Welcome to the course, Principles of Secure Coding. This course is the first of four courses in
the specialization, secure coding practices
brought to you by UC Davis. I'll be your instructor
for this course. My name is Matt Bishop, and I'm a professor in the department of
Computer Science, at the University of
California at Davis. I do research in, and teach computer security. One of my areas of interest
is vulnerabilities analysis, and many of the types of
vulnerabilities arise from poor, or non-secure code
programming practices. This led to my interest in what is called
secure programming. I began studying and
writing about it in 1986, and have been involved
with it ever since. This course provides
the basics of robust or secure programming. We'll look at
some underlying ideas that will appear
in other modules, and go through a detailed
example of writing robust code. In doing so, we'll see many
common programming problems, and show their
connection to writing robust secure programs
in general. Let me give you
a quick overview of what we will be covering
in the modules. In Module 1, we will
define secure programming, how it is related to the more general problem
of robust programming, and delve into the secure
programming philosophy that underpins how
we approach coding. In Module 2, we will look at eight design principles
which govern secure coding, and discuss how to apply these principles to
your coding endeavors. Then Module 3 exposes examples
of poor coding techniques. We will discuss
how design choices will drive implementation
in coding. As we conclude with Module 4, I'll introduce and
explain informal, formal, and ad hoc
coding methodologies. I'll provide
checklists, which will help you focus your attention, and apply good programming habits to your secure
programming projects. In addition to the video lessons, you will supplement
your learning with further reading and
practice exercises. Whether you are
learning as a means to move up in
your current position, or to be able to step into
a promising career in the rapidly changing field
of secure coding, this course will help
you achieve those aims. I'm happy to be your instructor, and I look forward to sharing my experience with
you on this journey. Let's begin with
the first module.