TDDC90 Software Security
All three labs must be totally finished (and passed by the lab assistant) at 16/12. You will work at your own pace and may work from home, but we reccommend that you visit the lab sessions and try to complete the labs according to the schedule. Note that we reccommend you to do half of the PONG lab, spend one lab session on the STATANY lab, and then continue with PONG again.
The labs will become much easier if you spend some time reading before doing them. You will find reading material on the page with additional reading material.
Lab description: LAB1-PONG-2013.pdf
This is the largest lab in the course. You will be working with several aspects of software security using the same codebase throughout. The following sections contain resources that might be useful when doing the lab. Additional material will be posted throughout the course.
Group number: If you have not received a group number yet, ask your lab assistant.
Update: Exercise 10 has been updated (minor clarifications) at 2013-11-15.
Lab description: LAB2-STATANY-2013.pdf
This is an in-depth lab on static analysis. It will be helpful for you to have done this lab before the static analysis lecture.
Update: Lab files are available in the folders /home/TDDC90/splint_files and /home/TDDC90/rats_flawfinder_files on Marsix.
In this lab you will work with security modeling and risk analysis. This is a theorectical lab which you can do without a computer. We reccommend you to do it before the security modeling lecture.
Lab description: LAB3-MODEL-2013.pdf
Page responsible: Nahid Shahmehri
Last updated: 2013-11-22