ENPM697

Prerequisite: Permission of instructor; or (ENPM691 and CMSC106). And permission of ENGR-CDL-Office of Advanced Engineering Education. Credit only granted for: ENPM808K or ENPM697. Formerly: ENPM808K. As software gets more complex, there is even more potential for vulnerabilities to remain in the production version. While traditional and emerging software testing methods are very good at detecting a large majority of "bugs" in the software, modifications to the methods are necessary to ensure vulnerabilities related to security are discovered and mitigated prior to release. In industry, there is also a cost-benefit analysis that determines the limits to pre-release testing, further enforcing the need to uniquely identify security vulnerabilities, potentially prioritizing their correction over other vulnerabilities. This course will cover methods of building security in from the beginning of development and testing the resulting software to ensure security vulnerabilities are detected. The course will use a mixture of textbook principles and research papers to cover the concepts. Students will also complete a course project.