Back close
Admissions

Course Detail

Course Name Secure Coding
Course Code 24CCE344
Program B. Tech. in Computer and Communication Engineering
Credits 3
Campus Coimbatore, Chennai, Amaravati

Syllabus

Unit 1

Syllabus Introduction – Gauging the threat – Security concepts – SetUID Programs. Strings – Common String Manipulation errors – Improperly Bounded String Copies – Off-by-One Errors – Null Termination Errors – String Truncation – String Errors without Functions – String vulnerabilities – Buffer Overflow – Process memory organization – Stack management – Stack smashing – Mitigation techniques – String handling functions – Runtime protection strategies.

Unit 2

Dynamic Memory Management – C Memory management functions – Common C Memory Management Errors – Initialization Errors – Failing to Check Return Values – Dereferencing Null or Invalid Pointers – Referencing Freed Memory – Freeing Memory Multiple Times – Memory Leaks – Zero-Length Allocations – Mitigation Strategies. Integer Security –Introduction to integer types – Integer Data Types – Integer Conversions – Integer operations – Integer Vulnerabilities – Mitigation strategies.

Unit 3

Formatted Output – Variadic Functions – Formatted Output Functions – Vulnerabilities – Mitigation Strategies. Concurrency – Common Errors – Race Conditions – File I/O – TOCTOU – Mitigation strategies.

Objectives and Outcomes

Pre-Requisite(s): 23CCE103 Computer Programming

Course Objectives
  • This course facilitates learning various techniques for systems and applications programmers to write code securely. 
  • to explore FOR vulnerabilities in code and mitigate.  
Course Outcomes
  • CO1: Understand the common security threats in software applications.
  • CO2: Identify and mitigate the vulnerabilities due to string manipulation errors.
  • CO3: Identify and mitigate the vulnerabilities based on dynamic memory management errors and integer operations.
  • CO4: Identify and mitigate the vulnerabilities due to errors in formatted output functions and concurrency.
CO-PO Mapping
PO/PSO?  PO1?  PO2?  PO3?  PO4?  PO5?  PO6?  PO7?  PO8?  PO9?  PO10?  PO11?  PO12?  PSO1?  PSO2? 
CO? 
CO1?  3?  -?  -?  -?  -?  -?  -?  -?  -?  -?  -?  -?  -? 
CO2?  3?  2?  -?  -?  -?  -?  -?  -?  -?  -?  -?  -?  1? 
CO3?  3?  2?  -?  -?  -?  -?  -?  -?  -?  -?  -?  -?  2? 
CO4?  3?  2?  -?  -?  -?  -?  -?  -?  -?  -?  -?  -?  2? 

Text Books / References

Textbooks
  1. SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems, Software Engineering Institute, Carnegie Mellon University, 2016 
  2. Robert C. Seacord, Secure Coding in C and C++, 2nd Edition, Addison-Wesley, 2013.
References

Wenliang Du, Computer Security – A hands-on Approach, Second Edition, Create space Independent Pub; 2019. 

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now