Entwicklung sicherer Software

Lecturer Prof. Dr. Maritta Heisel
Jens Leicht, M.Sc.
Type Hybrid
Moodle Course Entwicklung sicherer Software
Syllabus Safety means that a system works without endangering its environment. Security means to protect a system against attacks from its environment. Software must be developed in a way, that the system containing the software fulfills the safety and security requirements. Up to now, safety and security were mostly considered separately. In the near future we will have an increasing number of systems that have to satisfy safety as well as security requirements. This course shows how to construct software that contributes to safety as well as security.
Content in detail:
  • Concept of safety, terminology
  • Concept of security, terminology
  • Typical safety requirements (functional properties)
  • Typical security requirements (confidentiality, availability, integrity, and their refined versions)
  • Interrelationships of safety and security, supplementary and conflicting objectives.
  • Safety and security of systems vs. safety and security of software
  • Threat and risk analysis (including CORAS)
  • Measures to establish safety and security properties (e.g., architectures, infrastructure and protocols)
  • Standards for safety and security (IEC 61508, Common Criteria, ISO 27001)
  • Process for developing safe and secure software (Safety and security objectives elicitation, requirements engineering and analysis, selection of safety and security mechanisms, safety and security mechanisms in the software architecture, implementation and testing issues)
Educational Objecticve The students are able to
  • describe safety and security and explain their interrelationship,
  • explain relationship between safety and security of systems and of software,
  • know and use techniques for specification of security and safety properties,
  • explain the role of standards
  • know and explain techniques to establish safety and security properties,
  • explain how to develop software in a way that security and safety requirements are considered from the beginning
Kontakt jens.leicht[at]uni-due.de