TIETS38 Testing, Security and Trust, 5 ECTS – Faculty of Natural Sciences

Student's Guide | Curricula Guides | Teaching Schedules | Suomeksi

Tampere University:

Curricula Guides 2018–2019

Archived Curricula Guide 2017–2019

Curricula Guide is archieved. Please refer to current Curricula Guides

▪ Curricula Guides » Faculty of Natural Sciences 2017–2019 » Optional Course Unit in Software Development

TIETS38 Testing, Security and Trust 5 ECTS

Organised by

Degree Programme in Computer Sciences

Corresponding course units in the curriculum

School of Information Sciences
Curricula 2015 – 2017

TIETS38 Testing, Security and Trust 5 ECTS

Belongs to following study modules

General description

Software and security testing have recently moved their focus beyond the realm of network port scanning to include software and user behavior as critical aspects of information systems behavior and trust. The ongoing development of web-based systems and the increasing number of end-users have given rise to new issues for attention in interactive technologies and software development. Testing for security and trust is increasingly required to assure the quality (e.g. correctness, consistency and reliability) of software systems. Software quality assurance techniques for information systems security and trust are often misunderstood and their scope is not holistically viewed. Adequate testing goes deeper than simple black-box probing on the presentation layer (the sort performed by the so-called application security tools) and even beyond the functional testing of security aspects. Testers for trust and security must use many testing approaches, grounded in both the system's architectural reality, the possible future pitfalls and the end-users? sense of trust and requirements for security. Moreover, by identifying risks in the software systems and creating tests driven by those risks, a software trust/security tester can properly focus on those areas of design and code in which trust requirements will evolve. A multi-view approach to testing could provide a higher level of software security, quality assurance and increase reliability for various stakeholders and end-users.

Learning outcomes

The course?s main objectives are that i) the students become acquainted with a variety of testing techniques and ii) the interconnections of testing to the concepts and quality features of security of software and trust of information systems.
The learning outcomes of the course, next, provide a more detailed content and context-specific outline. Upon completion of this course, the course participants are expected to be able to:
LO1: Be aware of testing techniques, software tools and information systems development methodology that offer testing and enhance security, trust and software/total quality of information systems in general.
LO2: Analyse and evaluate security and other risks (e.g. in various lifecycle phases, project management) by utilising scientific thinking, pattern/antipattern knowledge and expertise in order to facilitate decision making and trust.
LO3: Create appropriate testing procedures and trust management techniques (e.g. use cases, test cases, patterns/antipatterns) and utilize them with problem solving strategies, in different application domains i.e. in business innovation, online identity management and other.
LO4: Have knowledge of and use appropriately (ethically and professionally) a variety of testing methods, techniques and tools and provide argumentation and justification on their suitability, e.g. black-box testing v white-box testing in anti-phishing technology design.
LO5: Understand and critically discuss the strengths and limitations of testing techniques, and security testing in particular in different application domains, e.g. risk analysis, trust management, use of social media, computer crime and the list can go on.
LO6: Systematize knowledge acquired from a variety of examined case studies of safety-critical systems, i.e. railway accidents, Arianne-5, nuclear plants, design of the Olympic games information systems, airline flight security, online identity construction, where testing, security and trust were proved

The course will refer to the following topics: software quality assurance (basic concepts), software testing (basic techniques), security & trust requirements, software reliability, correctness, consistency and completeness of systems requirements, formal computational models of testing, security and trust, software tools and their contribution to testing, online identity theft (phishing) ...
Main questions handled: Some of the main questions that the course will deal with throughout its delivery are the following: What are testing, security and trust? What can be tested, secured and trusted and what not? How testing can be carried out? How security and trust could be assured? Why is it important to test? When to test? For whom is testing? When is (automated) testing needed - who requires it and who does not?

Further information on prerequisites and recommendations

The course is at Advanced MSc/Ph.D. level. The course participants should, at least, have the basic software development knowledge of e.g. programming languages, methods and tools, software quality models and testing concepts. The course is suitable for the second year MSc students and doctoral level students.