Back to Course List

Security Assurance

Course Description

The course will introduce the assurance case as the basis for trusting that a system will correctly enforce a security policy. It will cover how to create an assurance case, assurance techniques for each stage of the system life cycle, and the strengths and weaknesses of each technique. The course will explore capability maturity models, threat modeling, modularization and layering, secure programming, security testing, covert channel analysis, and secure system operation and maintenance. It will provide introduction to formal methods as applied to security, and look at balancing cost and risk in building an assurance argument, demonstrating the difficulty of measuring security and assessing risk.


3 units