TDDC90 Software Security (6 ECTS)
Literature - Additional
LAB 1: PONG
Here are some papers and other resources on manual code inspection. They are provided as a starting point for you; you are not required to read them all.
|OWASP Code Review Guide (Note that this guide is focused towards reviews of web applications, and not C programs such as Pong.)|
|Jack Ganssle: A Guide to Code Inspections|
|Michael Fagan: Design and code inspections to recude errors in program development (IBM Systems Journal 1976)|
|E.P. Doolan: Experience with Fagan's Inspection Method (Software Practice and Experience 1991)|
The following links to catalogs of vulnerability types may be helpful when trying to figure out what to look for in code reviews.
|CWE - Common Weakness Enumeration|
|CLASP Vulnerability view|
These are two reports on security reviews conducted on electronic voting machine software. These reviews used a combination of methods to arrive at the results.
The following classical paper on how to exploit stack-based buffer overflows may be helpful for the exploit-part of the lab.
|Aleph One. Smashing The Stack For Fun and Profit. Phrack 49, 14. 1996.|
A paper on setuid (useful when fixing PONG).
|H. Chen, D. Wagner, D. Dean: Setuid Demystified (11th Usenix Security Symposium, 2002)|
Vulnerabilities, exploits and prevention
Secure software development and secure design
This list of resources is made available as-is. There may be little or no overlap with what is discussed in the course, however it is a good starting point for those who want to dive deeper into some topics.
|P. Godefroid, M. Levin, D. Molnar. Automated Whitebox Fuzz Testing. Microsoft Research Technical Report MSR-TR-2007-58.|
Software engineering reviews
|1028-2008 - IEEE Standard for Software Reviews and Audits (section 6 only) Available via the LiU-library website.|
Page responsible: Ulf Kargén
Last updated: 2022-10-19