction
Estonian
English
Study programmes that contain the course
code of the study programme version
course compulsory
IVCM25/25
no
IVSB17/21
yes
IVSB17/25
yes
VAMM23/25
no
display more
Structural units teaching the course
IC - IT College
Course description link
Timetable link
View the timetable
Version:
VERSION SPECIFIC DATA
course aims in Estonian
Kursus annab baastasemel ülevaate turvalisest programmeerimisest ja selles kasutatavatest peamistest võtetest ning tehnikatest.
course aims in English
This course provides a basic overview of secure programming and the main techniques used in it.
learning outcomes in the course in Est.
Üliõpilane:
- on kursis turvaprogrammeerimise põhimõistetega;
- on kursis turvaprogrammeerimise kasutatavaimate tehnikatega;
- oskab rakendada turvaprogrammeerimise kasutatavamaid tehnikaid praktiliste ülesannete lahendamisel;
- on kursis turvalise mälukasutuse ja turvakustutamise põhimõtetega;
- oskab turvaprogrammeerimise tehnikaid rakendada kõikide enamlevinud programmeerimiskeelte juures.
learning outcomes in the course in Eng.
Student:
- is familiar with the basic concepts of security programming;
- is familiar with the most-of-spread techniques used in security programming;
- is able to implement the most common techniques for security programming in solving practical problems;
- is aware of the principles of secure memory usage and secure erasing;
- can apply security programming techniques to all the most common programming languages.
brief description of the course in Estonian
Sissejuhatus, põhimõisted. Avatud lähtekood ja turvalisus. Sisendi kontroll ja valideerimine. Väljund, selle ründekindlus. Võidujooksud. Puhvri ületäitumine. Süstimisründed ja muud sarnased ründed. Salajase informatsiooni peitmine. Viidete ja allikate usaldatavus ning usaldamatus. Eriteemad (krüpteerimine, turvaline mälukasutus jms). Mitmekasutajasüsteemide eripära.
brief description of the course in English
Introduction, key concepts. Open source and security. Input control and validation. Output, its attack resistance. Buffer overflow. Injection attacks and other similar attacks. Hiding of secret information. Reliability and distrust of references and sources. Special topics (cryptography, secure memory usage, etc). The peculiarities of multi-user systems.
type of assessment in Estonian
-
type of assessment in English
-
independent study in Estonian
-
independent study in English
-
study literature
1. Mark G. Graff, Kenneth R. van Wyk. Secure Coding: Principles and Practices 1st Edition. O'Reilly, 2003
2. C. Warren Axelrod. Engineering Safe and Secure Software Systems Artech House Information Security and Privacy, 2009
study forms and load
daytime study: weekly hours
4.0
session-based study work load (in a semester):
lectures
2.0
lectures
-
practices
2.0
practices
-
exercises
0.0
exercises
-
lecturer in charge
-
LECTURER SYLLABUS INFO
semester of studies
teaching lecturer / unit
language of instruction
Extended syllabus or link to Moodle or to home page
2025/2026 autumn
Ali Ghasempour, IC - IT College
English
    display more
    2024/2025 autumn
    Ali Ghasempour, IC - IT College
    English
      2023/2024 autumn
      Andres Käver, IC - IT College
      English
        2022/2023 autumn
        Andres Käver, IC - IT College
        English
          2021/2022 autumn
          Andres Käver, IC - IT College
          English
            Course description in Estonian
            Course description in English