CS 4401 (A11): Software Security Engineering
Assignments and Grading

Home | Readings | Assignments | MyWPI | Policies

Course grades will be based on projects/assignments, presentations, and class participation using the following weights:

There are no exams.


Project 1: Turnout Web: Three due dates starting Tuesday, September 6

Project 2: Crypto Protocols -- Due Friday, September 23

Project 3: Turnout-C: Two due dates starting Wednesday, September 28

Project 4: AdSafe: Two due dates starting Friday, October 7

Presentations/Case Studies

During the term, we will explore 15 security-related domains or tools, attempting to understand both the technical and social security issues in each. You will select one of these topics, and in collaboration with another student (or two), you will present it to the class.

The topics vary: some study languages or tools that guard against security problems, some look at modern security problems, some study problems with nontrivial security implications. Two or three students will jointly present each topic.

Expectations for presentations (including starting references)

Student-driven Participation

This is a very hands-on class, with less formal lecturing than you are probably used to. You will be experimenting with breaking and patching code, learning about best practices in security, and exploring security-related questions and tools. I expect you to actively participate in learning and sharing material with other students though in-class presentations, in-class discussions, wiki postings, and the discussion board.

Sample actions you can take to earn participation credit (feel free to propose others):

Participation credit will be earned based on both the effort required and the quality of your work. For example, commenting on someone else's review is worth less than writing the original review. A poorly-written review, or a review that you based directly on something from the the web is worth less than a thoughtful review that frames the issue against the themes raised in the course (a review plagiarized from the web runs you afoul of the academic honesty policy).

The participation system is designed to let you focus on topics within software security and communication styles that are most important to you. Overall, I want you to demonstrate self-driven learning and conveying material to others. Both are essential when you work as part of a team learning a new area.