What I have learnt
We started with the introduction to secure software development concepts to be used in the entire module. We explored various approaches to software development that included the waterfall and agile approaches with a focus on secure software development. We looked at various UML tools and standards used to develop secure systems. To me all this points out that to develop a secure software, one needs to be aware from the beginning and the choice of the tools used will simply fall in place.
Then we looked at UML modelling to support secure system systems development planning, this was a practical unit where we looked and a piece of software and identified a weakness that can lead to a security breach to occur. I gained a sense of awareness that integrating secure software development should be practiced at every stage in agile process.
We had a look at Programming languages, history, concepts and design. I personally feel that it is important as a computer scientist to understand programming languages in depth as this may lead to you as a developer to make the right choices depending on the assignment you have at hand.
We then looked at exploring programming language concepts on system security where we looked at regular expressions and recursion. Regular expressions are extensively used to process strings which makes it easy for developers to use ( Larson (2018)). Regular expressions are used in searching, validate data on web page form and processing data. Understanding regular expressions is really important in secure systems development because of some risks associated with lack of understanding in the implementation of regex
We were introduced to testing of software for both quality and for security. As we are developing software, we also need to know whether what we are developing meets the security standards that we want. I think this is really important because it touches areas like developing a test plan, understanding industry software testing standards and know different testing techniques. My approach to developing secure systems will take into consideration these testing plans and techniques to ensure that the product we developing really meet the security standards.
We learned how to use linters to support python testing and improve on python errors and style violation. I feel that the use of linters is very important because it helps with developing code of good quality and also helps in correcting python code to ensure that it is free from errors, a quality that is quite important in secure software development.
Having looked at all the necessary tools that we use to design, develop, test and check our software for quality, it was important to look at operating systems and their relationships to programming languages and security. We looked at the types and functions of operating systems. We looked at approaches to make operating systems more secure, the risks and vulnerabilities associated with operating systems. The aim of this unit was to help us understand the implications, risks and challenges in selecting an operating system. After this we looked at cryptography and its use in operating systems. All this summed up really well for me as it is important to know what to consider when you are doing a project. Selecting tools alone is not important, but understanding how those tools work together is really important to create secure software.
We looked at developing an API for a distributed environment where we were investigating the application of CRUD capabilities in python, looked at ontology and further our knowledge of python libraries. We also looked at a variety of systems architectures which exist today in order to gain an understanding as to why systems have evolved and recognize the security issues met along the way
We went on to check the future trends in secure software development where topics covered in all the units converge and a roadmap of where the technologies fit together, emerging trends and areas for investigation and further reading.