New Training Course: Building Highly Dependable Software for Secure and Safety Critical Systems

Whether you write software that runs in insecure environments, safety critical systems that protect lives or just software that has to survive whatever your users throw at it that day, building highly dependable software begins with robust designs and high-quality, bug-free code.


The difference between a garden variety bug and a security vulnerability lies in how close that bug is to an attack surface. The difference between a recoverable system error and a fatal safety fault depends on how well the designers have built a fail-safe system. But how do you tell the difference? If you write high-quality, bug-free code on robust architectures you are most of the way to having secure, highly dependable systems.


So how do you build safe, secure architectures and write high-quality, bug-free code? In this class we’ll learn how to design, write, review and test code to its highest quality. And in the process, we’ll learn how to build highly dependable systems.


Among the topics we’ll cover:

  • Why systems fail
  • Architecture analysis
  • Threat Modeling techniques
  • Code review techniques for safety and security
  • Penetration techniques and tools
  • Secure designs, code structure and hardened code
  • Designs for safety critical applications
  • Test case development
  • Testing strategies and tools for safety and security
  • Static Analysis
  • Dynamic Analysis
  • Fuzz Testing
  • Best practices for software design

This is a highly interactive class that begins with an exercise where the class works to penetrate into a live system exploring how simple mistakes can lead to large vulnerabilities. Then we move through the design process, development and test and finish out with goals for building more secure, robust and safe systems.

 

The 2-day training course is held onsite and it best suited for 20-25 students. Larger classes can be arranged but due to the highly interactive nature of the training a second class may be necessary. An expanded version of the training is also available using the client’s code base and architecture.

For pricing and availability please contact me at: mbutler@laurellye.com.