Development of Safe and Secure Systems

Short Name
Entwi. Sicherer Systeme
Module Code
II2020
Module Coordinator
  • Prof. Dr. Alexander Dworschak
Teacher
  • Christian Wenzel-Benner
Short Description

The module introduces the pitfalls of software and hardware development (and their interactions) in the context of systems that have to be both safe against accidents and secure against malicious tampering.

Learning Objectives

Students know the typical causes of errors and security issues of software and know to to avoid them. The value of ISO standards is understood w.r.t. a concrete programming language, as are the subtle but dramatic issues that can afflict software which does not adhere to the relevant standards. Students are capable of solving a safe/secure development challenge on a hardware prone to failure and attack and can explain and defend their solution to the other course participants.

Contents
  • Introduction: damages cause by software errors, hacked computers, vehicles, industrial plants and the different between safety and security
  • The idea behind efficient compiled programming languages
  • Typical issues of compiled programming languages
  • Successful attacks in the past
  • How to prevent typical problems by adhering to coding standards
  • How to protect data in electronic memories (e.g. RAM) and on digital communication lines
  • Tools that support these activities
Duration in Semester
1
Instruction Language
German
Total Effort
6.0 CrP; an estimated 180 hours, of which approximately 60 are spent in class.
Weekly School Hours
4
Method of Instruction

Seminaristischer Unterricht 2 SWS; Praktikum 2 SWS

Requirements for the awarding of Credit Points

Examination prerequisite: Regular attendance (at least 80% of the time)

Examination: Successful completion of the development challenge as a team and an individual short test on key points.

Availability
Yearly
References
  • Steve Maguire: Writing Solid Code
  • Robert C. Seacord: Secure Coding in C and C++
  • ISO/IEC 9899:1999: Programming languages – C
  • Robert C. Seacord: The CERT C Coding Standard
  • Armin Biere et.al: Digitaltechnik — Eine praxisnahe Einführung, Springer
  • Klaus Wüst: Mikroprozessortechnik, Vieweg+Teubner
Prerequisite Modules