Part A: Course Overview

Course Title: Secure Software Systems

Credit Points: 12.00

Course Coordinator: Mojtaba Shahin

Course Coordinator Phone: -

Course Coordinator Email: Mojtaba.shahin@rmit.edu.au

Course Coordinator Location: -

Course Coordinator Availability: Contact via email

Pre-requisite Courses and Assumed Knowledge and Capabilities

Recommended Prior Study

It is recommended to have satisfactorily completed the following course/s before you commence this course:

• COSC2531/COSC2976 Programming Fundamentals (Course ID 045682)
• INTE2665/INTE2666 Introduction to Cyber Security (Course ID 056390)

If you have completed prior studies at RMIT or another institution that developed the skills and knowledge covered in the above course/s you may be eligible to apply for credit transfer.

Alternatively, if you have prior relevant work experience that developed the skills and knowledge covered in the above course/s you may be eligible for recognition of prior learning.

Please follow the link for further information on how to apply for credit for prior study or experience.

Course Description

This course aims to provide you with industry-focused knowledge and hands-on experiences to analyse, design, implement, and deploy secure software systems. You will learn, explore, and apply a wide range of industry-focused approaches, practices, (anti-) patterns, and tools at the code, architectural, and infrastructure levels to build secure software systems in the DevSecOps (Development, Security, Operations) environment.

This course includes a Work Integrated Learning experience in which your knowledge and skills will be applied and assessed in a simulated workplace context and where feedback from the industry will be provided. Type of WIL activities involved: simulation of an industrial secure software engineering project.

Objectives/Learning Outcomes/Capability Development

This course contributes to the program learning outcomes for the following program(s):  

MC159 Master of Cyber Security

PLO 1: Apply an advanced and integrated understanding of scientific theories, principles, concepts, and practices in Cyber Security.

PLO 2: Design Cyber Security systems to meet enterprise requirements by employing advanced Cyber Security development tools, techniques and emerging technologies.

PLO 3: Design and implement Cyber Security solutions for contemporary Cyber Security issues using systematic problem solving and decision-making methodologies.

PLO 4: Formulate judgements in a team environment to develop Cyber Security solutions that adhere to organisational governance, professional standards, legal and ethical frameworks.

PLO 5: Communicate and collaborate ideas, threat analysis outcomes, project proposals and deliverables to multi-disciplinary stakeholders in various contexts, utilising a variety of digital platforms and traditional formats

PLO 6: Demonstrate professional integrity, ethical conduct, sustainable and culturally inclusive standards with high level personal autonomy and accountability in designing and implementing Cyber Security solutions.

For more information on the program learning outcomes for your program, please see the program guide.  

Upon successful completion of this course, you will be able to:

1. Apply industry-focused cyber security principles, policies, practices, and tools for building secure software systems in DevSecOps environments. 
2. Develop and analyse security requirements effectively and collaboratively with team members and various stakeholders. 
3. Explain and analyse security vulnerabilities, security code smells, security weaknesses and the root causes in industrial and open-source software systems using appropriate security tools, approaches and practices. 
4. Develop and evaluate software/system architectures and infrastructure resources that incorporate security measures using appropriate industry-focused tools and practice.
5. Investigate the role of secure software in emerging technologies such as AI-based systems, Quantum computing.

Overview of Learning Activities

The main concepts will be introduced via lectorials, covering issues related to the design, implementation, analysis, and deployment of secure software systems based on various approaches, tools, policies, practices, and stakeholders’ viewpoints.

Tutorials/labs will use discussion, case studies, and exercises to reinforce and illustrate the concepts. Some exercises will be individual and assessed, to provide feedback to you on your understanding. Delivery may be face to face, online or a mix of both. 

Learner-directed hours include time spent reading and studying lectorial notes and prescribed readings in order to better understand the concepts; working through examples and case studies that illustrate those concepts; and performing exercises and assignments designed by the teachers reinforce concepts and develop practical skills across a variety of problem types. Major Assignments will provide the opportunity for you to develop practical skills working on tasks performed by software practitioners in the DevSecOps environment, including working in teams to jointly find and fix vulnerabilities in software systems and develop effective technical solutions and communication skills and strategies. Individual Exercises are designed to provide specific feedback on your progress in understanding the core concepts of the course.

Overview of Learning Resources

You are encouraged to bring your laptops and use the freely available software to conduct the laboratories.

RMIT will provide you with resources and tools for learning in this course through myRMIT Studies Course. The learning resources accessible through myRMIT Studies Course include: references to the prescribed textbook, course related material, e-books, journals and databases. . Any software required for the performance of exercises and assignments will be installed for access on RMIT servers and/or available for installation on personal computers/laptops.

There are services available to support your learning through the University Library. The Library provides guides on academic referencing and subject specialist help as well as a range of study support services. For further information, please visit the Library page on the RMIT University website and the myRMIT student portal.

Overview of Assessment

This course has no hurdle requirements.

Assessment Task 1: Industry-focused secure software system project (Team-based)
Weight: 45%
This assessment task supports CLOs 1, 2, 3, 4

Assessment Task 2: Case study on Analysing and improving the security of an existing (open-source) software-intensive software system (individual)
Weight: 35%
This assessment task supports CLOs 1, 3, 4, 5

Assessment Task 3: Report and presentation on DevSecOp model in industry practice (Team-based)
Weight: 20%
This assessment task supports CLOs 1, 3, 5

If you have a long-term medical condition and/or disability it may be possible to negotiate to vary aspects of the learning or assessment methods. You can contact the program coordinator or Equitable Learning Services if you would like to find out more.