M7. Secure Software Development

The “Secure Software Development” unit explores the integration of security principles throughout vital stages of software application development, aiming to establish and maintain a sustainable security approach. This unit provides developers with the skills to understand and mitigate security risks in planning, designing, implementing, and maintaining software projects. This unit aims to instill a security-focused culture within the development team and provides the necessary knowledge and skills to make software projects more resilient against cyber threats.

Aim: The aim of “Secure Software Development” is to integrate security principles into the software development process, ensuring the creation and maintenance of secure software applications. This unit seeks to equip developers with secure coding skills, foster understanding and management of security risks, identify and fortify vulnerabilities, enhance security testing and analysis capabilities, and raise awareness about security. Additionally, it aims to instill the practice of secure software development in alignment with industry standards, fortifying software projects against cyber threats.

Learning Outcomes

KNOWLEDGE

K1. Define secure coding practices, common security threats and security standards and frameworks.

K2. Learn secure development lifecycle and configuration management, secure deployment and maintenance.

K3. Determine Vulnerability assessment and penetration testing, encryption and cryptography, secure APIs and integrations.

SKILLS

S1. Experiment with secure coding, vulnerability assessment, security testing, encryption and cryptography.

S2. Construct secure configuration management, deployment and maintenance, and secure API design.

S3. Improve compliance and privacy regulations, and continuous learning.

RESPONSIBILITY AND AUTONOMY

RA1. Take notice, developers have a responsibility to prioritize security in their coding practices.

RA2. Takes decisions on security-related issues during the software development process.

RA3. Manage they must collaborate with security experts and other relevant parties throughout the development process to ensure that security requirements are properly met.