Course Description
Short Course | 18 hours | 1.8 CEUs | $2,295
Producing secure programs requires secure designs. The best software design can lead to insecure programs if developers are unaware of the security pitfalls inherent in programming. This three-day course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation. This course will cover topics and techniques for development of secure C++ programs. Topics will range the gamut from high level security and risk concepts and design strategies to low-level memory access exploitation and injection attacks. General secure development approaches applicable to any language will be discussed, but the course will also focus on C++-specific techniques and pitfalls to avoid. Topics include string management, dynamic memory management, integer security, formatted output, and file I/O.
This course is designed for a developer or architect who is looking for an understanding of today's best practices in secure software development
SEC520 is the second course in the C++ Programming advanced Certificate. To complete the certificate students will also enroll in SWD425. Click on each course link for more details and to add to cart.
Course Outline
- Introductory Topics and Principles of Security during the entire application lifecycle
- Security assumptions
- Thinking like an attacker
- Security is always a trade-off: Contemplating risk
- Principles of complexity and self-constraint
- Principle of segmentation
- Principle of least privilege
- Principle of trusted/untrusted code - Failing securely
- Layering security
- Design level attacks
- Implementation level attacks
- Deployment level attacks
- Memory Access Errors
- Principle: Bounded data sequences
- Stack overflow attacks
- Heap overflow attacks
- Array indexing attacks
- Format string attacks
- Unsafe vs. safe APIs (and standard-compliance issues)
- C++ safer alternatives to C-style pointer buffers
- Runtime checks (e.g., checked STL implementation)
- Integer Overflows
- Compiler safeguards and static checking tools
- Principle: Be explicit with numeric subranges
- Integer and floating point overflows
- Two's complement and signed vs. unsigned issues
- The danger of implicit casting rules
- Safe integer libraries
- Compiler safeguards
- Input Validation and Injection Attatcks
- Principle: Data vs. code and the importance of grammars
- Principle: Untrusted vs. trusted data
- Blacklist vs. whitelist approach
- Dangers in data type conversions
- Regular expression: sometimes helpful, sometimes dangerous
- Parser generators
- Escaping/Quoting data
- Attack scenario: SQL injection
- Secure File Handling
- Principle: Input validation (carryover)
- Filename canonicalization (incl. directory traversal & symbolic link attacks)
- Principle: Least privilege & self-constraint
- File permissions and ACLs
- Danger of shared directories
- Timing attacks and fsync
- Closing files when no longer needed
- Chroots and other process namespace restrictions
- Cryptography in C/C++
- Intro to cryptography: Actors, Communication & Secrets
- High-level crypto pieces: ciphers, public key crypto, hashes, HMACs, KDFs & PRNGs
- How NOT to use cryptography!
- The importance of good randomness sources
- Vetted, widely-used crypto protocols (e.g., transport, storage, etc.)
- Respected crypto libraries & tools
- Attack scenario: Weak homebrew encryption
Prerequisites
- The course assumes basic C and C++ programming skills but does not assume an in-depth knowledge of software security.
- CLA200 – Programming in C++ or equivalent experience is required.
Duration
18 hours | 3 Days or 6 NightsApplies Towards the Following Certificates
- C++ Programming Advanced Certificate : core
- DevSecOps for Software Engineers and Architects Certificate : Choose 60 Hours
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.