Skip to content
 Welcome back Badgers!
New Student Orientation Info →

Course Syllabus

SE 4340 Secure Coding Practices

  • Division: Natural Science and Math
  • Department: Computer Science & Engineering
  • Credit/Time Requirement: Credit: 3; Lecture: 3; Lab: 0
  • Prerequisites: SE 4270
  • Corequisites: SE 4450 SE 4620
  • Semesters Offered: Fall, Spring
  • Semester Approved: Fall 2025
  • Five-Year Review Semester: Summer 2030
  • End Semester: Summer 2031
  • Optimum Class Size: 16
  • Maximum Class Size: 24

Course Description

A study of the principles, practices, procedures and methodologies of securely handling, processing and storing data. This course examines practices and patterns related to secure code at various levels of the software stack, from user interface code, back end processing and storage. This course appraises common attack vectors / methods and how to guard against them.

Justification

Understanding security is more important than ever in coding and data storage. Software system breaches are significant to both business and consumers. Security needs to be a focus throughout the entire software development lifecycle. This course is required by the Bachelor of Science in Software Engineering degree.

Student Learning Outcomes

  1. Students will be able to explain security design principles.
  2. Students will be able to apply security principles when they analyze and design projects.
  3. Students will be able to implement projects using security primitives.
  4. Students will be able to utilize tools for security analysis.
  5. Students will be able to evaluate the security of project implementations.
  6. Students will be able to demonstrate an ability to recognize ethical and professional responsibilities in engineering situations and make informed judgments, which must consider the impact of engineering solutions in global, economic, environmental, and societal contexts. (ABET-SLO4)
  7. Students will be able to demonstrate an ability to acquire and apply new knowledge as needed, using appropriate learning strategies. (ABET-SLO7)

Course Content

This course may include the following modules:• Web Application Security & Practices (Examples: SQL injection, cross-site scripting, cross-site request forgery, cookies and hidden form fields).• Implementation Security & Practices (Examples: buffer overruns, string formatting issues, integer overflows, exceptions, command injection, information leakage, race conditions, principle of least privilege).• Cryptographic Security & Practices (Examples: weak passwords, weak cryptography, incorrect cryptography).• Networking Security & Practices (Examples: network security overview, secure network transmission, name resolution).• Vulnerability & risk mitigation, vulnerability assessments, and QA testing.