Applications 2023-02-15 - 2023-08-13
Every sector of the global economy relies on software. This makes software one of the principal targets for state-sponsored groups, military, criminals and other type of adversaries. Such attacks try to exploit insecure code, that is seemingly innocent bugs, which allow the adversaries to obtain unauthorized access to information or to take full control of compromised systems. The purpose of this course is to train software professionals in understanding in depth how insecure code can be exploited. In addition, it will equip them with knowledge in how to defend against this type attacks.
The course begins by analyzing technical, psychological, and real-world factors that lead to production of vulnerable code. This is important knowledge for both developers and managers as it allows them to take actions that mitigate the impact of these factors, both when programming is performed but also during project management.
Software exploits use specially crafted input data to applications and services to leverage logic flaws in the code that processes the input. Typically, the exploits overwrite specific structures in the program memory space, which allows them to bypass access control mechanisms and/or execute code provided as part of the input data. Therefore, a large part of the course is dedicated to understanding how exploits are constructed, essentially learning attackers’ “modus operandi”.
This course provides an understanding of automating software testing using program analysis with the goal of intelligently and algorithmically creating tests. The course covers search-based test generation, combinatorial and random testing while highlighting the challenges associated with the use of automatic test generation.
This course deals with model-based testing, a class of technologies shown to be effective and efficient in assessing the quality and correctness of large software systems. Throughout the course the participants will learn how to design and use model-based testing tools, how to create realistic models and how to use these models to automate the testing process in their organisation.
The aim of this course is to provide participants with the principles behind model-driven development of software systems and the application of such a methodology in practice. Modelling is an effective solution to reduce problem complexity and, as a consequence, to enhance time-to-market and properties of the final product.
Modern web applications can often be described in terms of cooperation and sharing, both on the level of the users of the application and on the level of the application and the service providers. This course covers the most prevalent security challenges of web applications, from a theoretical and practical perspective.
The course will give insights in fundamental concepts of machine learning and actionable forecasting using predictive analytics. It will cover the key concepts to extract useful information and knowledge from big data sets for analytical modeling
The purpose is to give the students an overview of issues and methods for development and assurance of safety-critical software, including details of selected technologies, methods and tools.