Learning Objectives

In this assignment you will demonstrate:

• Familiarity with the vocabulary of secure software design
• The ability to research and articulate technical aspects of, and impacts of, a few known vulnerabilities
• The ability to get through a number of Tom Scott videos on YouTube
• Initial familiarity with some secure design principles
• The ability to write software modules that exhibit validation, immutability, and defensive copying

Read and Watch

Read (to get a feel for secure design by extreme repetition):

• The course notes on Introduction to Security, Software Security, and JavaScript
• This entire article (Security by Design Principles)
• This little blog post (4 principles of secure software design)
• Another little blog post (7 Application Security Principles You Need to Know)
• This little book chapter (Design Principles for Security Mechanisms)
• Sections 1, 2, and 4 of the CTF Primer

Skim:

• The course notes on Java, C, and C++, focusing on the language you will be choosing for your shopping cart implementation for this assignment.

Watch:

• Any five of the Tom Scott videos listed on the first page of course notes.
• Low Level’s How NASA writes space-proof code

Submission Instructions

Submit via BrightSpace, a text or pdf document with:

• The answers to Exercises 1-4 below.
• The URL of the shopping cart project described in Exercise 5. Your shopping cart project must be hosted on an online execution platform such as Replit, where one can easily view and run the code.
• An affidavit that you did all of the assigned readings and watched the assigned videos. If you did not complete the readings or videos, submit a statement detailing the assigned readings or videos that you did not complete with a promise to complete them by the next assignment due date.

Exercises

1. Since writing things down helps you retain information, provide well-written, precise definitions of the following terms, each in ten words or less: (a) Risk (b) Threat (c) Defect (d) Flaw (e) Bug (f) Vulnerability (g) Weakness (h) Failure (i) Exploit (j) Integrity (k) Authentication (l) Authorization. The effort put into composing short definitions should increase your fluency with the terminology. Craft the answers yourself rather than getting a chatbot to do all the work.
2. Give the titles and complete URLs of the five Tom Scott security-related videos you watched (to completion), together with a sentence or two on the purpose or lesson of each video. Make sure the purpose or lesson is accurate and truly central to the video. You can get help from a chatbot to clean up your answer but be aware that if you don’t watch the videos and have the bot summarize it, you may not end up with an accurate answer.
3. A one-paragraph summary of each of the following (you might have to do research outside the assigned reading): Heartbleed, XSS, Billion-Laughs, CSRF. Hit on both the impact of each (economic, societal) and be very precise in your technical explanations. Where relevant, use actual quantities. Pictures are nice but not required. Make your summaries understandable to undergraduate computer science students in their second year. Chatbots might be helpful here, but understand what they say and, if they get way too wordy, clean up their output and put things into your own words.
4. What are the 10 rules from NASA’s Power of Ten described in the video assigned above?
5. Write a shopping cart library (module) in a language of your choice—but one that I know, so check with me first to see if your language choice is okay—together with good documentation and solid unit tests. Don’t use the same language that we used for the class code-along. Although we are only beginning our formal study of secure programming constructs, your task in this assignment is to implement the following requirements as best you can. The readings for this assignment above should help get you in the right mindset. Later lectures and code-alongs will help you fine tune you work so secure programming becomes second nature to you.

   Your module must:

   • Define a new type (or class) for shopping carts, in which a cart must (1) have its own id, (2) hold the id of the customer that the cart belongs to, and (3) the items in the cart along with their quantities
   • Provide a way for users to query the id, customer id, and items from the cart.
   • Ensure that no one can change the cart indirectly by modifying the values (ids, items, etc.) you provided them (you may need to research “immutability” and “defensive copying”).
   • Provide a way for users to add, update, and remove items.
   • Ensure the id and customer id of the cart can never be changed.
   • Provide a method to get the total cost of the items in the cart.
   • Store shopping cart ids as uuid4s. (Find out how to generate them in the language of your choice.)
   • Require customer ids to have the following form: 3 letters, 5 numbers, 2 letters, a dash, and finally an A or a Q. (Always check for valid customer ids. Hint: Most languages have a way to check such things with regular expressions, you should use them if easy to do so.)
   • Ensure negative quantities for any item in the cart can never appear.
   • Check for upper bounds on every quantity as well (you should know why we need bounds like this, pretty much everywhere).
   • Make sure items added to the cart are in some kind of catalog, and are not just made up (hack in) by an adversary.
   • Ensure item names are length-bounded and the characters in the names restricted. (In fact, you should always make sure any string content in your project is bounded. That is an important security principle.)
   • Employ immutability everywhere that it makes to. (Immutability should always be the default.)
   • Maintain integrity at all times. (Do not allow bad data to creep in, ever. If something is wrong, throw an exception or return result objects, according to your language’s culture.)

   The list of security requirements above might not be complete. This assignment is your chance to practice secure development, and perhaps it is your first time doing so. See if you can install a security linter, such as SonarCube, in your development environment.

   Authentication and authorization are not part of this assignment.

   Try to use a popular unit testing framework for the language you choose. If you are not (yet) familiar with testing frameworks, you can write an executable script loaded with assert statements. Strive for complete coverage.

   It is my hope that this exercise is a life-changing way for you to look at software development.

Grading

• For each definition, 1 point, all or nothing. Your writing must be accurate, precise, and grammatically correct, and no more than ten words. (12 points)
• For each video: 1 point for giving the URL (encouragement to follow directions), 2 points for capturing the essence of the video. (3 points × 5 = 15 points)
• For each vulnerability: 1 points that it is in a paragraph form, 1 point for writing well, 3 points for being accurate and complete. (5 points × 4 = 20 points)
• For the Power of Ten problem: one point, all or nothing, for each of the ten rules. (10 points)
• For the shopping cart library: 3 points for giving the link so I can find your code, 10 points that the tests can be found and run, and that they all pass and have good coverage, 5 points that the whole file was formatted well (use an auto-formatter PLEASE), 3 points for good, meaningful names, 7 points for type and bounds validation, 7 points for using immutability or defensive copying so as to not allow malicious updates, and the remaining 8 points are awarded for checking off every requirement according to the specification. (43 points)