In this course provided an in-depth study of the underlying principles of the design and development process of secure software. We reviewed traditional software development models and how they have changed over time. Additionally, we reviewed learned about the importance of having a security strategy before starting development - helping to ensure that systems are secure by design. As a practical exercise for the course, the students worked in teams to develop requirements and plans for a secure supply chain software.
Our section focused on the Reporting and Alerts Engine of the tool. As part of the exercise, we started with the functional and business requirements. From there, we built out the technical specifications as well as the testing to assure that the product satisfied the specification. Here is a link to the assignment.
Here are some of the references we found helpful in building this plan: