About this course
Engineer software that is correct, testable, and secure by design, integrating quality assurance and application-security practices throughout the development lifecycle.
Course format. Thirteen weeks, four contact hours each: a two-hour lecture (concepts and theory) and a two-hour practice session. The course is project-based; teams carry one running project end to end and present it three times, in weeks 5, 8, and 13.
What you will build
Hardened a web application end to end: threat-modeled it with OWASP Threat Dragon, remediated OWASP Top 10 risks, and built a GitHub Actions CI pipeline gating on Semgrep SAST, OWASP ZAP DAST, and dependency scanning, with OpenTelemetry, Prometheus, and Grafana enforcing service level objectives.
Expected outcomes
- Explain the principles of secure software development across the lifecycle
- Analyze the OWASP Top 10 risks and apply secure coding countermeasures
- Construct threat models using data-flow diagrams and trust boundaries
- Evaluate dependency and supply-chain risks and apply provenance controls
- Apply SAST and DAST tooling and interpret their findings critically
- Design automated test suites grounded in coverage and fault-based theory
- Build continuous integration and delivery pipelines with quality gates
- Conduct effective code reviews focused on correctness and security
- Instrument systems for observability with metrics, logs, and traces
- Reason about reliability using service level objectives and error budgets
Key topics
- Automated testing & CI
- Secure coding (OWASP)
- Code review & static analysis
- Reliability & observability
Theoretical foundations
The concepts and results this course rests on.
- Saltzer and Schroeder protection principles and least privilege
- STRIDE threat modeling over data-flow trust boundaries
- Coverage criteria and fault-based testing theory
- Static data-flow and taint analysis with soundness trade-offs
- Trusting-trust and supply-chain integrity reasoning
- Service level objectives, error budgets, and reliability theory
- High-cardinality telemetry and the three pillars of observability
Prerequisites
This is a Year-3 course. It assumes the mandatory CS core: data structures and algorithms, operating systems, computer networks, databases, software engineering, and the core mathematics (linear algebra, probability and statistics, calculus, discrete mathematics). It additionally requires the specific prior courses listed below.
Course-specific prerequisites:
- Software engineering and object-oriented programming
- Basic computer networks and web applications
Weekly schedule 13 weeks · lecture + practice
Security Foundations
Wk 1
Secure Development and Threats
LectureIntroduce security principles, the CIA triad, attacker models, and the secure development lifecycle.
PracticeAudit the starter project, enumerate assets, and set up the repository and toolchain.
ProjectProject repository, threat scope, and security baseline are established.
Wk 2
OWASP Top 10 and Secure Coding
LectureExamine injection, broken access control, and cryptographic failures with their root causes.
PracticeFind and fix seeded OWASP Top 10 vulnerabilities in the project code.
ProjectProject passes a first pass of OWASP Top 10 remediation.
Wk 3
Threat Modeling
LectureTeach STRIDE, data-flow diagrams, trust boundaries, and risk prioritization theory.
PracticeProduce a threat model of the project with prioritized mitigations.
ProjectA documented threat model with a mitigation backlog is delivered.
Testing and CI
Wk 4
Software Testing Foundations
LectureCover test oracles, coverage criteria, equivalence partitioning, and fault-based testing theory.
PracticeWrite unit and integration tests guided by coverage criteria for the project.
ProjectProject gains a baseline automated test suite with measured coverage.
Wk 5
Specification MilestonePresentation
LectureReview test strategy, security requirements, and how quality attributes shape design.
PracticeStudent teams present their project specification: security requirements, threat model, and test and reliability plan.
ProjectApproved specification with security and quality goals is delivered.
Wk 6
Continuous Integration and Delivery
LectureDiscuss pipeline theory, deployment automation, and the economics of fast feedback.
PracticeBuild a CI pipeline that runs tests and blocks merges on failures.
ProjectProject has a CI pipeline enforcing tests on every change.
AppSec in Depth
Wk 7
SAST and Static Analysis
LectureExplain static analysis theory, data-flow and taint tracking, and false-positive trade-offs.
PracticeIntegrate a SAST scanner into the pipeline and triage its findings.
ProjectPipeline runs static security analysis as a gated stage.
Wk 8
Interim Demo MilestonePresentation
LectureCover dynamic analysis and fuzzing concepts and how they complement static testing.
PracticeStudent teams present an interim demo of the secured project, its pipeline, and current findings.
ProjectSecured project with working CI and analysis is demonstrated.
Wk 9
DAST and Dependency Security
LectureExamine dynamic scanning, software composition analysis, and supply-chain provenance models.
PracticeRun DAST against the project and add dependency and SBOM scanning.
ProjectProject enforces dynamic and dependency security checks.
Wk 10
Code Review and Secure Authentication
LectureDiscuss review effectiveness research, authentication, session management, and access control design.
PracticeConduct structured peer code reviews and harden authentication in the project.
ProjectProject has reviewed code and hardened authentication and access control.
Reliability
Wk 11
Reliability and SRE
LectureIntroduce service level objectives, error budgets, and reliability engineering principles.
PracticeDefine SLOs for the project and add resilience to a critical path.
ProjectProject defines SLOs and improves a critical-path failure mode.
Wk 12
Observability
LectureCover the three pillars of observability and the theory of high-cardinality telemetry.
PracticeInstrument the project with metrics, logs, and traces plus alerting.
ProjectProject emits structured telemetry with dashboards and alerts.
Capstone
Wk 13
Final Demo and DefensePresentation
LectureSynthesize secure, tested, and reliable engineering and review the full quality pipeline.
PracticeStudent teams present the final demo with an oral defense of security, testing, and reliability decisions.
ProjectFinal secure and reliable system is delivered with documentation and defense.
AI tools in this course.
Students use AI assistants to generate and refactor application code, then turn the same tools on themselves to find and remediate OWASP Top 10 weaknesses through guided code review. They prompt AI to expand unit and integration suites, propose equivalence classes and edge cases, and draft GitHub Actions pipeline steps that wire in Semgrep, OWASP ZAP, and dependency scans. Agents connected to repository and scanner MCP servers help triage SAST and DAST findings, separating real issues from false positives. AI further helps analyze telemetry and error budgets, but every security fix and test is verified by the team, since vibe-coded changes can quietly introduce new attack surface.
Student project
Teams take one web application and engineer it to be secure, tested, and reliable end to end. They threat-model it, remediate OWASP Top 10 risks, build a CI and CD pipeline with SAST, DAST, and dependency scanning, and add observability and service level objectives. Application security is revisited every week as new attack surfaces appear.
Requirements
- Build a working system, not a set of disconnected exercises.
- Be original: a new system that solves a real problem, not a re-implementation of a tutorial or course demo.
- Show real depth: real data, real users or realistic load, and engineering trade-offs that are measured rather than assumed.
- Carry one running project from specification to a deployed, defensible result across the whole term.
- Work in a team of three or four and defend the design at each of the three presentations (weeks 5, 8, and 13).
Example projects
Online banking demo appHealthcare records portalE-commerce checkout serviceIdentity and login providerIssue-tracking platformFile-sharing applicationSurvey and forms platformBooking and reservations system
Assessment & grading
Grading is project-based, with no written exam. Teams of three or four present one running project three times.
| Component | What it covers | Weight |
|---|---|---|
| Project · Specification | Presentation 1 (week 5): problem, objectives, and architecture | 20% |
| Project · Interim | Presentation 2 (week 8): the working system demonstrated live | 30% |
| Project · Final | Presentation 3 (week 13): end-to-end demo with oral defense | 50% |
Tools & platforms
- JUnit or pytest: write unit and integration tests
- GitHub Actions: run continuous integration pipelines
- OWASP ZAP: perform dynamic application security testing
- Semgrep: run static application security testing
- Snyk: scan dependencies for known vulnerabilities
- OWASP Dependency-Check: detect vulnerable libraries
- Trivy: scan images and generate software bill of materials
- OWASP Threat Dragon: build and document threat models
- OpenTelemetry: instrument services for traces and metrics
- Prometheus: collect reliability metrics and define alerts
- Grafana: visualize service level objectives and telemetry
Free online courses
Existing free, video-based courses this course can build on, for self-study or as a teaching basis.
- YouTubeLearn Jenkins by Building a CI/CD Pipeline (Full Course)
- CourseraSecure Coding: SSDLC, OWASP and SonarQube Essentials
- YouTubeTesting JavaScript with Cypress (Full Course)
In Hebrew · בעברית
- Campus ILSuper QA - בודק תוכנה
- Campus ILWebSec - אבטחת יישומי ווב
Primary literature
Seminal works to read for graduate-level depth.
References
Books and resources link to an online or publisher page.
- DocumentationOWASP Top 10 Web Application Security Risks
- TextbookThreat Modeling: Designing for Security
- TextbookWeb Application Security: Exploitation and Countermeasures for Modern Web Applications, 2nd Edition
- TextbookIntroduction to Software Testing, 2nd Edition
- TextbookContinuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation
- TextbookSite Reliability Engineering: How Google Runs Production Systems
- TextbookObservability Engineering: Achieving Production Excellence
- DocumentationSecure Software Development Framework (SSDF) Version 1.1, NIST SP 800-218
Role in each concentration
| Concentration | Role |
|---|---|
| Intelligent Software Systems | Core · Semester 1 |
| Networking & Cyber Security | Core · Semester 1 |
| AI & Robotics | Elective |
| AI and Quantum Computing for Finance | Elective |
| Immersive Systems & Game Development | Elective |
| Defense Technologies & Autonomous Systems | Elective |