DD2525 Language-Based Security 7.5 credits
Education cycleSecond cycle
Main field of studyComputer Science and Engineering
Grading scaleA, B, C, D, E, FX, F
Spring 20 P4 (7.5 credits)
Language of instruction
Form of study
Number of places
Musard Balliu <email@example.com>
Students admitted to a master's programme.
Part of programme
Intended learning outcomes
After passing the course, the students should be able to:
- explain and apply program language based concepts for computer security,
- identify strengths and weaknesses of language based protection mechanisms in such domains as web applications, mobile applications and database systems,
- apply best practices of secure programming to design and implement more secure software,
- explain and apply principles of such language-based protection mechanisms as access control, capabilities, static analysis and runtime monitoring,
- explain differences between security policy specifications and enforcement security mechanisms,
- reflect upon security, functionality, usability and efficiency trade offs in the design of formal security requirements,
- use methods from stete-of-the-art research in the area of programming languages and security in order to:
- as security expert be able to identify security threats and propose countermeasures,
- independently design and implement software systems that embrace security from day one,
- contribute to the society by increasing the consumers' trust in software technologies.
Course main content
- Introduction to language based security.
- Basic principles, models and concepts for computer security.
- Software security by information flow control.
- Web application and database security.
- Security for mobile applications.
- Hot topics in computer security.
- State-of-the-art in programming language for safety.
Completed course DD2395 Computer Security 6 credits, or equivalent course.
Information about the course literature will be announced in the course memo.
- LAB1 - Laboratory work, 4.5, grading scale: A, B, C, D, E, FX, F
- PRO1 - Project, 3.0, grading scale: A, B, C, D, E, FX, F
The examiner decides, in consultation with KTH's coordinator for disabilities (Funka), about possible adapted examination for students with documented, permanent disabilities. The examiner may permit other examination format for re-examination of individual students.
Requirements for final grade
EECS/Theoretical Computer Science
Course syllabus valid from: Autumn 2019.
Examination information valid from: Autumn 2019.