Secure Software Engineering 

Professionals based in industry who have interest in cybersecurity. The micro credential will prepare professionals for a rewarding career; for example, to take a role as a security manager, security engineer, security analyst, or IT security specialist.

On successful completion of this micro-credential, you will be able to:

• Identify key security concepts (assets, requirements, vulnerabilities), threats and attacks to software systems;
• Distinguish the most common classes of vulnerabilities, including architectural flaws and security bugs, in software projects;
• Select countermeasures that could be applied to mitigate vulnerabilities;
• Identify and exploit security vulnerabilities in software projects using security testing;
•  Design secure software and develop patches to remove vulnerabilities from existing software projects;
• Specific security and privacy requirements, including compliance with necessary standards and regulations;
• Work in teams, share work fairly and meet the obligations set by the group;
•  Be curious about latest security vulnerabilities and patches;
• Actively promote security practices.

Topics will cover:

• • Web application development using SpringBoot
  • Security design flaws
  • OWASP Top 10 Vulnerabilities;
  • Security testing: penetration testing, dynamic application security testing, static application security testing, and interactive application security testing;
  • OWASP Application Security Verification Standard (ASVS);
  • Secure Development Lifecycle such as the Microsoft Secure Development Lifecycle (SDLC);
  • SDLC assessment via the Building Security In Maturity Model and the OWASP Software Assurance Maturity Model;
  • Security requirements specification using adversarial thinking, threat modelling, attack trees and abuse cases.

This holistic and well-rounded course will be of interest to executives and professional/technical staff who:

• need to acquire knowledge and skills to equip themselves better for their current role.
• want to gain a promotion.
• want to open up new career opportunities for themselves in cyber security related roles.
• are interested in doing some research in this field, perhaps in relation to a current work problem.
• want to gain a qualification to add to their standing and credibility within their professional life.

Pre-recorded lectures will be complemented with live activities, such as tutorials, discussion forums hands-on exercises using vulnerable software applications. The assessment approach will be based on in-class activities and project work.

Minimum of 2.1 honours bachelor’s degree in Computer Science (or a cognate discipline) or 2:2 honours bachelor’s degree in computer science (or a cognate discipline) and equivalent (> 5 years) industrial experience in software development or software/system security.

Each applicant will be assessed on a case-by-case basis.Applicants whose first language is not English must also demonstrate English language proficiency of IELTS 7.0 (no band less than 6.5 in each element), or equivalent.

Assignment: Implementation of a web application using SpringBoot (Throughout the Trimester); Assignment: A report that identifies and describes the vulnerabilities that are present in the web application developed by another team and showcases how these vulnerabilities can be exploited (Throughout the trimester); Assignment: Implementation of an improved version of the web application developed in Assignment 1, with the objective to remove the vulnerabilities identified by another team in Assignment 2. (End of Trimester); Continuous Assessment: Journalling activities describing how vulnerabilities can be exploited and prevented (Throughout the Trimester)

The lecturer will provide students examples of security testing techniques and strategies to prevent vulnerabilities that the students should apply in their group projects. At the end of each group project, the lecturer will provide written feedback to each group using an instructional rubric. The second group project will be peer-reviewed by a different group of students who will provide written feedback following a given set of assessment criteria.

• Leadership in Security COMP47800
• Applied Cryptography COMP47890
• Risk Assessment and Standards COMP47900
• Secure Software Engineering COMP47910
• Information Security COMP47920
• Cybersecurity Law LAW42160
• Incident Response COMP47870
• Network Security COMP47880
• Malware Analysis COMP47810
• Ethical Hacking COMP47860

Please note: Learners can avail of only one form of funding per application. 

Micro-Credentials Learner Fee Subsidy-Human Capital Initiative Pillar 3

The HCI Pillar 3 Micro-credential Learner Fee Subsidy has been introduced to enable more learners to address critical skills gaps and engage with lifelong learning through micro-credentials. The HCI Pillar 3 Micro-credential Learner Fee Subsidy is funded by Higher Education Authority (HEA) and the Department of Further and Higher Education, Research, Innovation and Science. 

HCI Micro-credential Learner Fee Subsidies are available on identified micro-credentials only and in fixed numbers from March 2024 until October 2025.  

Please see Eligibility Criteria for further information.    

If you have any questions about this micro-credential, or would like to speak to a UCD staff member, please contact (opens in a new window)microcredentials@ucd.ie.