Tutorial Jungwoo Ryoo: Secure Software

Guest tutorial Jungwoo Ryoo: Foundations, Design and Management of Secure Software

Software security is becoming increasingly important due to numerous emerging threats exploiting software vulnerabilities.

This course begins with a broad overview of various software security threats and some of the most effective countermeasures used to thwart them. More specifically, software practitioners will learn how to build security into their software products throughout their lifecycle, using best practices and tools to minimize the chance of falling victim to a software attack.

This course will also provide a comprehensive coverage of practical knowledge in how to design secure software as well as insights on the significance of the role secure design plays during the software development life cycle. Some of the critical topics covered in this course include secure design principles and processes in addition to fundamental security concepts such as access control and encryption. This course also devotes a significant amount of time to discussing well-known secure design solutions, including architectural patterns and design patterns focusing on security countermeasures and concludes with the discussion of software security analysis and evaluation as mechanisms to assess the effectiveness of the secure design solutions implemented in the form of source code.

*******

Jungwoo Ryoo is an associate professor of Information Sciences and Technology (IST) at the Pennsylvania State University-Altoona. Dr. Ryoo is also a graduate/affiliated faculty member of the college of IST at Penn State. He is a technical editor for the IEEE Communications Magazine and working with IEEE and Software Engineering Institute (SEI) as a consultant. His research interests include information assurance and security, software engineering, and computer networking. He is the author of numerous academic articles and conducts extensive research in software security, network/cyber security, security management (particularly in the government and medical sector), software architectures, architecture description languages (ADLs), object-oriented software development, formal methods and requirements engineering. Many of Dr. Ryoo's research projects have been funded by both state and federal government agencies. He also has substantial industry experience in architecting and implementing secure, high-performance software for large-scale network management systems. He received his Ph.D. in Computer Science from the University of Kansas in 2005.