Introduction

The Institut d'Informatique is pleased to announce that the Francqui Foundation has attributed a Belgian Francqui Chair on the subject Software Security to Prof. Frank Piessens. The lecture series will take place during spring 2007.

Contents and Scope

Most software developed today runs in an Internet-connected, and hence possibly hostile environment. As a consequence, it is generally recognized that it is important to pay attention to security aspects during the development of software. However, secure software development is hard, for a number of reasons. First, the technologies used to counter security threats are complex. Understanding the security guarantees offered, and the assumptions made by the wide variety of software security technologies available today is challenging. Also, defining the security requirements of a given software product, and realizing these requirements with a selection of security technologies is hard. Finally, implementation bugs in almost any part of a software application can potentially undermine the security of the application.

This lecture series will discuss these issues from the point of view of the software engineer. The most relevant security technologies are described at a level of detail suitable for software architects and developers. Next, security-relevant enhancements of typical software development processes are discussed. In particular, the focus will be on security requirements, on secure design, and on avoiding implementation vulnerabilities.

Course schedule

Each lecture takes place on a Friday, from 14h to 17h, at the Institut d'Informatique of the University of Namur. The opening lecture will be followed by a drink.
  • 16/2: Opening Lecture: The challenge of building secure software
  • 23/2: Software security: the programming language matters
  • 09/3: Fundamentals of authentication and access control
  • 16/3: Cryptography for software engineers: Primitives
  • 23/3: Cryptography for software engineers: Protocols
  • 20/4: Authentication and access control in distributed systems
  • 27/4: Security requirements and secure design
  • 04/5: Implementation vulnerabilities:examples and countermeasures

Frank Piessens

Frank Piessens is a professor at the Department of Computer Science of the Katholieke Universiteit Leuven, Belgium. His research interests lie in software security, including security in operating systems and middleware, architectures, applications, Java and .NET, and software interfaces to security technologies. He is an active participant in both fundamental research and industrial application-driven projects, provides consultancy to industry on distributed system security and serves on programme committees for various security-related international scientific conferences. His scientific publications are available from his homepage.

Frank teaches software security at the Katholieke Universiteit Leuven, and at various academic and industrial conferences. He is responsible for the software security option in the computer science master program of his university, and is the academic coordinator of the Secure Application Development series of courses.

Practical Info

Participation to the lecture series is free of charge. Nevertheless, you are kindly invited to register by sending an email to Mme. Henrard containing your name, affiliation and contact information. If you would like to obtain a visitor's parking card, please include information on make, model and license plate number of your car.

The lectures will take place in room I2 in the building of the Institut d'Informatique (ground floor). See here for more information on how to reach the University of Namur and the Institut d'Informatique.