ICT secure software
SECURITY validation is a crucial aspect that can be learned through the Secure Software in the Technical Vocational Learning track in senior high school that is ICT, or the Information and Communications Technology.
Major security aspects are explained. An overview is given of the software security domain. By means of an example, an overview is given of possible threats and weaknesses in software applications.
The introduction of Secure Software to SHS students will also touch on memory vulnerabilities, attacks and defenses. In this part, we study major problems with software written in low-level languages such as C/C++. If such software accesses the memory in an unsafe manner, it can be attacked by hackers or malware. During an attack, sensitive information can be leaked, or control over the computer system can be taken over.
Also, Secure Software is in-charge of safe programming languages. This part focuses on safe programming languages that are immune for memory vulnerabilities and data races.
Secure Software also presents micro-architectural attacks. Earlier, we show how recently discovered vulnerabilities in processors and chips allow to leak or modify the memory of privileged programs. This part focuses on side-channels, rowhammer and state-of-the-art attacks like meltdown and spectre.
Access control is another highlight of Secure Software which part studies different access control models and mechanisms.
Security of untrusted code is also an essential part of Secure Software that studies and measures built in virtual machines and operating systems to execute code orginating from possibly untrusted locations. Examples are applets, software updates.
Lastly, with the introduction of Secure Software in ICT, students can learn about the reverse engineering and anti-reverse engineering with study tools and techniques that can be applied by crackers to analyse and modify prio software, and how developers can defend. (
Paid article)