SSE-01-Intro-FINAL

Secure Software Engineering: Introduction

  • Course Details: The MSc course on Secure Software Engineering is conducted by Riccardo Scandariato at the Institute of Software Security, Hamburg University of Technology (TUHH), Germany.

Instructors and Assistants

  • Lecturers:

    • Riccardo Scandariato (Main Lecturer)

    • Nicolas Diaz Ferreyra (Lecturer, PBL Coordinator)

    • Emanuele Iannone (Lecturer)

  • PBL Assistants:

    • Catherine Tony

    • Cuong Bui

Security Flaws and Vulnerabilities

  • Understanding Security Flaws:

    • Flaws are defined as weaknesses that can be exploited, corresponding to the CIA+ triad (Confidentiality, Integrity, Availability) along with Accountability, Non-repudiation, and Authenticity.

    • The loss of CIA+ can occur at various stages such as Requirements Gathering, Design, Implementation, and Configuration.

Code-Level Weaknesses

  • Common Types:

    • Implementation Code issues include Stack Overrun, SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).

    • Tools for scanning such vulnerabilities include Coverity, SonarQube, and Bandit.

    • Configuration files for Docker and Kubernetes may contain security issues that can be scanned with tools like Aqua, Trivy, and Snyk.

    • Infrastructure as Code (IaC) vulnerabilities appear in scripts like Terraform and Ansible, which can also be evaluated with Snyk and similar tools.

Security Design Perspectives

  • Design Weaknesses:

    • Weak design choices can lead to security vulnerabilities. Evaluating whether architectural designs are sound is crucial.

    • Common Architectural Weakness Enumeration (CAWE) identifies issues such as:

      • Using weak authentication methods (e.g., API keys)

      • Trust boundary violations, such as inadequate input validation

      • Unprotected storage of credentials

  • Upcoming Topics:

    • Emphasis on security requirements, evaluations against OWASP Top 10 vulnerabilities, and broader legal considerations for security design.

Security Requirements in Software Engineering

  • Critical Requirements:

    • Risks and missing security assumptions can dramatically change the project's security posture. Immediate questions should include whether all security requirements have been defined and understood from the start of the project lifecycle.

  • Importance of Proper Assumptions:

    • Misunderstanding risks associated with low-probability internal threats or false assumptions about traffic encryption can lead to vulnerabilities.

Course Structure and Content

  • Lecture Topics include:

    • Introduction to security process and requirements

    • Secure software design principles

    • Fundamentals of security risk analysis, cover code quality, CI/CD and security tests, and privacy strategies.

  • Project-Based Learning (PBL) involving structured teamwork through various areas centered around security requirements, design, risk assessment, code quality, and privacy engineering.

Training Materials and Tools

  • Resources: Availability of scientific papers, templates, Docker images, case studies related to Privacy and Security in technology contexts like the Metaverse.

  • Work Requirements: Students expected to utilize laptops and adhere to course formats throughout project sessions.

Assessment and Bonus Points

  • Evaluation: Projects in PBL can contribute additional points towards the final exam, with specific attendance and reporting requirements necessary to secure these points.

Course Regulations

  • Communication Guidelines: All communications should take place through email, with specificity regarding course topics and personal identification.

    • An organized wiki on Stud.IP will archive all lectures and supporting materials as well as a structure to provide feedback and progress tracking.

Exam Preparation

  • Coverage of examinations will stem from all provided lecture materials, including slides, labs, and explicitly mentioned articles, with recommended readings for in-depth understanding.

Maturity Models in Software Security

  • Processes Are Key: Different methodologies like Microsoft’s SDL and security maturity models, focusing on areas of intervention and organization, underline the necessity of integrating security within software development processes.

Additional Trends in Software Security

  • Certification and Compliance: New standards, including the EU Cybersecurity Certification Framework, alongside maturity frameworks exemplified in studies such as BSIMM (Building Security In Maturity Model) enhance overall industry standards. This also connects with ongoing efforts within the open-source community for secure practices and compliance efforts.

Conclusion

  • This course aims to equip students with both theoretical knowledge and practical skills to navigate and improve software security throughout the entire development lifecycle, ensuring they are prepared for real-world applications in software design and implementation.