PGDCoursesBrochures

Logo
Separator

PG Diploma in Advanced Secure Software Development



Register for C-CAT| C-CAT Candidate Login | Download Admission Booklet

Advancements in digital technologies are rapidly transforming the world and in order to sustain in IT industry it is very important to upgrade the technical skills in line with latest developments along with strong programming basics. PG Advanced Secure Software Development (PG-DASSD) course focuses on security requirements for modern software development with equal emphasis on programming foundations to make the students suitable to work in IT industry from day one. Course gives special emphasis to the emerging technologies such as Blockchain Technology and Machine Learning and their use cases in Cyber Security.

In today's scenario, Cyber Security threats are majorly addressed reactively, but by following proper Software Security practices we can minimize the attack surface and address this problem proactively. Therefore Software Security knowledge is the requirement of every Software Engineer. Software Security aspects including Secure Software Development Life Cycle are focussed as separate modules and also relevant topics are built in every module of the course. The course focuses on Programming Basics, Linux System Programming, Secure Network Programming, Software Security, Secure Web Application Development & Java Programming, Secure Android Programming and Emerging Technologies such as Blockchain and Machine Learning for cyber security. Project work would focus on solving Cyber Security problem using Machine Learning and Blockchain Technologies.

Graduate in Engineering or equivalent (e.g. BE / BTech / 4-year BSc Engg/ AMIE / DoEACC B Level) in IT / Computer Science / Electronics / Telecommunications / Electrical / Instrumentation with minimum 55% marks in the qualifying degree

OR

Post Graduate Degree in Engineering Sciences with corresponding basic degree (e.g. MSc in Computer Science, IT, Electronics) with minimum 55% marks in the qualifying degree

OR

MCA with minimum 55% marks in the qualifying degree

The course fees of Post Graduate Diploma in Advanced Secure Software Development (PG-DASSD) is INR. 90,000/- plus Goods and Service Tax (GST) as applicable by Government of India currently @ 18%.

The course fees has to be paid in two installments:

1. First Installment of INR 10,000/- plus GST @ 18% at the time of counseling.
2. Second Installment of INR 80,000/- plus GST @ 18% as per schedule before joining the PG - DASSD course.
  
    • Basics -
      1. Introduction to GNU Tool chain, Linux environment and VI editor
      2. Tokens of C - Keywords, Data-Types, Variables, Constants, Operators, Identifiers
      3. Storage Class Specifiers, Control Flow Statements, GNU Make utility
      4. Arrays, Multidimensional arrays, Data Input & Output
      5. Strings, Loops - for, while etc., Functions and Recursion
    • Advanced -
      1. Pointers - Intro, Pointer Arithmetic, Pointers and Arrays, Pointers and Functions, Pointers and Strings
      2. Structures, Unions, Enum, Typedef, Bit field operators and pointers with structures
      3. Preprocessors, C and Assembly, Files, I/O, Variable No. of arguments, Command Line arguments
      4. Error handling and debugging with GNU GDB
    • Low Level Security -
      1. Memory layout, Calling Conventions - cdecl, std, fastcall,
      2. Format string problems, Stack Overflow, Buffer Overflow, Integer Overflows
      3. Introduction to various C standards
      4. Secure Coding in C - SEI CERT C coding standard
    • Complexity of Algorithms - Space and time complexity
    • Linked Lists, Stacks, Queues
    • Sorting algorithms - Bubble, selection, insertion, quick, merge and heap sort
    • Searching algorithms - linear and binary search
    • Hashing - collision, collision resolution techniques
    • Trees - Binary trees, Binary search trees, AVL trees
    • Graphs - terminology, breadth first and depth first traversals, spanning trees, minimum spanning tree algorithms, shortest path algorithms
    • Pattern Matching algorithms
  
    • OS Organization, Architecture, Structure and Operations.
    • Process Management - Processes, Threads, Concurrency, Process Synchronization, CPU Scheduling, Static and Shared Libraries.
    • Memory Management -  Main Memory and Virtual Memory
    • Filesystem Management - File System interface
    • Introduction to Virtualization Technologies - Type 1 and Type 2, Hypervisor, Paravirtualization, Full Virtualization, cgroups (control groups) and containers etc.
    • IPC mechanisms  - Pipes, Named Pipes, FIFOs, Message Queues, Mutexes, Condition Variables, Read Write locks, Semaphores, Shared Memory
    • Access Control Mechanisms - Discretionary Access Control & Mandatory Access Control.

Software Security

80 Hours  
  
    • Basic cryptography and programing with Crypto API
    • Code Injections, Memory safety, Type safety, ret2libc, ROP, Control flow integrity etc.
    • Introduction to Vulnerability, Threat, Attack, Bug, Exploit.
    • Secure Software Development Lifecycle - Threat Modeling etc.
    • Usability Aspects of Security - HCI, prototyping, security evaluation.
    • Malware and antivirus technologies.
    • Program Analysis - Static Analysis,  Dynamic Analysis, Symbolic Execution etc.
    • Static Analysis - Software reverse engineering methods overview, Exploring software binary formats – PE, ELF etc.
    • Exploit development
    • Dynamic/Runtime analysis – Executing binaries in controlled environment
    • Overview of protection mechanisms – obfuscation etc.
  
    • Introduction to TCP/IP Networking Stack
    • Socket Programing - TCP sockets and TCP Client-Server, I/O Multiplexing, UDP Sockets, Non-Blocking IO & IOCTL
    • Programing with PCAP Library
    • Open SSL programing.
  
    • Web Application Architectures
    • HTML, JavaScript, TypeScript and CSS
    • Web API (REST)
    • MEAN Stack (Mongo, Express, Angular and Node)
    • Web Application Security - SQL Injection, Hidden fields, Cookies, Session Hijacking, CSRF, and CSS etc.
    • OWASP Top 10
  
    • Introduction
      1. Object Oriented Programming and concepts
      2. Java language and its features, JDK, JRE and JVM
      3. Basic Programming Constructs - Charset, identifiers, data types, variables, constants, literals operators, decision making statements (if, switch), iterative statements (while, do, for and for-each), jump statements (break, continue and return) and keywords
      4. Classes and Objects
    • Data and methods members
      1. Types of variables and their scope, Creating objects, Constructors, Overloading, Parameter passing in Java, this and static keywords
    • JVM and Garbage Collection
      1. Java Virtual Machine and subsystems, Class loading and Execution Engine systems, Java runtime memory system,
    • Inheritance and Polymorphism
      1. Visibility modifiers, extends and super keywords, Abstract classes
      2. Run-time polymorphism, Interfaces, Inner classes, Anonymous inner classes
    • Packages and Wrapper Classes
      1. Importing  packaging, Defining custom packages, Wrapper classes, Modifiers in Java
    • Exception Handling
      1. Introduction to exceptions – checked and unchecked
      2. Java’s exception handling mechanism, Writing custom exceptions in Java
    • Arrays and Strings
      1. Arrays, Strings, String constant pool, String comparison and methods, Stringbuffer and Stringbuilder classes
      2. Command line arguments
    • IO Streams
      1. Text Streams – Reader and Writer
      2. Byte Streams – InputStream and OutputStream
      3. File IO –Filereader and Filewriter , Processing Buffers
      4. Ways of reading data from Keyboard
    • Multi-Threading
      1. Concept of Thread and thread life cycle, Creating a thread, Thread class and its methods
      2. Thread synchronization and inter thread communication
    • Java Collection Framework:
      1. Need of collections in Java, Key interfaces of Collection Framework – Collection, List, Set, Queue, Map, etc.,
      2. Legacy and non-legacy collection classes
      3. Iterators and Enumerator, Utility classes – Collections and Arrays
      4. Exploring java.util package – Date, Calendar, Scanner etc.
    • Generic Programming in Java
      1. Introduction, Writing a Generic Class
      2. Passing Objects of a Generic Class to a Method, Writing Generic Methods
      3. Constraining a Type Parameter in a Generic Class
      4. Use of wildcards – upper and lower bounds
    • Secure Coding in Java
      1. SEI CERT Java coding standard
    • Design Patterns in Java
  
    • Android Basics
      1. Overview of Android Platform & Android Building Blocks
      2. Overview of Android Application Components (Activity, Intents, Broadcast Receiver, Content Providers, Service)
      3. Android Permission Model and Application Sandboxing
    • Android application development
      1. Android GUI Development and Event Handling
      2. Programming on Android Application components
    • Android development using third party libraries
      1. Retrofit,
      2. Picasso
    • Secure Coding in Android
      1. SEI CERT Android coding standard
      2. Secure data storage options in Android
    • Security assessment of Android applications
      1. Reverse Engineering & Obfuscation techniques
      2. Static and Dynamic analysis with open source tools
      3. MASVS OWASP as Security assessment case study
    • AOSP introduction & build process
  

Machine Learning

  • Linear Algebra Fundamentals
  • Python Programming
  • Python for Machine Learning (Numpy, Pandas, Matplotlib, Scikit-learn)
  • Supervised, Unsupervised and Semi-supervised Learning
  • Data pre-processing
  • Linear Regression and Classification
  • Decision Tree
  • Logistic Regression
  • Gradient Descent
  • K Nearest Neighbor (KNN)
  • Support Vector Machines (SVM)
  • Evaluating Regression models and Classification models
  • Clustering
  • K-Means
  • Ensemble Methods, Combing weak learners, Bagging and random forest
  • Introduction Neural network
  • Overview of Deep Learning

  • Blockchain Technology
  • Fundamentals of Cryptography (Encryption and Hashing, PKI)
  • Introduction to Blockchain Technology and Its evolution
  • Distributed Databases vs Blockchain Ledger
  • Types of Blockchain
  • Cryptocurrency Case study - Bitcoin
  • Blockchain Components
    • Smart contracts
    • Consensus Protocols (Proof of *, BFT, Paxos etc
    • What is a Merkle Tree and what are possible operations on Merkle Tree?
  • Introduction to Ethereum and Hyperledger
  • Demonstration of Ethereum
  • Blockchain Network Setup Procedure using Hyperledger Fabric
    • Fulfilling technical requirements
  • Writing Smart Contracts in Hyperledger Fabric
  • Invocation of RestAPI on Hyperledger Fabric
  • Deployment of Blockchain Application using Hyperledger Fabric
  • When to use and when not to use Blockchain?
  • Global Scenario and Use cases
  • Building sample application using Hyperledger
  • Security & Privacy Challenges in Blockchain
  

Official & General Conversation, Official Letter Writing, Official Emailing, Essay Writing, Event Reporting, Formal Speaking (Telephone, Face-to-Face, Public Speaking), Oral & Digital Presentation Skills, Listening Skills, Cross-Cultural Communication, Technology-enabled Communication, Confidence Building, Formal Etiquettes, Body Language, Developing Positive Attitude, Personal Goal Setting & Career Planning, Job Search Process, Resumes & Applications / Cover Letters, Handling Interviews, Group Discussions, Audio Synthesis, Mock Interviews

  

Aptitude:

Analogy, Series Completion (Number, Alphabet, Letter Series), Coding, Decoding for Number, alphabet and Letter, Blood Relations, Puzzle Test, Classification Type questions, Alphabet test, Order of words, Letter words problems, Logical sequence of words, Number, Ranking and time Sequence Test, Mathematical operations, Arithmetic reasoning, Logical reasoning, Statement-Arguments, Statement-Assumptions, Statement, courses of Action, Statement, Conclusions, Deriving conclusion from passages, HCF and LCM, Fraction, Number system, Permutation & combination, Ratio & Preparation, Partnership, Average, Percentage, Clock, Probability, Pipes and cisterns, Problem on streams, Time and work, Work and Wages, Problem on Trains, Problem on Speed and Velocity, Problem on Ages, Profit and loss, Simple Interest, Compound Interest

           

General English:

The Sentence, Subject and Predicate, Phrase and Clause, Parts of Speech, The Noun: Kinds of Nouns, The Adjective, Articles, The Verb, Mood, The Adverb, Comparison Of Adverbs, Formation Of Adverbs, Position Of Adverbs, The Preposition, Words Followed By Prepositions, The Conjunction, Some Conjunctions And Their Uses, The Interjection, The Same Word Used As Different Parts Of Speech, Composition, Analysis, Transformation and Synthesis, Analysis of Simple Sentences, Phrases, Clauses, Sentences: Simple, Compound and Complex, More about Noun Clauses, More about Adjective Clauses, More about Adverb Clauses, Analysis of Complex Sentences, Analysis of Compound Sentences, Transformation of Sentences, Transformation of Sentences, Synthesis of Sentences, Synthesis of Sentences, Synthesis of Sentences, The Sequence of Tenses, Direct and Indirect Speech, Agreement of The Verb With The Subject, Nouns and Pronouns, Adjectives, Verbs, Adverbs, Preposition, Conjunctions, Order of Words, Synonyms & Antonyms, Punctuation, Spelling Rules, The Formation of Words, Figures of Speech Exercise, Verb Patterns, Question Tags, Words of Idioms & phrases, Sentence Construction, Fill up the blanks

Project

100 Hours  
   Software Engineering Essentials

i.         Documentation of System Requirements Specification, Design, Test Plan & Test Cases

ii.         Git and bug tracking

iii.         Packaging Documentation - Installation, Help Manuals etc

Agile Software Development

Project Work would be based on cyber security problem using emerging technologies and software engineering practices

The course is designed to provide a comprehensive knowledge from system programing to application development considering latest technologies such as blockchain, machine learning etc. and in parallel providing lateral understanding of security concepts.

It is targeted to the candidates who are interested in learning latest technologies along with the in-depth understanding of programing and security concepts.  The course will enable them to work on current technology scenarios as well as prepare them to keep pace with the changing face of technology and the requirements of the growing IT industry. The course curriculum has been designed keeping in view the emerging trends for cyber security as well as contemporary and futuristic human resource requirements of the ICT industry. 

After doing this course students can work as Application/Web/Mobile/cyber security solution developer, System programmer etc. He / She will be able to use secure software engineering principles.

C-DACs - Advanced Computing Training School
Address
:
Plot No. 6 & 7, Hardware Park, Sy No. 1/1, Srisailam Highway, Pahadi Shareef Via Keshavagiri (Post), Hyderabad
Andhra Pradesh 500016
Telephone
:
040-2373 7127
Contact Person
:
Mr. Sharanabasappa , Senior Technical Officer
Fax
:
040-2374 3382
e-Mail
:
cdachyd[at]cdac[dot]in
Courses
:
PG-DAC, PG-DVLSI, PG-DESD, PG-DSSD, PG-DASSD
C-DACs - Advanced Computing Training School
Address
:
Plot No. 6 & 7, Hardware Park, Sy No. 1/1, Srisailam Highway, Pahadi Shareef Via Keshavagiri (Post), Hyderabad
Telangana 500005
Telephone
:
040-23737127
Contact Person
:
Mr.Sharanabasappa, Senior Technical Officer
Fax
:
040-2374 3382
e-Mail
:
cdachyd@cdac.in
Courses
:
PG-DITISS