Welcome
Welcome to CITS3007 Secure Coding
Welcome to the website for CITS3007 in 2024. Unit material (lecture slides, lab worksheets, and assessment details) for this unit will be published on these pages, and not on the LMS; but refer to the LMS for recorded lectures and the unit outline.
Do not rely on the Unit Outline for exact assessment due dates: dates for assessments are listed on this site on the unit Schedule (as well as on the Assessments page), and any changes will be published here, as well as being announced on the unit discussion forum.
On this page:
Quick links
| See below for quick details of the weekly activities for the unit, and see the Schedule for a guide to what will be covered in what week. (There’s also a link to the schedule at the top of every page.) | |
| See the list of Frequently Asked Questions. | |
| See the Assessments page. | |
| See the “Examinable topics” section of the Frequently Asked Questions page. | |
| You can find them on the Resources page. (There’s also a link to it at the top of every page.) | |
| Check the Frequently Asked Questions list, and if your question
isn’t answered there, make a post on the discussion forum
for the unit, help3007 –
that way, all students can benefit from answers to your questions. (Or, if it’s not a topic suitable for the forum, feel free to email me instead.) | |
| See the assumed knowledge for students taking this unit, below, and note that a prerequisite for this unit is the completion of 12 points of programming units. |
Unit overview
This unit covers computer security topics including:
- memory safety
- input validation and and inter-process communication
- race conditions and file operations
- cryptography best practices; and
- development best practices.
Unit Coordinator
Office | Rm G.08, CSSE Building |
cits3007-pmc@uwa.edu.au | |
Availability | I work half-time at UWA, and am normally only on campus on Tuesdays, Thursdays, and Wednesday afternoon. |
Consultation | Email cits3007-pmc@uwa.edu.au for an appointment, or visit my office between 4–5pm Wednesday. Students are also welcome to speak to me after the lectures. At busy times of semester, I may need one or two business days’ notice to schedule an appointment. |
Weekly activities
(Note that there are no labs in week 1, beginning Mon 26 February; labs don’t start until week 2)
- Lecture
-
There is one two-hour lecture each week (starting in week one), at Wednesday 12 noon in the Weatherburn Lecture Theatre (Maths Building, room G.40).
I strongly recommend you attend lectures in person – they provide the best forum for asking questions about the unit content and clarifying your understanding. Lectures are recorded, so if you cannot attend, you can also watch the recorded lecture (accessible via the UWA Blackboard LMS).
Lecture slides are published here on this website.
- Labs
-
You should attend one lab each week, starting in week two.
However, as long as there is room available for you, you are welcome to attend other sessions as well.One of the lab facilitators will be available to assist you with the lab material and answer questions. (See “Who’ll be helping in labs?”.)
Please make use of the lab facilitators! One of the best ways to gauge how well you understand a topic, or to find out if you are “on the right track” for a project, is to discuss them with the lab facilitators.
Laptop requirement: This unit requires software that isn’t permitted to be installed on UWA servers, so you will need to use your own laptop when attending labs, and have an Ubuntu Linux C development environment available on them. This will be discussed in more detail in the first lab.
Windows, Mac OS or Linux laptops are all acceptable. Financial assistance is available from the University to students who are unable to purchase a laptop due to financial hardship – see the FAQ for more details.
Lab worksheets are published here on this website.
- Moodle exercises
-
Periodically, I’ll post (unassessed) exercises on the school’s Moodle server. You can complete these in your own time, and they will help you improve your understanding of secure coding concepts. (All assessments will be completed using the Moodle server, too.) More information about these will be available in the first lab.
You can always get full details of lecture and lab times and venues by visiting UWA’s Timetable site. (If the information for CITS3007 is not visible, then enter “CITS3007” in the box labelled “Unit search”, and then click “Show timetable”.)
(Note, however, that in addition to all the labs that are running, the Timetable site may also show some lab sessions which are not yet running, due to insufficient demand – check with the Unit Coordinator if you want to be sure whether a session is running.)
Lecture recordings
The lectures are recorded – see the list of Frequently Asked Questions.
But please note that recordings do sometimes fail – so if you can attend the lecture in-person , it’s recommended.
Time required
Note that materials presented during class sessions do not define the whole unit. A six-point unit is deemed to be equivalent to one quarter of a full-time workload, so you would be expected to commit 10–12 hours per week to the unit, averaged over the entire semester. Outside of the contact hours (4 hours per week) for the unit, the remainder of your time should be spent reading the recommended reading, attempting exercises and working on assignment tasks.
Preparing for lectures
The schedule contains the list of recommended readings for each topic. To gain maximum benefit from the lectures, I recommend you review these before attending class.
Who’ll be helping in labs
Our facilitators for labs are:
- Carl Alvares
- Nicodemus Ong
- Santiago Rentería
Assumed knowledge
- Prerequisites
-
Completion of 12 points of programming-based units is a prerequisite for enrolling in CITS3007 – it’s assumed that you are familiar with programming in at least one of Python, C or Java from these prerequisites. Please let the Unit Coordinator know as soon as possible if this is not the case.
- Advisable prior knowledge
-
- This unit assumes a working knowledge of C programming, and programming assignments will use the C11 standard. It’s therefore advisable (although not required) to complete CITS2002 Systems Programming – which introduces the C programming language – before enrolling in CITS3007. On average, students who had completed CITS2002 before attempting CITS3007 did better last year than students who had not – see “Do I need to have completed CITS2002 before enrolling in CITS3007?” on the FAQ page.
- Aspects of C programming will be reviewed in CITS3007, but at a brisk pace (1 review lecture). See C programming resources on the Resources page for more details.
- The unit assumes you can navigate a Unix-like system using the command line, and are familiar with the basics of operating system implementation. See the Linux command line and operating systems on the Resources page for more details.
Expectations
It is expected that you will act professionally at all times, both face to face and via electronic media. Please see the UWA Code of Conduct, which is founded on the UWA Code of Ethics.
It is also expected that you act ethically in your studies. You will have completed the Academic Conduct Essentials unit, which explains what is appropriate and inappropriate academic conduct.
It is expected that you regularly (at least twice a week) check the discussion forum for the unit (help3007) for announcements. (You can also set up an email subscription to the discussion forum as follows – see the FAQ page for details.)
It is expected that you keep reliable backups of your work, as computer and/or IT failures are not grounds for special consideration.
Policies
Before undertaking this unit, students are strongly encouraged to read the university policies that apply to this unit: