Graduate Studies Reports Access

Graduate Course Proposal Form Submission Detail - CIS6373
Tracking Number - 5039

Edit function not enabled for this course.

Current Status: Approved by SCNS - 2015-02-01
Campus: Tampa
Submission Type: New
Course Change Information (for course changes only):
Comments: In review 9/4/14; to GC. Approved. To USF Sys 11/4; to SCNS 11/12. Approved effective 2/1/15

Detail Information

  1. Date & Time Submitted: 2014-07-03
  2. Department: Computer Science and Engineering
  3. College: EN
  4. Budget Account Number: 2108
  5. Contact Person: Jay Ligatti
  6. Phone: 40908
  7. Email:
  8. Prefix: CIS
  9. Number: 6373
  10. Full Title: Foundations of Software Security
  11. Credit Hours: 3
  12. Section Type: C - Class Lecture (Primarily)
  13. Is the course title variable?: N
  14. Is a permit required for registration?: N
  15. Are the credit hours variable?: N
  16. Is this course repeatable?: N
  17. If repeatable, how many times?: 0
  18. Abbreviated Title (30 characters maximum): Fdtns of Software Sec
  19. Course Online?: C - Face-to-face (0% online)
  20. Percentage Online: 0
  21. Grading Option: R - Regular
  22. Prerequisites:
  23. Corequisites:
  24. Course Description: Introduction to research in foundations of software security. Basic static and dynamic enforcement of security policies. Roles and meanings of policies, properties, mechanisms, and enforcement. Language-based security and tools for specifying security.

  25. Please briefly explain why it is necessary and/or desirable to add this course: Replacing Selected Topics with Permanent number; already listed in program
  26. What is the need or demand for this course? (Indicate if this course is part of a required sequence in the major.) What other programs would this course service? This course has been offered 6 times already at USF as a special topics course (CIS 6930). It should have a permanent course number. Enrollment is typically around 20 students.
  27. Has this course been offered as Selected Topics/Experimental Topics course? If yes, how many times? Yes, 3 or more times
  28. What qualifications for training and/or experience are necessary to teach this course? (List minimum qualifications for the instructor.) Doctorate plus research expertise in the area of software security.
  29. Objectives: Upon successful completion of the course, a student will have a foundation of understanding major research in software security to date, will be able to read and understand new software-security research papers, and will be able to write about and present their own software-security research.
  30. Learning Outcomes: Upon successful completion of the course, a student will be able to demonstrate attainment of the course objectives by communicating the key ideas of existing software-security research papers and presenting their own, novel software-security contributions.
  31. Major Topics: Enforceability theory, stack inspection, policy-specification languages; mobile-device security, trends in software-security vulnerabilities; buffer overflows, code injections, XSS, mechanism usability, game security, privacy/anonymity, side-channel attacks, noninterference and information flow, control-flow integrity, data integrity, DRM, and backdoors.
  32. Textbooks: None; all readings are research papers or other articles posted online.
  33. Course Readings, Online Resources, and Other Purchases: Course readings may vary semester to semester and will be posted on the course webpage.
  34. Student Expectations/Requirements and Grading Policy: There will be approximately 20 in-class quizzes, in addition to graded peer reviews, proposal and final presentations of novel research projects, and a final research paper. The final grade is broken down as follows:

    40% Quiz average

    5% Peer-proposal reviews

    10% Research project: Proposal presentation

    10% Research project: Final presentation

    35% Research project: Final research paper

  35. Assignments, Exams and Tests: This course has none.
  36. Attendance Policy: Course Attendance at First Class Meeting Policy for Graduate Students: For structured courses, 6000 and above, the College/Campus Dean will set the first-day class attendance requirement. Check with the College for specific information. This policy is not applicable to courses in the following categories: Educational Outreach, Open University (TV), FEEDS Program, Community Experiential Learning (CEL), Cooperative Education Training, and courses that do not have regularly scheduled meeting days/times (such as, directed reading/research or study, individual research, thesis, dissertation, internship, practica, etc.). Students are responsible for dropping undesired courses in these categories by the 5th day of classes to avoid fee liability and academic penalty. (See USF Regulation Registration - 4.0101,

    Attendance Policy for the Observance of Religious Days by Students: In accordance with Sections 1006.53 and 1001.74(10)(g) Florida Statutes and Board of Governors Regulation 6C-6.0115, the University of South Florida (University/USF) has established the following policy regarding religious observances: (

    In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. Its the responsibility of the student to monitor Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.

  37. Policy on Make-up Work: Students must arrange make-up work with the instructor. In all cases, students must adhere to the University Policy on Academic Integrity (please refer to the Graduate Catalog for details).
  38. Program This Course Supports: Computer Science and Engineering
  39. Course Concurrence Information: This course could be used as an elective in USF's new Master's of Cybersecurity program.

- if you have questions about any of these fields, please contact or