Software Engineering Research
Courses Taught Last Five Years (2006-2011)
CSC591 Software Security (Fall 2009, Fall 2010, Fall 2011, Fall 2012, Fall 2013, Fall 2014) [graduate level; course resources]
Software Security introduces students to the discipline of designing, developing, and testing secure and dependable software-based systems. Students will be exposed to the techniques needed for the practice of effective software secruity techniques. By the end of the course, a student should be able to do the following things:
- Security risk management. Students will be able to assess the security risk of a system under development. Risk management will include the development of formal and informal misuse case and threat models. Risk management will also involve the utilization of security metrics.
- Security testing. Students will be able to perform all types of security testing, including fuzz testing at each of these levels: white box, grey box, and black box/penetration testing.
- Secure coding techniques. Students will understand secure coding practices to prevent common vulnerabilities from being injected into software.
- Security requirements, validation and verification. Students will be able to write security requirements (which include privacy requirements). They will be able to validate these requirements and to perform additional verification practices of static analysis and security inspection.
CSC326 Software Engineering (Fall 2006, Fall 2007, Fall 2008, Fall 2009, Fall 2011) [undergraduate level]
Software Engineering introduces students to the discipline of developing useful and high-quality software-based systems. Students will be exposed to the techniques needed for the practice of effective software engineering as well as the skills required to succeed as a software professional. By the end of the course, you should be able to do the following things:
- Testing. Students will be able to write and execute a comprehensive black box test plan, to write and execute white box tests, to automate both black and white box tests, and to conduct a software inspection.
- Design. Students will be able to create a design for a small to medium object-oriented program and to evaluate the quality of their design through heuristics and metrics.
- Design Patterns. Students will be able to understand and apply design patterns in creating a small to medium object-oriented program.
- Requirements. Students will be able to understand and create a software requirements document, including security and privacy requirements.
- Software Process. Students will be able to understand the essential components of a software development process and how to devise a software development process appropriate to the project under development.
- Communication and Teamwork. Students will be able to work in small project teams to complete a medium-sized project.
- Project Management/Risk Management. Students will be able to manage project tasks (project management) including risks associated with a medium sized project.
- Maintenance. Students will be able to understand various types of software maintenance.
CSC712 Software Reliability and Testing (Fall 2006, Fall 2007) [gradulate level]
This course introduces software reliability processes, reliability growth models and shows techniques to improve and predict software reliability. Concepts such as defining necessary reliability, developing operational profiles, techniques to improve and predict software reliability, preparing and executing black box testing, white box testing, unit testing, system testing, and integration testing will be explained. By the end of the course, a student should be able to do the following things:
- Software testing. Students will be able to apply white-box and black-box testing techniques and automation tools as dynamic software verification techniques.
- Reliability estimation. Students will be able to estimate the reliability of a project and reason about the implications of the reliability estimate and corrective actions .
- Test planning. Students will combine appropriate testing techniques to the development of a comprehensive test plan for the development of a reliable and secure system.
- Root cause analysis. Students will be able to analyze the root causes of software faults and the implications of actual software reliability via retrospective and metric analysis.