Course Description
This course is the continuation of SEC520 - Cyber Secure Coding With C++.
Producing secure programs requires secure designs. The best software design can lead to insecure programs if developers are unaware of the security pitfalls inherent in programming. This three-day course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation. This course will cover topics and techniques for development of secure C++ programs. Topics will range the gamut from high level security and risk concepts and design strategies to low-level memory access exploitation and injection attacks. General secure development approaches applicable to any language will be discussed, but the course will also focus on C++-specific techniques and pitfalls to avoid. Topics include string management, dynamic memory management, integer security, formatted output, and file I/O.
This course is designed for a developer or architect who is looking for an understanding of today's best practices in secure software development
Course Outline
Memory Access Errors
- Principle: Bounded data sequences
- Stack overflow attacks
- Heap overflow attacks
- Array indexing attacks
- Format string attacks
- Unsafe vs. safe APIs (and standard-compliance issues)
- C++ safer alternatives to C-style pointer buffers
- Runtime checks (e.g., checked STL implementation)
Integer Overflows
- Compiler safeguards and static checking tools
- Principle: Be explicit with numeric subranges
- Integer and floating point overflows
- Two's complement and signed vs. unsigned issues
- The danger of implicit casting rules
- Safe integer libraries
- Compiler safeguards
Input Validation and Injection Attacks
- Principle: Data vs. code and the importance of grammars
- Principle: Untrusted vs. trusted data
- Blacklist vs. whitelist approach
- Dangers in data type conversions
- Regular expression: sometimes helpful, sometimes dangerous
- Parser generators
- Escaping/Quoting data
- Attack scenario: SQL injection
Secure File Handling
- Principle: Input validation (carryover)
- Filename canonicalization (incl. directory traversal & symbolic link attacks)
- Principle: Least privilege & self-constraint
- File permissions and ACLs
- Danger of shared directories
- Timing attacks and fsync
- Closing files when no longer needed
- Chroots and other process namespace restrictions
Cryptography in C/C++
- High-level crypto pieces: ciphers, public key crypto, hashes, HMACs, KDFs & PRNGs
- How NOT to use cryptography!
- The importance of good randomness sources
- Vetted, widely-used crypto protocols (e.g., transport, storage, etc.)
- Respected crypto libraries & tools
- Attack scenario: Weak homebrew encryption
Additional Information
Applies Towards the Following Certificates
- DevSecOps for Software Engineers and Architects Certificate : Choose any Two Courses
Prerequisites
SEC520 - Cyber Secure Coding With C++Duration
2 Days | 4 NightsApplies Towards the Following Certificates
- DevSecOps for Software Engineers and Architects Boeing Certificate : Choose 60 Hours
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.